Cisco Systems has claimed that new hardware and
enhancements to a number of its software products will make
computer networks more resilient to attack.
Cisco unveiled new virtual private network hardware and new
features for the Internetwork Operating System (IOS) and Security
Device Manager software to support firewalls and spot the source of
denial-of-service attacks.
The latest products and features are part of Cisco's
Self-Defending Network strategy to create "autonomic" responses to
network security threats.
On the hardware side, Cisco extended VPN support to the 7301
Router, so that it can support 370Mbps VPN throughput in addition
to a firewall, routing and quality of service management
features.
Cisco also added a new device to its 3000 line of VPN
concentrators: the VPN 3020 Concentrator. It has integrated IPSec
(Internet Protocol Security) and SSL (Secure Sockets Layer) remote
access features and can support up to 750 concurrent VPN users
using IPSec and up to 200 users in SSL mode.
On the software front, Cisco unveiled a number of security
features that come with IOS Software Release 12.3T.
The IP Source Tracker is an IOS-based security tool that allows
IT managers to access Cisco routers using a special "management
channel" even when they are the target of a DoS attack.
New command-line interface features in IOS give administrators
more control over access to security operations by allowing them to
restrict access to features based on administrative roles.
The company also announced better firewall support from IOS that
will enable IT administrators to divide their network into "trust
zones" based on IP addresses. A new software product, the Cisco IOS
Firewall for Internet Protocol version 6 (IPv6), supports
inspection of both IPv4 and IPv6 traffic and protocol anomaly
inspection.
IPv6 is a new IP version formalised in a set of specifications
from the Internet Engineering Task Force. Among other things, IPv6
lengthens IP addresses from 32 to 128 bits, which will accommodate
a new generation of "networked" devices.
A new version of the Cisco Security Device Manager features
start-up wizards that make it easier to deploy security products,
update Cisco router configurations and lock down network security.
Security Device Manager version 1.1 also extends support to the
Cisco 7200 series router, the company said.
Paul Roberts writes for IDG News Service