Cisco teaches AU businesses self-defence
Cisco managing director Ross Fowler said the foundation for the self-defending network strategy is in three parts -- integrated security, security technology innovation and system level solutions.
"The reason we've taken that approach is that security can't be addressed by point solutions. It needs an end to end approach, and not just in terms of technology but also in business processes. So what we've done is to ensure from a technology point of view we provide that end to end security technology," Fowler said.
He added that the US$3.2 million investment in research and development for security started from customers who "demanded" that Cisco address the issue.
"Our customers have demanded it. They understand very well that the heart of addressing the security issue is to have it built into the network and embedded from day one and that's why we invested into R&D in this area," he said.
One major issue, Fowler said, raised by Cisco's customers was that of rogue access ports, wherein an employee takes their wireless access point from home and plugs it into the office wireless access.
Fowler said a network management platform combined with wireless access technology called the wireless LAN solutions engine, helps businesses detect and zero in on the rogue access point.
For instance, if someone has plugged into a rogue access point through the Ethernet socket on the wall, the system can detect the rogue access point through the use of the legitimate access points within the range. Through the radio signal of the legitimate access points, the system will be able to detect the rogue access point and tell the network management person where that access point is through triangulation.
Part of the self-defending network strategy includes identifying threats, reacting appropriately to the severity level, isolating infected servers and desktops, and reconfiguring the network resources in response to an attack.
Cisco is also working with anti virus vendors under its Network Admission Control (NAC) program to help ensure that infected devices are not allowed entry into the network.
"People often do not realise the amount of R&D we are putting into security. We are giving them features they didn't know existed," Fowler said.
He added that they are careful not to add to the scare mongering of business security issues saying that their solutions are better than the marketing hype.
"We have customers whose businesses are in a threat because they are not addressing security issue effectively. We've done a bit of marketing to raise awareness on security issues and self- defending networks but nowhere near as much as we're investing in the marketing of IP telephony. It's a very fine line to make sure the public and our clients are informed but not join in the scare mongering and exploiting the opportunity," he said.