At the Networld+Interop trade show in Las Vegas, USA, Cisco announced the IDS 4250 device for high-speed intrusion detection, the IDS 4235 for small and medium-sized companies and version 3.1 of its IDS software with Web-based management capabilities.
Detecting known threats as well as unexpected network behaviour that signals a potentially debilitating new type of attack is increasingly difficult as new types of attacks proliferate. Protection should be put in place at several locations in a corporate network because of the threat of attacks from within and from "back doors" into the system, Tom Russell, director of product marketing at Cisco, said.
"We take a posture of 'IDS everywhere,'" Russell said. "You want to be able to sense potential threats just about anywhere throughout your network." The networking company offers IDS capability in routers and switches as well as server-based software.
Cisco's 4250 appliance is designed to secure high-speed wide-area-links or big pipes within corporate campuses, offering intrusion detection on about 500Mbps of traffic, Russell said. In addition, a hardware upgrade expected by the end of this year will roughly double that performance, he said. The device can support both copper and fibre 1Gbps interfaces. Although high-speed Cisco routers can also be equipped with some IDS capability, such as protection against denial of service attacks, protecting against a wide variety of threats takes a lot of processing power and is better left to a dedicated appliance, Russell said.
For companies with lower speed connections to a wide-area network, and for departments within an enterprise, Cisco has rolled out the IDS 4235, with 200Mbps performance. It offers 10/100/1000Mbps copper Ethernet support. Both devices fit into a standard rack and are 1U (1.75 inches or 4.4 centimetres) high.
The new version of software for Cisco's IDS appliances, including three other appliances in addition to the newly introduced products, features Device Manager software for Web-based management capability. The software, designed to be embedded into the devices, allows administrators to manage the appliances from a Web browser, with Secure Socket Layer security, using software wizards to guide the process.
Also included in the new version is IDS Event Viewer software, which lets administrators view events graphically as they occur and also view trends. The software can support as many as three devices.
The 4250 is priced at $25,000 (£17,051). The 4235 costs $12,500 (£8,526), which Russell described as breakthrough pricing that can make high-speed IDS available to smaller enterprises. Both of the new software offerings are free. The new software and appliances are available now worldwide.