Aiming to address the flood of network-borne threats to security from both inside and outside enterprises, Cisco Systems Inc. on Monday expanded its lineup of IDS (intrusion detection system) hardware and software with new devices and management capabilities.
As the Networld+Interop trade show kicked off in Las Vegas with an emphasis by many vendors on security, Cisco announced the IDS 4250 device for high-speed intrusion detection, the IDS 4235 for small and medium-sized companies and departments, and version 3.1 of its IDS software with Web-based management capabilities.
Detecting known threats as well as unexpected network behavior that signals a potentially debilitating new type of attack is increasingly difficult as new types of attacks proliferate. Protection should be put in place at several locations in a corporate network because of the threat of attacks from within and from "back doors" into the system, said Tom Russell, director of product marketing at Cisco.
"We take a posture of, 'IDS everywhere,'" Russell said. "You want to be able to sense potential threats just about anywhere throughout your network." The San Jose, California, networking giant offers IDS capability in routers and switches as well as server-based software.
Cisco's 4250 appliance is designed to secure high-speed wide-area-links or big pipes within corporate campuses, offering intrusion detection on about 500M bps (bits per second) of traffic, Russell said. In addition, a hardware upgrade coming by the end of this year will roughly double that performance, he said. The device can support both copper and fiber 1G-bps interfaces. Although high-speed Cisco routers also can be equipped with some IDS capability, such as protection against DoS (denial of service) attacks, protecting against a wide variety of threats takes a lot of processing power and is better left to a dedicated appliance, Russell said.
For companies with lower speed connections to a wide-area network, and for departments within an enterprise, Cisco rolled out the IDS 4235, with 200M bps performance. It offers 10/100/1000M bps copper Ethernet support. Both devices fit into a standard rack and are 1U (1.75 inches or 4.4 centimeters) high.
The new version of software for Cisco's IDS appliances, including three other appliances in addition to the newly introduced products, features Device Manager software for Web-based management capability. The software, designed to be embedded into the devices, allows administrators to manage the appliances from a Web browser, with SSL (Secure Socket Layer) security, using software wizards to guide the process.
Also included in the new version is IDS Event Viewer software, which lets administrators view events graphically as they occur and also view trends. The software can support as many as three devices.
The 4250 is priced at US$25,000. The 4235 costs $12,500, which Russell characterized as breakthrough pricing that can make high-speed IDS available to smaller enterprises. Both of the new software offerings are free. The new software and appliances are available now worldwide.