Cisco focuses on endpoint security

The first set of products under Cisco's Network Admission Control programme has been released.

Cisco Systems has rolled out the first set of products under its Network Admission Control programme, which is designed to help companies enforce security policies on network endpoint devices such as PCs and mobile systems.

The company also said it will seek broader participation from third-party security software vendors in response to complaints that the NAC programme is too proprietary.

Currently, Network Associates, Symantec and Trend Micro are the only companies working with Cisco on the endpoint effort, which was announced last autumn.

Among the products released last week was software called Cisco Trust Agent. Cisco said the agent technology can be used on servers and client systems to collect security-related data such as operating system patch levels and the status of antivirus tools.

The software sends the data to NAC-enabled routers, which decide whether or not to allow devices to access networks.

Cisco's NAC technology addresses a growing need for companies to protect not just their network perimeters but also the devices connecting to them, said Ken Kucera, a senior vice president at First National Bank of Omaha.

But to be useful to more users, Cisco must let more security vendors hook into the NAC architecture, said Joel Conover, an analyst at Current Analysis.

For instance, Cisco Trust Agent collects security information only from antivirus software sold by Network Associates, Symantec and Trend Micro. Rival products draw information from more security tools, including host-based intrusion-detection systems and firewalls.

So far, Cisco has been reluctant to let other vendors participate in the NAC effort, said Fred Feldman, vice president of marketing at Zone Labs. "Our concern is that they will use their position to freeze best-of-breed vendors out of the market," Feldman said.

Jaikumar Vijayan writes for Computerworld

Read more on IT suppliers