Does security fit into Cisco's wireless agenda?

Interview

Does security fit into Cisco's wireless agenda?

Bill Brenner, Senior News Writer
At the Interop conference in May, Cisco said it would help the healthcare, retail and energy industries bolster their wireless capacity by uniting new Wi-Fi Cisco Compatible Extensions (CCX) for Tags, Cisco's WLAN infrastructure, its wireless location appliance and its IP telephony products with products from third parties. Talk about the security goals that were part of this.
The goal was to work to integrate products not just from [Cisco] but with third parties. The security implication is that we can have an environment where products are tested together and some of the different security scenarios can be looked at, taking the burden off of the integrator and off of the customers themselves. What are some specific wireless security procedures Cisco advocates?
We believe a secure architecture is based on three components, in addition to best practices that must be followed by the enterprise such as strong password rules and enforcement policies. First, with the wireless and LAN-based solutions, one of the key things is ensuring the security back to the network from the client device is of the highest level possible. For that we recommend standards like IEEE (Institute of Electrical and Electronic Engineers)

    Requires Free Membership to View

    Login

    SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!

    Michael S. Mimoso, Editorial Director

    By submitting your registration information to SearchSecurity.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchSecurity.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

802.11i and WPA2 (the Wi-Fi Alliance certification program for products that implement IEEE 802.11i security enhancements). If someone is using a wireless network outside the enterprise, we highly recommend they use a VPN when they need to connect back to the corporate network from the outside. The second component is protecting the device itself and ensuring that as more and more devices come with embedded wireless cards that you protect that device from nefarious activity in an untrusted environment like an airport or cafe. The third component is that when a device comes back inside the enterprise network that the network is protected from the accidental introduction of malware. What is Cisco is doing to bolster security?
We've taken steps to integrate the NAC (network access control) appliance and framework with our wireless LAN infrastructure so no matter how the device connects back into the enterprise, whether it's through a wired connection or a wireless LAN connection, the same security enforcement policies are applied and the enterprise network -- wired and wireless -- is protected.
Cisco Systems security:
Cisco users upbeat about security direction: Cisco customers say the vendor's security strategy is headed in the right direction, which is why they believe the networking giant's IronPort integration will be smooth sailing.

Cisco vows to maintain IronPort tech, talent: As it completes the purchase of IronPort Systems, Cisco vows to maintain IronPort's talent base and make investments to keep its newly-acquired technology fresh.
Cisco's latest wireless products are 8021.11i/WPA2 compatible, correct?
Absolutely correct. All of Cisco's enterprise-class products are up to the 802.11i standard and have been for some time. Cisco's wireless LAN equipment is part of the Wi-Fi Alliance's test bed, which shows how well the equipment performs. It's what all other technology is tested against. Cisco CEO John Chambers has really played up the concept of the Self-Defending Network in recent years. Explain how Cisco's latest work on the mobile front ties into the concept.
What we've done on the mobile side ties in quite well with the Self-Defending Network. We have integrated the Cisco NAC framework and appliance with the Cisco Unified Wireless Network so the same policies for protecting the network have now been introduced into the wireless networking infrastructure, in a way where the IT departments still manage only one set of policies that are applied equally to wired and wireless no matter how the device is being connected to the network. Another security issue that has been raised in the past is how well -- or not -- different vendors work together, even if they are competitors in certain areas, to ensure compatibility with other pieces of the IT infrastructure. One example is Cisco working with Microsoft to bridge the NAC-NAP gap. Talk about what you are doing on the wireless side to ensure compatibility with other infrastructure products that might be part of a company's network.
A large part of this is still within our NAC initiative. Clearly, the convergence trend of devices having multiple types of connections is accelerating and so the types of partnerships we have with other companies works to solve some of the security issues that have traditionally occurred with clients on the wired side that are now on the wireless side. [Meanwhile], we continue to be a strong supporter of the testing being done by the Wi-Fi Alliance to ensure there's a good baseline of interoperability.