New hardware and enhancements to a number of Cisco Systems' software products will make computer networks more resilient to attack, according to the company.
This week, Cisco unveiled new virtual private network (VPN) hardware and new features for the Internetwork Operating System (IOS) and Security Device Manager software to support firewalls and spot the source of denial of service (DoS) attacks. The new products and features were part of Cisco's Self-Defending Network strategy to create "autonomic" responses to network security threats, the company said.
On the hardware side, Cisco extended VPN support to the 7301 Router, allowing that device to support 370M bps (bits per second) VPN throughput in addition to a firewall, routing and quality of service management features.
Cisco also added a new device to its 3000 line of VPN concentrators: the VPN 3020 Concentrator. That device hasintegrated Internet Protocol Security (IPSec)) and Secure Sockets Layer (SSL) remote access features and could support up to 750 concurrent VPN users using IPSec and up to 200 users in SSL mode, Cisco said.
On the software front, Cisco unveiled a number of new security features that come with IOS Software Release 12.3T.
The IP Source Tracker is an IOS-based security tool that allows IT managers to access Cisco routers using a special "management channel" even when they are the target of a DoS attack.
New command-line interface features in IOS gave administrators more control over access to security operations by allowing them to restrict access to features based on administrative roles, Cisco said.
The company also announced better firewall support from IOS that will enable IT administrators to divide their network into "trust zones" based on IP (Internet Protocol) addresses.
A new software product, the Cisco IOS Firewall for Internet Protocol version 6 (IPv6), supported inspection of both IPv4 and IPv6 traffic and protocol anomaly inspection, the company said.
IPv6 is a new IP version formalised in a set of specifications from the Internet Engineering Task Force. Among other things, IPv6 lengthens IP addresses from 32 to 128 bits, which will accommodate a new generation of "networked" devices.
A new version of the Cisco Security Device Manager features start-up wizards that make it easier to deploy security products, update Cisco router configurations and lock down network security.
Security Device Manager version 1.1 also extends support to the Cisco 7200 series router, the company said.
Cisco faces tougher competition on the security front following the February announcement that chief competitor Juniper Networks is buying firewall giant NetScreen Technologies.
The company has been working in recent months to raise its security profile, announcing several new security initiatives.
In November, Cisco and leading antivirus companies announced the Cisco Network Admission Control program that enables Cisco routers to evaluate information, such as whether a particular computer's antivirus definitions are up to date and its operating system is adequately patched, before allowing it to connect to a network.
In February, the company said it was collaborating with IBM to let IBM's products communicate more directly with Cisco's network security technology.