The company has a dominant share of the network market and its products are increasingly a target for hackers. Threats like the Cisco Global Exploiter hacker toolkit, released last month, have made managing network security on a Cisco-based infrastructure a high priority for IT users.
Cisco has made a number of acquisitions recently to boost its portfolio of security products. These include buying Twingo, a provider of mobile data protection, personal firewalls and IPVPN products, in March.
The Burton group praised the breadth of security products available from Cisco but said the company should improve its security management.
Fred Cohen, principal analyst at Burton Group said, "Ciscooffers point solutions to reduce operational complexity in some cases, but the lack of a comprehensive management system is problematic."
Simple network security management is important, not only when users need to patch against a direct attack on their Cisco in-frastructure, but also to reduce the damage caused by viruses and worms like Sasser and MS Blaster. Users could lock these out by reconfiguring firewalls or using router access control lists to block the IP ports used by the worm.
But according to Phil Cracknell, an independent securityexpert and chief technology officer at Netsurity, 95% of internal routers do not screen IP ports used by worms,
He said, "Many companies do not generally screen against worms using their routers be-cause it takes effort to monitor the network." Cracknell said suppliers such as Cisco could make this easier by offering templates and downloadable ACLs to allow users to lock down their networks. "At the very least suppliers should offer a list of IP ports users would commonly find open in their networks," he said.
A spokesman for Cisco said the company had made a significantinvestment in embedded managers for a number of its security and monitoring products.
The Burton report found that Cisco was unable to offer the automation tools to control access within a large infrastructure.