Cisco Systems, Inc., announced new advanced network outbreak and threat prevention solutions to help customers better protect critical information assets.
The new solutions include: the Cisco Incident Control System (ICS); Distributed Threat Mitigation for Intrusion Prevention Systems (IPS); and enhancements included in new versions of the Cisco IPS and IOS software. These extensions to the Cisco Self-Defending Network security strategy and product portfolio aim to deliver real-time threat response based on internal and external network threat intelligence.
“These advancements deliver broad-based protection for new and emerging threats across the entire network and utilize existing network and security infrastructure to help protect existing business investments,” said Jeff Simpler, president and CEO of Simpler-Webb, a global managed services, technology consulting, network management, and software development solutions company. “These solutions also underscore the increased customer demand for solutions that help customers dramatically improve the network’s ability to defend against threats; a cornerstone to the Cisco Self-Defending Network security strategy.”
Further validation of Cisco’s market traction is found in recent Infonetics marketshare data that highlights Cisco’s security marketshare growth and leadership across IPS/IDS, Secure Hardware Routing, and Virtual Private Network (VPN) and Firewall Appliance and Software categories.
Cisco Introduces the Incident Control System (ICS)
The new Cisco ICS helps customers respond within minutes to the rapid and global spread of today’s worm and network virus outbreaks. Cisco ICS addresses emerging threats by utilizing up-to-the moment outbreak intelligence and virus signature distribution from Trend Micro TrendLabs. TrendLabs enables Cisco IPS solutions along with Cisco routers and switches already deployed in a network to prevent the spread of new and emerging threats before they reach a customer’s core network assets.
Cisco ICS is the second solution delivered from a collaboration between Cisco and Trend Micro announced in 2004. Cisco ICS provides rapid, policy-based threat mitigation services across a Cisco network once a serious threat is identified. This provides an additional layer of protection for corporate assets and helps to ensure continued business operations during an attack. Cisco ICS lets customers utilize their existing network and security deployments to adapt to changing conditions in real-time for a more coordinated, network-wide response to network threats and outbreaks.
“Cisco and Trend Micro have recognized that through collaboration between our real-time threat management services, a key aspect of the Trend Micro Enterprise Protection Strategy and the Cisco Self-Defending Network security strategy and solutions, we can deliver a stronger business security environment that reduces both risk and costs for our customers,” said Eva Chen, chief executive officer of Trend Micro. “This relationship delivers what enterprise customers are asking for — a comprehensive and proactive threat outbreak prevention system.”
Also available for Cisco ICS is an Implementation Service from Cisco Advanced Services which provides customers deploying Cisco ICS with advanced preparation, design, and deployment support.
Distributed Threat Mitigation for Cisco Intrusion Prevention Systems (IPS)
Distributed threat mitigation for Cisco IPS is a new outbreak prevention solution that provides an integrated and more coordinated response to locally-occurring threats. It is delivered through enhancements to the Cisco Security Monitoring, Analysis and Response System (CS-MARS) version 4.1. This security management product that helps customers readily and accurately identify, manage and eliminate attacks and maintain network security policy compliance.
Distributed threat mitigation for IPS utilizes Cisco IPS appliance sensors for initial threat notification, CS-MARS for distributing threat-mitigation information across the network and Cisco routers utilizing IPS services to defend against threats. Together, the solution provides operational efficiencies through automated threat response, saving time and reducing potential damage. Other enhancements to the CS-MARS version 4.1 include broadened support for Cisco and third party products and improvements in the areas of workflow and incident handling, reporting and administration.
Outbreak Prevention for new versions of Cisco IPS and IOS Software
New versions of the Cisco IPS version 5.1 and Cisco IOS Software Release 12.4(4)T offer improved outbreak prevention capabilities that provide advanced and innovative threat mitigation and protection services. The Cisco IPS version 5.1 offers support for up to 255 Virtual LANs (VLANs) on a single interface, providing more expanded protection of critical assets at lower cost of ownership. It also delivers multi-gigabit, non-stop intrusion prevention through EtherChannel load balancing, a capability that helps enable high throughput with high availability services. Other new capabilities include traffic rate limiting with Cisco switches and routers allowing customers to have more control over network traffic and expanded protocol support. Centralized management of all Cisco IPS solutions supporting IPS version 5.1 is also available for added operational efficiency. More details are available at URL below.
Cisco IOS Software Release 12.4(4)T includes a new outbreak prevention capability called Flexible Packet Matching (FPM). FPM is an innovative capability that lets users conduct deep packet inspection pattern matching and filtering using pre-defined or customizable protocol templates in Extensible Markup Language (XML) or IOS Command Line Interface (CLI) for more granular user control. This allows customers to respond to an outbreak in real-time and without network service disruption. The Cisco IOS Software release 12.4(4)T also includes additional application firewall and expanded protocol support.