Does security fit into Cisco's wireless agenda?

Cisco Systems has unveiled new products in recent months to fill customer demand for more wireless networking capacity. But with more threats being directed at wireless users, questions abound on how to secure it all. Lynn Lucas, director of Cisco's mobility group, sat down with SearchSecurity.com to discuss what the networking giant is doing to keep its wireless offerings secure and what she believes enterprise IT pros must do to bolster defenses on their end.

At the Interop conference in May, Cisco said it would help the healthcare, retail and energy industries bolster their wireless capacity by uniting new Wi-Fi Cisco Compatible Extensions (CCX) for Tags, Cisco's WLAN infrastructure, its wireless location appliance and its IP telephony products with products from third parties. Talk about the security goals that were part of this.
The goal was to work to integrate products not just from [Cisco] but with third parties. The security implication is that we can have an environment where products are tested together and some of the different security scenarios can be looked at, taking the burden off of the integrator and off of the customers themselves. What are some specific wireless security procedures Cisco advocates?
We believe a secure architecture is based on three components, in addition to best practices that must be followed by the enterprise such as strong password rules and enforcement policies. First, with the wireless and LAN-based solutions, one of the key things is ensuring the security back to the network from the client device is of the highest level possible. For that we recommend standards like IEEE (Institute of Electrical and Electronic Engineers) 802.11i and WPA2 (the Wi-Fi Alliance certification program for products that implement IEEE 802.11i security enhancements). If someone is using a wireless network outside the enterprise, we highly recommend they use a VPN when they need to connect back to the corporate network from the outside. The second component is protecting the device itself and ensuring that as more and more devices come with embedded wireless cards that you protect that device from nefarious activity in an untrusted environment like an airport or cafe. The third component is that when a device comes back inside the enterprise network that the network is protected from the accidental introduction of malware. What is Cisco is doing to bolster security?
We've taken steps to integrate the NAC (network access control) appliance and framework with our wireless LAN infrastructure so no matter how the device connects back into the enterprise, whether it's through a wired connection or a wireless LAN connection, the same security enforcement policies are applied and the enterprise network -- wired and wireless -- is protected.
Cisco Systems security:
Cisco users upbeat about security direction: Cisco customers say the vendor's security strategy is headed in the right direction, which is why they believe the networking giant's IronPort integration will be smooth sailing.

Cisco vows to maintain IronPort tech, talent: As it completes the purchase of IronPort Systems, Cisco vows to maintain IronPort's talent base and make investments to keep its newly-acquired technology fresh.
Cisco's latest wireless products are 8021.11i/WPA2 compatible, correct?
Absolutely correct. All of Cisco's enterprise-class products are up to the 802.11i standard and have been for some time. Cisco's wireless LAN equipment is part of the Wi-Fi Alliance's test bed, which shows how well the equipment performs. It's what all other technology is tested against. Cisco CEO John Chambers has really played up the concept of the Self-Defending Network in recent years. Explain how Cisco's latest work on the mobile front ties into the concept.
What we've done on the mobile side ties in quite well with the Self-Defending Network. We have integrated the Cisco NAC framework and appliance with the Cisco Unified Wireless Network so the same policies for protecting the network have now been introduced into the wireless networking infrastructure, in a way where the IT departments still manage only one set of policies that are applied equally to wired and wireless no matter how the device is being connected to the network. Another security issue that has been raised in the past is how well -- or not -- different vendors work together, even if they are competitors in certain areas, to ensure compatibility with other pieces of the IT infrastructure. One example is Cisco working with Microsoft to bridge the NAC-NAP gap. Talk about what you are doing on the wireless side to ensure compatibility with other infrastructure products that might be part of a company's network.
A large part of this is still within our NAC initiative. Clearly, the convergence trend of devices having multiple types of connections is accelerating and so the types of partnerships we have with other companies works to solve some of the security issues that have traditionally occurred with clients on the wired side that are now on the wireless side. [Meanwhile], we continue to be a strong supporter of the testing being done by the Wi-Fi Alliance to ensure there's a good baseline of interoperability.
This Content Component encountered an error

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close