Network World - Cisco on Monday outlined its security product-development strategy aimed at providing a new type of "always on" security protection for mobile devices as well as a way to establish controls over cloud-computing applications used by the enterprise. Cisco is calling the initiative its Secure Borderless Network architecture.
The initiative basically entails bringing enhancements to three Cisco products -- the Cisco AnyConnect client, Cisco Adaptive Security Appliance (ASA) and Cisco's IronPort Web Security appliance -- to have them work in unison to provide an "always on" VPN function and client protection that extends to data-loss prevention, access to cloud-based applications and Web filtering. One of its main advantages will be in extending those capabilities to mobile devices used by employees, according to Tom Gillis, vice president and general manager at the security technology business unit at Cisco.
The announcement was made at this week's RSA Conference in San Francisco.
Top 10 RSA Conference security innovators
"The traditional VPN works great when it's on," said Gillis, who noted that Cisco itself has many millions of its VPN client products in use today. But the AnyConnect 2.5 client expected to ship in the second quarter for Windows and Mac computers, as well as other types of computers, plus many types of mobile devices that Cisco will later announce, would allow a business to establish an always-on VPN connection that would "automatically log you in" and "maintain session state."This new VPN client on the mobile smartphone and other types of computers would be the means to also establish policy controls to set restrictions on Web browsing, prevent unauthorized transmissions of sensitive data through data-loss prevention filtering, and provide automated access to cloud-based applications, as well as a way to de-provision use of applications, if needed.
But to obtain the full spectrum of benefits, enterprises would need to use Cisco AnyConnect 2.5, ASA 8.3 and an updated version of Cisco IronPort S-Series, all expected out in the second quarter. The mobile-security piece is expected to be marketed as Cisco Secure Mobility Solution.
The idea is for this Cisco's client software to be able to distinguish applications used by devices in order to determine they are being used under security policies approved by the business. The goal is to be able to differentiate between business and personal-use applications, too. At Cisco, "we're saying HTTP is the new TCP," Gillis said, since this is what most major applications use today. The goal is to have iPhone be able to automatically get to a Salesforce application, for example. And the business would be able to easily de-provision that use, if need be, through centralized management.
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
