Cisco Adds Switch Support To Endpoint Security Tools

Jaikumar Vijayan   Today’s Top Stories    or  Other Networking and Internet Stories  

Leveraging Capabilities in your Existing Cisco Network for Optimized Performance and Troubleshooting What is NetFlow and How Does NetFlow Tracker Help? See Your Traffic Performance Using Capabilities Already Inside Your Cisco Network A New Name on the Enterprise Networks Short List: Juniper The Results are In! Integration Solutions and Interoperability at Organizations Today True Zero Day Protection: The Only Defense Against Evolving Security Threats Computerworld Executive Briefing: Automating Network Management Sign up to receive Security Resource Alerts

October 24, 2005 (Computerworld) -- An upgrade of Cisco Systems Inc.'s Network Admission Control (NAC) technologies, announced last week, adds wider hardware support and several features designed to help companies better protect their networks against insecure endpoint devices.

But network managers and analysts said the fact that the NAC offering is supported only on relatively new networking equipment from Cisco is likely to limit its appeal.

"I think they're moving in the right direction," said Jim Kirby, a network engineer at Wells' Dairy Inc. in Le Mars, Iowa. But adopting NAC anytime soon would be a challenge because of the upgrades that the ice cream processor would have to make to its network infrastructure, he said.

As part of the NAC initiative, Cisco is selling a line of tools that can permit, restrict or deny admission to corporate networks based on the security status of end-user systems. The products include agent software for collecting security data from client systems, network appliances that enforce security rules and a policy management server.

Until now, the technology has been available only on Cisco's routers. But the company said it plans to add support for NAC to its Catalyst switches by the end of next month. And as of last week, the products could be used with Cisco's wireless networking devices.

Cisco is also making it possible for companies to enforce security policies on systems they don't own, such as PCs belonging to contractors and business partners. Cisco is delivering the agentless capability in conjunction with security vendors Altiris Inc., Qualys Inc. and Symantec Corp.

Extending Its Reach

Bob Gleichauf, chief technology officer for Cisco's Security Technology Group, said that more than 60 other vendors are now participating in the NAC program, up from the three partners Cisco had when it shipped an initial set of products in June 2004.

The fact that Cisco has finally extended NAC support to its switches should make the technology more interesting to IT managers, said Joel Conover, an analyst at Current Analysis Inc. in Sterling, Va.

"The closer to the PC or the endpoint that you can provide enforcement, the less chance that some malicious software that is on one PC can spread to others," he said.

Even so, the availability of NAC on only Cisco's equipment could be of some concern to users who don't want to get locked into a proprietary technology, Conover noted. He added that the cost of upgrading to new routers and switches is another potential roadblock for users.

Those are some of the reasons why Tripos Inc. won't be able to adopt NAC in the foreseeable future, said Jerry Wintrode, a senior network architect at the St. Louis-based drug research company.

Tripos uses software from InfoExpress Inc. in Mountain View, Calif., to enforce security policies on the systems of remote employees. The company has developed a homegrown tool for detecting and preventing unauthorized PCs from connecting to its LAN.

Both capabilities are available as part of NAC. But upgrading the switches and network management software Tripos now uses would cost $160,000 to $170,000. Upgrading the InfoExpress suite so it could replace Tripos' homegrown tool, on the other hand, would cost less, at $60,000, said Wintrode.

NEW PRODUCTS

Cisco also had other NAC announcements: An upgraded NAC appliance that includes a new bundled hardware option and preconfigured antispyware checks. Prices start at $8,995. Version 2.0 of its Trust Agent software and Version 4.0 of its Access Control Server. The Trust Agent upgrade is free; ACS starts at $7,995.

Print this Story

Send Us Feedback

E-mail this Story

Digg this Story

Slashdot this Story

"Sometimes, no matter how much you try to protect your computer, you need to get down and dirty with the..." Read more... "Pilot fish at this software company is helping the marketing team plan a user conference. And the networking requirements are..." Read more... Read more Networking posts or See all Blogs

Review: Which 3G network is the best? Analysis: Why Hewlett-Packard wants EDS Srizbi grows into world's largest botnet More top stories...

Hackers create their own social network Hackers hijack a half-million sites in latest attack Phishers scamming IRS rebates, Burma donors

