Cisco Systems instigates NAC security programme

Cisco is attempting to address the increased threat posed by worms and viruses through its Network Admission Control (NAC) programme.

  • E-Mail
By  Anna Karhammar Published  January 8, 2004

|~||~|Eric van Gend, business development manager, Middle East, Africa & Russia, Cisco Systems. |~|Cisco is attempting to address the increased threat posed by worms and viruses through its Network Admission Control (NAC) programme. Established in conjunction with Trend Micro, Symantec and Network Associates, the initiative allows users of network admission control systems to restrict network access for devices that fail to comply with predefined patching levels. The project forms part of Cisco’s self-defending network initiative and builds on the vendor’s work surrounding intrusion and anomaly detection. A key part of the programme is the Cisco Trust Agent, which resides on an endpoint system and communicates with the network. It will be integrated with the antivirus software and Cisco Security Agent to enforce access privileges based on an endpoint’s operating system patch level. Users without the correct patching can be banned from the network or quarantined until they meet the patching criteria. “We have been looking at what we can do to better secure networks against viruses. So far we have developed our network intrusion detection and anomaly detection and we have been automating network protection,” says Eric van Gend, business development manager, Middle East, Africa & Russia, Cisco Systems. “However, with NAC we will be capable of checking any device that comes on to the network to see if the patches are there. If they are not then we can deny access to the network. It is about forcing users to do it [patch servers and PCs]. If they do not then they will not be able to access the network,” he explains. As part of its support for the Cisco initiative, Trend Micro will develop a specialised software component for its centralised desktop antivirus solution, OfficeScan Corporate Edition, while Symantec and Network Associates will also make the necessary modifications to their offerings. “Symantec is dedicated to working with industry leaders to provide the most comprehensive security solutions available to combat today’s blended threats,” says Kevin Isaac, regional director for Middle East & Africa at Symantec. “Symantec’s collaboration with Cisco supports Symantec’s extensive client compliancy initiative designed to promote the enforcement of remote and mobile client security policies,” he adds. NAC functionality should be supported on Cisco’s access and mid-range routers from mid-2004 onwards. Within the same time frame, the Trust Agent should be integrated with both Cisco and the NAC antivirus vendors’ software. The network vendor also plans to extend NAC across its multiple product platforms, including switches, wireless access points and security appliances in future. Those Cisco users wishing to integrate NAC with their existing infrastructure that do not have either Cisco Trust Agent or the requisite antivirus software will need to purchase them. However, for those with both components already operating in their companies, Cisco says implementation will be relatively easy, cost little and be done by local partners. “How simple the implementation is obviously depends on how complex the network is, but it is something that our technology partners will be able to do. As this is basically a value add it is only a small installation and configuration activity. Although we haven’t released any prices yet, there will only be a small cost or it may be free,” says van Gend. As a result of the programme, Cisco believes the number of viruses capable of infecting the network will be reduced. “Although nothing is 100% secure due to human intervention, this [NAC initiative] will work because, when combined with anomaly detection and the Cisco Trust Agent, we are doing a lot more to stop viruses spreading in the network,” says van Gend.“We are not only stopping viruses from executing in the network but from also having an after effect and reappearing again due to systems that are not patched,” he adds. However, while a number of market pundits have hailed the commencement of the NAC initiative and believe it will increase network security in some situations, others have highlighted the initiative’s potential negative points. For instance, Gartner Group believes enterprises using it may find themselves locked into Cisco’s solution. It also notes that the NAC initiative requires a fair amount of administrative effort and that for devices that do not support the Cisco Trust Agent, such as IP telephones, printers, personal digital assistants and non-Windows endpoints, network and security managers will have to build exception lists to grant them access to the network. ||**||

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code