Browse by year:
February - 2005 - issue > Cover Feature
Self-defending Networks
Sanjeev Jain
Monday, November 17, 2008
Vijay Kumar is a regional sales manager of a FMCG company. His job requires him to take weeklong business trips meeting various distributors and partners. When he returns to the office, he wants to catch up all the emails he has been missing. So he often ignores the company’s security policy that mandates employees to update the anti-virus software every morning in order to ensure data flowing in and out of a computer is clean. Though he postpones downloading the virus updates or check for OS patches, Kumar is unaware his laptop is a vulnerable threat to the network. The best solution is not to give his laptop access to the network until it is deemed suitable. This is exactly what networking giant Cisco aims to provide—a self-defending network, identifying and preventing security threats.

With the increasing complexity of networks and rising demand for security products, Cisco regards security as a strategic business opportunity. Last year, it moved Jayshree Ullal from the Optical Networking Group to head the newly formed Security Division. It also acquired four companies in the security space. Today, Ullal and her division are instrumental in driving security across all of Cisco’s product lines. Their goal is to have basic security features and security principle ingrained in all products, whether it is switches, routers or wireless products.

Cisco’s security philosophy is to enable the network to be proactive in nature and adapt itself to any vulnerability. The network no longer depends on manual intervention, so spotting any attack and preparing defense is achieved automatically through Network Admission Control (NAC), a key element of the self-defending network strategy.
NAC seeks to identify systems with vulnerabilities and provide security solutions. NAC is just the first phase of Cisco’s self-defending network initiative, which encompasses integrated security, industry collaboration and system level solution to meet security threats. “The ability to identify threat and start putting on protection is not there as yet but has become relevant. Here Cisco’s self defending network will identify and prevent security threats,” says Jagdish Mahapatra, Business Development Manager, Cisco Systems, India & SAARC.

NAC is an industry collaborative initiative. Cisco is working with over a dozen partners and anti-virus vendors like Trend Micro, McAfee and Symantec to integrate its NAC into their solutions. “Our goal is to do an admission checking on every device that is hooked to the network, including handheld devices and IP phones,” says Mahapatra. This is followed by network infection containment - identifying patterns of infections and checking them, which is just one of their dozen new focus areas.

Last quarter, Cisco launched a new series of routers called Integrated Service Routers (ISR) that incorporates various security components. Cisco is also building intelligence into other components, such as the Catalyst range of switches. With Cisco’s focus on security, all its network infrastructure equipment is becoming more acceptable to their customers. “Our overall value proposition to the customer has become better,” says Mahapatra. “We are going to have security integrated in all our network infrastructure equipment.”

With NAC built-into the routers, Kumar is not concerned with virus updates or OS patches. When he is back in office, the Cisco Trust Agent (CTA) captures the security credentials and passes the information to NAC embedded in the router. The router then validates security policy and determines whether he can be given access. Adding to this, the Cisco Security Agent, which is stored in the end user’s PC, monitors any anomalous behavior on the PC and sends the information to NAC via CTA.

2004 has been a very good year for Cisco in India. The emerging BPO/ITES space and BFSI space, where security is crucial, have been promising. “We are seeing healthy traction on firewalls, IDS, and SSL VPN,” says Mahapatra. “What is evolving now is the integrated security. Integrated security as a portion of our business is increasing every quarter. This gives us assurance that the customers are buying our vision of self-defending network where integrated security is a key component.” A latest report published by Frost & Sullivan indicates that Cisco holds 48 percent of the security market in India.

“For Cisco, security is a huge business component with a $1B run rate, world wide. In fact, Cisco’s overall security numbers are much bigger than the turnover of any of the security players by themselves!” says Mahapatra.

Share on LinkedIn