Your help desk career: Dead end or launching pad? A role on an IT help desk is what you make of it, tech pros say — just don't get too comfy. The darker side of Webmail Web-based e-mail may be exposing you to privacy and security dangers you didn't sign up for. Performance showdown: Flash drives versus hard disk drives Ever been tempted to replace the mechanical hard drive in your laptop with a shiny new solid-state disk? Our expert did so, and here's what he found. Xerox touts erasable paper, smart documents PARC showed erasable paper and other technologies that adds intelligence to documents with raw text. Windows Vista A to Z Reviews, analyses, how-tos, visual tours, hot issues and predictions about Microsoft's new OS. More Continuing Coverage After 9/11: Homeland SecurityAsk a Premier 100 IT LeaderBlackBerry Legal BattleData Security BreachesElectronic VotingFirefoxH-1B VisasHP's Boardroom ScandalHandheld DevicesHurricane Katrina AftermathMicrosoft Legal IssuesMicrosoft's VistaOpen SourceRFID TechnologySCO's Linux FightSarbanes-Oxley ActSpamVoice Over IPWi-FiWindows Meta File VulnerabilityWindows XP Service Pack 2 IT Careers 2010 Four years from now, the IT field will be a vastly different place. Will you be ready? More Special Reports Premier 100 IT Leaders 2007 Best in Class2006 Computerworld Horizon Awards2006 Premier 100 IT Leaders2006 Salary Survey2007 Best Places to Work in IT2007 IT Forecast2007 Premier 100 IT Leaders40 Years of ComputerworldASPs, Take TwoBest Places to Work in IT 2003Best Places to Work in IT 2004Best Places to Work in IT 2005Best Places to Work in IT 2006Business Intelligence Home RunsBusiness Intelligence: Smarter BIBusiness Intelligence: The Future of BICRM Goes VerticalCRM: Sober CRMCareer Planning Guide 2005Careers: IT Profession 2010Computerworld Horizon Awards 2005Data Management: Mining for GemsData Management: Taming Data ChaosDevelopment: Hard-Workin' Web SitesDevelopment: New Tools New ChoicesDevelopment: The New World of Application DevelopmentDevelopment: The Web Services TsunamiDevelopment: Web Services HurdlesDisaster Recovery: Preparing for the WorstE-commerce Grows UpE-mail/Groupware: Big DecisionsFaces of Mobile ITForecast 2006Global MobileHardware: Multiple Cores, Multiple ChallengesHardware: On-Demand Un-HypedHardware: The Shape of Things to ComeHorizon Awards: 10 Cool Cutting Edge TechnologiesIT Management: Guide to Managing VendorsIT Management: Navigating Global ITIT Management: Recovery AheadIT Management: The Future of ITIT Management: The Resourceful Project ManagerInnovative Technology Awards 2004Management: Reinventing ITMicrosoft in TransitionMobile/Wireless Leaders and LaggardsMobile/Wireless: The Untethered WorkerMobile/Wireless: Tiny Gadgets, Huge CostsNetwork Management: Taking ControlNetworking: Turbulence Ahead!Networking: VoIP Goes MainstreamOperating Systems: In the Slow LaneOperating Systems: Linux Goes GlobalOperating Systems: Should You Nix Unix?Outsourcing: Offshore Buyer's GuideOutsourcing: Outsourcing DangersPremier 100 IT Leaders 2004 Best in ClassPremier 100 IT Leaders 2005 Best in ClassROI: Do the Math!Salary Survey 2003Salary Survey 2004Salary Survey 2005Security Action PlanSecurity: Compliance HeadachesSecurity: Proactive SecuritySecurity: Risk and RewardSecurity: Tips From Security ProsSouped-up SecurityStorage: Battling ComplexityStorage: Cheap & Secure Data StoresStorage: Stretching Your Storage DollarsStorage: The Lean Storage MachineStorage: The New Rules of StorageStorage: The Ultimate Backup GuideSupply Chain: Missing LinksSupply Chain: RFID Reality CheckThe Business of SecurityWeb 2.0 SecurityWireless: Wireless At Work All Zones Application Performance Zone Enterprise-Class Security Zone Enterprise Solutions Zone The File Data Management Zone Grid Computing on Windows Zone Security Management Zone ITIL Best Practices Zone The SAS Zone Storage Virtualization Zone The Data Center Management Zone See your link here

Unified Communications Unified Communications Computerworld presents a new webcast, compliments of Cisco. Go to the webcast  Advancing the Economics of Networking Get this white paper now! (Source: Juniper Networks) Read this white paper to discover how to easily reduce capital and operational IT expenses. Aging network systems and old habits have dictated how businesses spend their IT budgets. As a result, a large percentage, if not a majority, of IT dollars are being spent to merely "stay in the race" and keep pace with the competition. Download this white paper  Computerworld Executive Briefing: Automating Network Management Download this Executive Briefing now (a $195.00 value), compliments of ProCurve Networking by HP. (Source: Computerworld) This briefing looks at the basics of network management, which tend to get lost in the dizzying array of products and processes. It also examines new tools that are on the way to help IT executives deal with management in the new era of automation. Download this Executive Briefing now (a $195.00 value), compliments of ProCurve Networking by HP. Download this executive briefing  White Papers Read up on the latest ideas and technologies from companies that sell hardware, software and services. New Fujitsu High-End Itanium Windows- and Linux-Based PRIMEQUEST Servers Offer the Utmost in High Availability New Fujitsu High-End Itanium-Based PRIMEQUEST Servers Offer Industry-Leading System Management for Linux and Windows Symantec State of the Data Center Report 2007 View more whitepapers

• Review: Which 3G network is the best?
• Analysis: Why Hewlett-Packard wants EDS
• Srizbi grows into world's largest botnet
• More top stories 

XenServer FREE trial Citrix XenServer is the simplest and most effective way to virtualize and provision servers. XenServer combines comprehensive server virtualization capabilities with unparalleled scalability, performance, economics, and ease-of-use. Based on the open source Xen hypervisor, XenServer delivers fast performance, easy management, and advanced features such as live migration. Request free trial now



Columnist Bert Latamore digs deep to analyze the latest networking trends. Click here to read the latest column by Bert Latamore



IT Service Management: Metrics That Matter Download this whitepaper and learn about the metrics that matter most toward improving operational results, and which two controls any organization can adopt that will put them on path to high performance. Download this white paper now!  See more Whitepapers



Networking Know-How For tips and best practices on building anything in the network, see Sandra Gittlen's weekly column. Click here to read the latest column by Sandra Gittlen