The products behind the policies

Three of the network security industry’s biggest vendors used this week’s RSA Security Conference to launch products designed to enforce corporate network security policies.

The companies are trying address the issue of watching for and preventing clients without proper security technology from accessing enterprise networks.

Cisco Systems Inc., for example, announced Cisco Security Manager (CSM) 3.0, the Monitoring, Analysis and Response System (MARS) 4.2 and a set of modules for its Adaptive Security Appliance (ASA) 5500 series.

Meanwhile, Brampton, Ont.-based Nortel Networks Corp. launched the Secure Network Access Switch (SNAS) 4050, which includes RADIUS authentication, management via simple network management protocol (SNMP) and syslog, plus dual profile authorization. The switch is designed to ensure no client can access the network without the correct antivirus, firewall and software patch updates. It also monitors PCs for any changes that could affect network security.

Nortel says it plans to have its SNAS products work with Microsoft Network Access Protection (NAP), and include “smart ports” on its switches, routers and gateways that will allow them to communicate with other NAP clients so companies can enforce security policies across the network.

“When somebody comes into the office with their laptop, you really should treat that device almost in the same way as you would if someone calls in from home,” over a VPN, said Pat Patterson, Nortel’s director for security solutions in a telephone interview from the RSA conference, which wrapped up Friday.

Corporate networks are often accessed by visitors who bring their own computers, said Jack Sebbag, McAfee Inc.‘s vice-president and general manager for Canada.

McAfee has announced Policy Enforcer, which runs with its ePolicy Orchestrator software and is designed to examine all new clients to ensure they comply with corporate security policies – such as having the right anti-virus updates, firewall software and operating system patches – before allowing them access to the network.

“There’s way too many unauthorized machines getting on to corporate networks,” Sebbag said. “Sometimes hundreds of people – consultants, contractors or employees without access – just plug into the network and release malware without their knowledge.”

Policy enforcement is also one aim of Cisco’s Self-Defending Network security strategy.

“Every device has a role to play in the overall security posture of the network,” said Scott Pope, Cisco’s senior manager for virtual private network (VPN) security product management and product marketing.

CSM 3.0, which is an update to Cisco’s VPN and Security Management product, is designed to manage security policies on various Cisco routers, firewalls, VPN and intrusion prevention devices. It can provide a topological network map, create firewall tables and configure site-to-site, hub-spoke or extranet VPN connections.

“The management side of things is something we’ve been a bit weak in in the past,” said Dario Zamarian, senior director for product management of Cisco’s security technology group. “We never had the opportunity to provide a total integrated view on how you manage a self-defending network.”

In addition to CSM and MARS, Cisco plans to ship the Content Security and Control Security Services Module (CSC-SSM) for its ASA 5500 products.

CSC-SSM includes anti-virus and anti-spyware software from Trend Micro, and has optional modules for anti-phishing and anti-spam filters, as well as URL filtering, which prevents users from visiting certain Web sites.

MARS 4.2, which is scheduled to ship in May, includes a visual map of the network that alerts administrators to any suspicious activity, such as a spike in traffic on a particular port, or a traffic pattern that resembles pattern of a previous denial of service attack.

The administrator then has the option of taking action, such as cutting off access to particular device or locking down a port.

Patterson says MARS is similar to Nortel’s existing Threat Protection System.

“If you look at what Cisco announced in MARS, you can buy that from us today. “It’s not a futuristic thing.”

TPS has sensors on the network the sends information to a defence centre, which is programmed to determine whether there is a threat.

Comment: info@itbusiness.ca

Share on LinkedIn Share with Google+