Cisco Beefs Up Mobile Device Security With Updated Firewall Tools
“The security environment is growing more challenging. There are more devices and applications on the network, making firewall policies more complicated,” said Fred Kost, director of security solutions at San Jose, Calif.-based Cisco. But in the current economy, growing IT security complexity has not been matched with more IT staff being hired, he added, “so we’re sort of doing more with less from the firewall perspective.”
Enter the update to Cisco ASA, an industry-leading firewall product, and the latest version of the company’s firewall management platform, Cisco Security Manager. Cisco ASA v8.3 beefs up the AnyConnect Secure Mobility utitlity, adds a traffic-blocking capability to its Botnet Traffic Filter, adds IPv6 support and simplifies policy management, according to Kost.
The additions to the fourth-generation of Cisco Security Manager include integrated policy and event management on a single console, some new troubleshooting tools and a unified NAT that enables the creation of global roles across the many device interfaces present in IT environments.
“A lot of this focuses on simplifying the management,” said Kost, reiterating Cisco’s position that IT staff today need to be able to manage more complexity with less human resources. Of particular concern for IT administrators is the growing presence on the network of unsupported devices like smartphones and unsupported applications such as social networking tools, he said.
Yet in a survey Cisco recently conducted, many IT professionals reported that employees in their organizations increasingly want to use mobile devices they personally prefer for work-related tasks, even if their IT department doesn’t support them. And unless an organization has the physical means in place to prevent unsupported devices from accessing its network, there’s not much IT can do about it.
To address those customer concerns, Cisco has beefed up its AnyConnect Secure Mobility system in partnership with handheld device makers like HTC, Samsung, Nokia and Palm. Cisco’s Secure Borderless Network architecture now includes easier ways to integrate more mobile devices into the security framework while maintaining end-point agents that are as light as possible so as to minimize performance degradation on employees’ devices, the vendor said.
Cisco also made two more security systems available Thursday. The first is the Data Security System for data loss prevention over e-mail and the Web. The second is a new Security Information and Event Management (SIEM) System, which unifies the device monitoring language in the Secure Borderless Network architecture, so that diagnostic tools made by Cisco partners like ArcSight, loglogic, netForensics, RSA and splunk can all understand the information that comes out of Cisco security platforms.