Monday, February 14, 2005

Cisco Evolves its Security Strategy Toward Adaptive Threat Defense

Cisco Systems announced the next phase of its Self-Defending Network security strategy. Earlier phases of its strategy focused on the need for integrated IP security and the network admission control (NAC) initiative.

This next phase, called Adaptive Threat Defense (ATD), aims to further minimize network security risks by dynamically addressing threats at multiple layers, enabling tighter control of network traffic, endpoints, users, and applications. ATD also aims to simplify architectural designs and lower operational costs by combining security features, multilayer intelligence, application protection, network-wide control and threat containment..

Key components of ATD include better coordinated threat mitigation through Anti-X defenses, Application security, and Network control and containment.

  • Anti-X defenses: Prevent and respond to network threats through a combination of traffic and content-oriented security services. Core security enforcement technologies include firewall, intrusion prevention system (IPS), anomaly detection and distributed denial-of-service (DDoS) mitigation fused with application-inspection services such as network anti-virus, anti-spyware, and URL filtering. This brings granular traffic inspection services to key network security enforcement points, thereby containing malicious traffic before it can be propagated across the network.

  • Application security: Provide advanced business-application protection through the use of application-level access controls, application inspection, and enforcement of appropriate application-use policies, web-application control, and transaction privacy.

  • Network control and containment: Network intelligence and the virtualization of security technologies provides the ability to layer sophisticated auditing and correlation capabilities to control and help protect any networked element or service such as Voice over IP (VoIP) with active management and mitigation capabilities.

See also