Chambers Sells Self-Defending Networks
“You will see a virtualization of resources,” Chambers says. “You will have no idea whether the device in your hand contains the resources you are using or if they are stored in some other network.”
Then, after a quick safe harbor statement, he launched into his company’s unfolding plan to protect the enterprise from worms, germs, viruses, and other attackers.
“How do we add smartness to our routers and switches and processors to let them play to together to address these [security] issues? If you just provide the security software, and you don’t change the business processes underneath you're going to get no where,” Chambers says. “The place to do it is in the network.”
The security threats the enterprise faces today give very little warning of their approach. “What three years ago you may have had a week to prepare for, today you only have seconds,” Chambers says.
The answer to such a frightening situation, where malicious worms, viruses, and phishing expeditions are ever-present threats to the network, is what Chambers calls “a largely self-defending and self-adapting environment.”
Chambers says Cisco security systems are built deeply into the network and are present in every device. “You can’t approach this problem with pinpoint solutions,” Chambers says. “You have to use a systems approach versus a product-centric approach; it has to be an architectural play, a comprehensive approach.”
Cisco, Chambers says, achieves this in the network through a multi-layer approach. The first, he says, is applications security such as spyware. The second, “Anti-X defenses,” includes virus and worm mitigation, content defense, and anomaly detection. The third layer, “containment and control,” comprises traffic-admission control, prevention technology, and inline IPS.
The company has paid a hefty tuition for its security knowledge. Chambers says Cisco has acquired 12 companies and formed 30 major partnerships to build security expertise into the company’s products.
Then it was demo time. Chambers and an assistant demonstrated how Cisco’s newly announced IPS 5.0 security product provided first-line defense against Web-based attacks.
He also revealed that Cisco is in development with an email security program that registers legitimate email correspondents with the DNS. When malicious or spam email arrives, the systems looks for an identifier at the DNS, finds none, then rejects the email. “It’s kind of like caller ID,” Chambers explains.
Finally, Chambers and friend demonstrated Cisco’s Security Monitor application, which constantly monitors and audits the network based on a set of pre-ordained policy for every device type in the network.
Chambers repeated a theme from early in the presentation to the CIOs and CSOs in the audience: “If you didn’t start your plans for security five to seven years ago, it’s too late, and you’re headed for problems.”
“You can never eliminate all of the security issues,” Chambers says. “But you have to figure out how to eliminate most of them and minimize the damage.”
— Mark Sullivan, Reporter, Light Reading