Cisco has launched an internal review of its networking code following disclosure of a secret back door in rival Juniper's firewall software.
In a blog post Monday, Cisco Systems Inc. (Nasdaq: CSCO) said it has "no indication of unauthorized code in our products," adding, "We have seen none of the indicators discussed in Juniper's disclosure."
Anthony Grieco, senior director of Cisco's security and trust organization, writes that Cisco has a strict "no backdoor" policy. "Our development practices specifically prohibit any intentional behaviors or product features designed to allow unauthorized device or network access, exposure of sensitive device information, or a bypass of security features or restrictions," Grieco says.
Security experts expect other technology companies to be reviewing their code for vulnerabilities following the Juniper disclosure, according to Reuters.
Juniper Networks Inc. (NYSE: JNPR) disclosed the vulnerability on Thursday. The company said it had found a backdoor -- intentionally created access -- in ScreenOS, the operating system for its NetScreen products, used for VPNs, firewalls and traffic shaping, including protection against denial-of-service attacks. The first hack allows unauthorized remote administrative access, and another hack might allow a knowledgeable attacker to decrypt VPN traffic. The FBI is reportedly investigating -- Juniper's customers include the US Department of Defense, US Treasury and FBI itself. (See FBI Investigating Juniper VPN Hack.)