Cisco Systems Inc., today announced the CIsco Network Admission Control program to address the increased threat and...
November 18, 2003
Cisco Systems Inc., today announced the CIsco Network Admission Control program to address the increased threat and impact of worms and viruses to networked businesses.
“As the network continues to be a mission critical business system for organizations of all sizes, a top priority for customers is securing their information assets and minimizing the impact of viruses and worms,” said John Chambers, company president and CEO.
The program was developed in conjunction with anti-virus software vendors Network Associates, Symantec, and Trend Micro. This collaboration addresses the broad and growing concern among enterprise customers — the remediation costs resulting from worms and viruses, Cisco said.
“Recent worm and virus infections have elevated the issue of keeping insecure nodes from infecting the network and have made this a top priority for enterprises today,” said Mark Bouchard, senior program director with consulting firm the Meta Group.
“Many organizations were successful at stopping recent worm attacks at their Internet boundaries, yet still fell victim to the exploits when mobile or guest users connected their infected PCs directly to internal local area networks. Eliminating this type of threat will require a combination of strengthened policies and network admission control systems.”
Organizations using network admission control systems can allow network access only to compliant and trusted endpoint devices (for example, PCs, servers, personal digital assistants) and can restrict the access of non-compliant devices.
In its initial phase, the Cisco Network Admission Control functionality enables Cisco routers to enforce access privileges when an endpoint attempts to connect to a network.
This decision can be based on information about the endpoint device such as its current anti-virus state and operating system patch level.
Network admission control systems allow non-compliant devices to be denied access, placed in a quarantined area, or given restricted access to computing resources. Cisco Network Admission Control systems will initially support endpoints running Microsoft Windows NT, XP and 2000 operating systems.
“The proliferation of unknown computing endpoints in the form of remote and mobile users puts our strategic information assets at increasing risk,” said Lance Braunstein, chief information security officer, and executive director of Infrastructure Engineering, Morgan Stanley Individual Investor Group, a global financial services firm.
“Network admission control systems will allow us to take advantage of our existing investment in security software and network infrastructure to ensure that computers accessing our network will conform to our security policies.”