Cisco updates endpoint security technology

Computerworld - Cisco Systems Inc. today announced an enhanced version of its Network Admission Control (NAC) technology designed to help protect corporate networks against threats from insecure endpoint devices such as PCs and notebook computers.
With the move, Cisco has extended NAC support to its range of Catalyst switches and introduced new features allowing companies to enforce security policies on users' devices. Cisco also added new partners to its NAC program and upgraded its line of NAC hardware appliances.
With Version 2.0 of NAC, Cisco has reached a couple of key milestones, said Bob Gleichauf, chief technology officer in Cisco's Security Technology Group.
"With this, we are selling NAC on switches, routers and on just about every product we sell," Gleichauf said, adding that Cisco now has over 60 vendors participating in the NAC initiative. That's up from the three partners it had when it first announced the initiative about 18 months ago, he said.
Under its NAC initiative, Cisco is developing a range of tools that let companies permit, deny, quarantine or restrict admission to networks based on an end user's security status. The capability is seen as key at a time when companies face a growing risk from infected PCs, laptops and other client devices, especially from hardware belonging to contractors or business partners.
Cisco's NAC technology comprises multiple components, including a Cisco trust agent that sits on endpoint systems and collects information on client security, such as the status of antivirus signatures and patch levels; network access devices that enforce admission control based on the information provided by the trust agent; and a policy server that instructs network access devices on the appropriate policies to be applied.
Cisco said it is teaming up with new partners such as Altiris and Qualys Inc. to provide a scanning service companies can use to audit agent-less PCs and laptops for security compliance. The audit results can then be communicated back to a Cisco NAC server for appropriate enforcement action.
The fact that Cisco has finally extended NAC support to its line of switches means that users are likely to be more interested in the technology than they were when it was only available on Cisco routers, said Joel Conover, an analyst at Current Analysis Inc. in Sterling, Va.
"The closer to the PC or the endpoint that you can provide enforcement, the less chance [there is] that some malicious software that is on one PC can spread to other PCs," he said.
Even so, the fact that the NAC technology is supported