Cisco and partners build self-defence networks

Cisco Systems has developed a program which is claimed to do more to protect computer networks than intrusion detection systems...

Cisco Systems has developed a program which is claimed to do more to protect computer networks than intrusion detection systems and firewalls.
John Chambers, president and chief executive officer of Cisco, said the Cisco Network Admissions Control (NAC) programme will prevent infections such as the recent Blaster and Slammer worms by scanning devices when they attempt to connect to a corporate network.
Developed in conjunction with anti-virus suppliersNetwork Associates, Symantec and Trend Micro, Cisco said the initiative will tackle the risks posed by mobile and remote workers who connect to corporate networks.
The NAC essentially detects non-compliant devices - those that may harbour viruses - and denies network access or quarantines the device until the network administrator can correct the problem.

NAC's underlying technology - Trust Agent - is installed on laptops, home PCs and mobile devices that connect to corporate networks, said Charles Giancarlo, a senior vice-president with Cisco. Trust Agent determines certain levels of security, such as whether a device has been recently patched or has the latest virus recognition files.
"The explosion of wireless, mobile devices and pagers has made the corporation much more vulnerable to attack," said George Samenuk, chief executive officer of Network Associates.
"We need automated and proactive solutions that can defend against threats immediately when they occur," Chambers said.
Network Associates, Symantec and Trend Micro have licensed the Trust Agent software from Cisco and will be integrating it into their own software clients.
For investment firms such as Morgan Stanley Individual Investor Group, keeping assets and strategic information safe is a critical task.

According to Lance Braunstein, chief information security officer with the financial services firm, Cisco's strategy will enable Morgan Stanley to apply consistent security policies to machines that access the company's network.
The programme marks a shift in tactics for addressing threats, according to Chris Christiansen, an analyst at IDC. "There's a recognition that the network is the true destination of the attack and that routers and switches need to have the ability to protect the network."

Cisco expects the first NAC roll out by the middle of next year, but said it plans to roll out the program in-house now.

Carly Suppa writes for Computerworld

Read more on IT suppliers