RSA 2005: The case for self-defending networks

Cisco's John Chambers says self-defending networks will be a must in the next few years. Users agree in theory, but say implementation is easier said than done.

SAN FRANCISCO -- Cisco Systems used this week's RSA Conference to unveil a slew of new security products for the next phase of its Self-Defending Network initiative. As part of the blitz, CEO John Chambers gave a keynote speech Wednesday on the importance of a multi-layered, tightly-wound network automated to address evolving threats of the next decade.

But is his vision practical for most enterprises? IT professionals who were asked said they embrace Chambers' vision and that the San Jose, Calif.-based networking giant seems to be headed the right way with its latest offerings. For them, it's a question of how you afford it and whether the average shop can achieve the interoperability Chambers outlined.

"I have no problem with the notion of a self-defending network," said H.R. Boone, area supervisor of Department of Defense (DoD) intelligence support services for Washington D.C.-based General Dynamics. The division Boone oversees is responsible for installing networks for the DoD, among other things. And while he considers Chambers' vision "a good dream," that doesn't mean his firm is ready to go out and invest in Cisco's products. "Cisco seems to be taking the right approach, but is their approach best?" he asked. "With all the choices out there, it's hard to say. You always have to evaluate products and review everything you can."

Chambers' keynote summarized
Chambers said companies can no longer afford to run on a loose patchwork of standalone devices; that everything must be tightly integrated.

"Whatever you do must be largely automated and self-defending," Chambers said. "You can't rely on human intervention. Architecture is vital… security must go across every device in the network and be part of your business process. You must be able to watch for patterns and abnormalities. You must be able to audit behavior."

RSA 2005
Read our ongoing news and product coverage.

He said enterprises need networks that can easily adapt to rapidly evolving threats in the next decade. "You have to look at the trends of the next decade and plan for it," Chambers said. "We all understand the trend -- security incidents are getting worse. You can't predict when and where things will happen, so you'll have to understand the how."

Chambers predicts a rapid integration of technology in the next decade. "Everything will be connected," he said. "You'll see a consolidation of data and voice companies…voice technology will be commoditized, you'll see more consolidation of telecommunication companies." With that will come new threats, he added.

The latest phase of Cisco's Self-Defending Network initiative, Adaptive Threat Defense (ATD), was formed with those trends in mind, he said. It's designed to help enterprises minimize network risks by "dynamically addressing threats at multiple layers, enabling tighter control of network traffic, endpoints, users and applications," according to a company statement. Key components of ATD include better coordinated threat mitigation through Anti-X defenses, application security, and network control and containment.

Anti-X defenses prevent and mitigate network threats through a combination of traffic and content-oriented security services, Cisco said. Core security enforcement technologies include firewall, intrusion prevention, anomaly detection and distributed denial-of-service mitigation fused with application-inspection services like network antivirus, antispyware and URL filtering.

Application security provides advanced business-application protection using application-level access controls, application inspection, and enforcement of appropriate application-use policies, Web-application control, and transaction privacy, the company said.

Network control and containment provides the ability to layer sophisticated auditing and correlation capabilities to "control and help protect" any networked element or service such as Voice over IP (VoIP) with active management and mitigation capabilities, the company added.

A full list of Cisco's new security products is available.

Linda Giller, project manager, infrastructure and technology services for Shell Services International of Houston, said Chambers' vision is doable if it's implemented in small steps. "I wouldn't replace everything at once," she said. "I agree that if you have human intervention it gets harder and harder to manage the network. Automated is the best approach. It's cheaper, too, because there aren't as many people to pay."

Giller said it's hard to see Cisco's latest products flying off the shelves, but the offerings show the company is looking to the future.

"You could see companies clamoring for these products a few years from now," she said. "Maybe now is the time to buy stock in Cisco."

Dig deeper on Security Resources

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close