Subscribe to our e-mail newsletters
For more info on a specific newsletter, click the title. Details will be displayed in a new window.
Networking
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
More E-Mail Newsletters 
Computerworld 2007Subscribe to Computerworld
40 years of the most authoritative source of news and information for IT leaders.

Cisco Adds Switch Support To Endpoint Security Tools

Expands NAC products beyond routers, but users may face hardware upgrades
 

Sign up to receive Security Resource Alerts

October 24, 2005 (Computerworld) -- An upgrade of Cisco Systems Inc.'s Network Admission Control (NAC) technologies, announced last week, adds wider hardware support and several features designed to help companies better protect their networks against insecure endpoint devices.


But network managers and analysts said the fact that the NAC offering is supported only on relatively new networking equipment from Cisco is likely to limit its appeal.


"I think they're moving in the right direction," said Jim Kirby, a network engineer at Wells' Dairy Inc. in Le Mars, Iowa. But adopting NAC anytime soon would be a challenge because of the upgrades that the ice cream processor would have to make to its network infrastructure, he said.


As part of the NAC initiative, Cisco is selling a line of tools that can permit, restrict or deny admission to corporate networks based on the security status of end-user systems. The products include agent software for collecting security data from client systems, network appliances that enforce security rules and a policy management server.


Until now, the technology has been available only on Cisco's routers. But the company said it plans to add support for NAC to its Catalyst switches by the end of next month. And as of last week, the products could be used with Cisco's wireless networking devices.


Cisco is also making it possible for companies to enforce security policies on systems they don't own, such as PCs belonging to contractors and business partners. Cisco is delivering the agentless capability in conjunction with security vendors Altiris Inc., Qualys Inc. and Symantec Corp.


Extending Its Reach


Bob Gleichauf, chief technology officer for Cisco's Security Technology Group, said that more than 60 other vendors are now participating in the NAC program, up from the three partners Cisco had when it shipped an initial set of products in June 2004.


The fact that Cisco has finally extended NAC support to its switches should make the technology more interesting to IT managers, said Joel Conover, an analyst at Current Analysis Inc. in Sterling, Va.


"The closer to the PC or the endpoint that you can provide enforcement, the less chance that some malicious software that is on one PC can spread to others," he said.


Even so, the availability of NAC on only Cisco's equipment could be of some concern to users who don't want to get locked into a proprietary technology, Conover noted. He added that the cost of upgrading to new routers and switches is another potential roadblock for users.


Those are some of the reasons why Tripos Inc. won't be able to adopt NAC in the foreseeable future, said Jerry Wintrode, a senior network architect at the St. Louis-based drug research company.


Tripos uses software from InfoExpress Inc. in Mountain View, Calif., to enforce security policies on the systems of remote employees. The company has developed a homegrown tool for detecting and preventing unauthorized PCs from connecting to its LAN.


Both capabilities are available as part of NAC. But upgrading the switches and network management software Tripos now uses would cost $160,000 to $170,000. Upgrading the InfoExpress suite so it could replace Tripos' homegrown tool, on the other hand, would cost less, at $60,000, said Wintrode.










NEW PRODUCTS






Cisco also had other NAC announcements:


An upgraded NAC appliance that includes a new bundled hardware option and preconfigured antispyware checks. Prices start at $8,995.


Version 2.0 of its Trust Agent software and Version 4.0 of its Access Control Server. The Trust Agent upgrade is free; ACS starts at $7,995.





Print this Story Send Us Feedback E-mail this Story Digg! Digg this Story Slashdot this Story
"Sometimes, no matter how much you try to protect your computer, you need to get down and dirty with the..." Read more...
"Pilot fish at this software company is helping the marketing team plan a user conference. And the networking requirements are..." Read more...
Read more Networking posts or See all Blogs
Review: Which 3G network is the best?
Analysis: Why Hewlett-Packard wants EDS
Srizbi grows into world's largest botnet
More top stories...
Hackers create their own social network
Hackers hijack a half-million sites in latest attack
Phishers scamming IRS rebates, Burma donors
A role on an IT help desk is what you make of it, tech pros say — just don't get too comfy.
Web-based e-mail may be exposing you to privacy and security dangers you didn't sign up for.
Ever been tempted to replace the mechanical hard drive in your laptop with a shiny new solid-state disk? Our expert did so, and here's what he found.
PARC showed erasable paper and other technologies that adds intelligence to documents with raw text.
Reviews, analyses, how-tos, visual tours, hot issues and predictions about Microsoft's new OS.
Four years from now, the IT field will be a vastly different place. Will you be ready?
All Zones
Application Performance Zone
Enterprise-Class Security Zone
Enterprise Solutions Zone
The File Data Management Zone
Grid Computing on Windows Zone
Security Management Zone
ITIL Best Practices Zone
The SAS Zone
Storage Virtualization Zone
The Data Center Management Zone

Ads by TechWords

See your link here
Unified Communications
Unified Communications
Computerworld presents a new webcast, compliments of Cisco.
Go to the webcast 
Advancing the Economics of Networking
Get this white paper now!
(Source: Juniper Networks) Read this white paper to discover how to easily reduce capital and operational IT expenses. Aging network systems and old habits have dictated how businesses spend their IT budgets. As a result, a large percentage, if not a majority, of IT dollars are being spent to merely "stay in the race" and keep pace with the competition.
Download this white paper go
Computerworld Executive Briefing: Automating Network Management
Download this Executive Briefing now (a $195.00 value), compliments of ProCurve Networking by HP.
(Source: Computerworld) This briefing looks at the basics of network management, which tend to get lost in the dizzying array of products and processes. It also examines new tools that are on the way to help IT executives deal with management in the new era of automation. Download this Executive Briefing now (a $195.00 value), compliments of ProCurve Networking by HP.
Download this executive briefing download
White Papers
Read up on the latest ideas and technologies from companies that sell hardware, software and services.
New Fujitsu High-End Itanium Windows- and Linux-Based PRIMEQUEST Servers Offer the Utmost in High Availability
New Fujitsu High-End Itanium-Based PRIMEQUEST Servers Offer Industry-Leading System Management for Linux and Windows
Symantec State of the Data Center Report 2007
View more whitepapers 
Troubleshooting Remote Site Networks - Best Practices
Management and remote site employees expect the same level of network service as the headquarters site. However, when IT staff are faced with limited resources to support remote site networks, often the applications, services and performance at those sites is not as robust as the headquarters site. See how to deliver a high level of network service at remote sites using the best practices outlined in this white paper.

Read whitepaper now
Super-size your LAN with fiber
Fiber optic technology frees the Local Area Network (LAN) from the confines of a single building, allowing a LAN to extend across a campus or a metropolitan area. Read how the selection of fiber optic components affects repeaterless transmission distance and how one school district used fiber to build a more reliable and more cost effective high-speed, district-wide network. Also, read how Metropolitan Area Network (MAN) ownership may require self-assessment of network performance.

Read whitepaper now
Determining the cause of poor application performance
Are users constantly complaining that your network is too slow? Or that they can’t connect or can't stay connected? Are network applications hanging and slowing productivity? Do you spend way too much time trying to isolate the source of the problem and to prove that often the issue isn't the network at all but the application? In this on demand webcast, learn best practices and common root causes of application problems using case studies and live network traffic.

Watch webcast now