Cisco and Antivirus Vendors Propose Worm Lockdown Tech.
The CEOs of Cisco Systems Inc, Networks Associates Inc, Symantec Corp and Trend Micro Inc yesterday said their companies are working together to extend virus knowledge to the network and help mutual customers deal with worm attacks.
Cisco launched the Network Admission Control program, an initiative under which it is opening some host security APIs free of charge to third parties, so they can have their technologies interoperate with Cisco network access control systems.
"We as an industry need to put aside our differences and solve the problem," Cisco CEO John Chambers said in a webcast. "Individual vendor approaches have proven ineffective at solving the clear and present danger to the global economy as it relates to sophisticated infrastructure attacks."
What Cisco envisages is a system whereby policies can be written that allow computers infected by viruses, or vulnerable to infection by virus, to be prevented from spreading the infection by disconnecting them or isolating them on the corporate network.
The system will comprise existing Cisco products, including its Security Agent host intrusion detection software and its Radius policy server. New is the Cisco Trust Agent, which will be built into NAI, Symantec and Trend software and will ship next year.
The Trust Agent sits on hosts, compiles security state data, such as OS patch level or last virus update time, and provides it to the policy server. If the server detects a policy violation it can instruct Cisco routers to quarantine the machine to a safe VLAN or block traffic from it completely.
While the CEOs made much of the need for proactive, rather than reactive, ways of handling the worm problem, it's clear that integrating virus data into the Cisco system will still be dependant on the availability of signatures.
However, known viruses can be a bigger problem than unknown ones in many organizations, manager of products marketing Russell Rice said. The sheer hassle of keeping everything patched means well-documented worms still take out networks.
|Printer friendly Cite/link Email Feedback|
|Date:||Nov 19, 2003|
|Previous Article:||Hatchets Buried on J2EE 1.4.|
|Next Article:||Sun Secure Identity Buy Prompts IBM Challenge.|