Cisco Delivers Integrated Security Features
Routers and other software products that support NAC are available now as part of the first phase of the program's rollout, said David King, director of business development at Cisco, San Jose, Calif.
Phase two calls for Cisco to extend NAC support to its switch and remote access VPN products later this year or early next year, King said. The company also plans to expand the variety of end user operating systems the program supports, King said.
While Cisco is at least six months away from delivering the integrated security features on its market-leading switching products, competitors such as Enterasys Networks are heavily touting the availability of their own switches with integrated security features today.
"We're certainly going to do everything we can to get our solutions to market as quickly as possible," King said.
Through the program, announced in November, Cisco is teaming with vendors such as IBM, Network Associates, Symantec and Trend Micro to integrate security technology with its infrastructure products as part of its strategy to deliver "self-defending" networks.
"This gives our channel partners another reason to go back in and talk to customers about the value they can add in terms of implementing new technology to protect them from attacks," King said.
Cisco's NAC functionality gives customers the ability to restrict network access from devices such as PCs, servers and PDAs that are not compliant with their established security policies in areas including operating system patch level or antivirus state.
In keeping with the schedule outlined at the program's launch, Cisco said the program now supports its 830 to 7200 Series access and midrange routers running release 12.3(8)T of its Internetwork Operating System (IOS) using the Advanced Security image or higher. Other products now available in support of the program include Cisco Secure Access Control Server version 3.3, Cisco Security Agent version 4.0.2 and CiscoWorks Security Information Management Solution version 3.2.
Cisco is also releasing version 1.0 of its Trust Agent, available now for most Microsoft Windows operating systems. Trust Agent resides on end points to collect information from antivirus programs and communicate the data back to the network. In the future, Cisco plans to add support for Windows 2003, Linux and Solaris.
The networking company also wants other vendor partners to support NAC. To woo them, it is launching a new vendor integration program later this year and releasing APIs to encourage third-party development. Cisco is in talks with more than 60 potential vendor partners, including other security, management and operating system software vendors.
Current offerings that support Cisco Trust Agent include Network Associates' McAfee VirusScan Enterprise 8.0i and McAfee VirusScan Enterprise 7.x, upcoming versions of Symantec Client Security and Symantec AntiVirus Corporate Edition and Trend Micro's OfficeScan Corporate Edition v6.5.
Cisco also is launching a new line of planning, deployment, design and implementation services to support customers' NAC-enabled technology rollouts.
King said Cisco's channel partners would likely develop their own service bundles to wrap around the new technology.
Upgrades to support the new security features are free for customers with support contracts. Cisco's Trust Agent is also available at no charge.