Network equipment giant Cisco Systems is teaming with the top three antivirus vendors on a new program that essentially lets routers reject laptops, PDAs and other devices that do not conform to corporate security policies.
The Cisco Network Admission Control program represents a federated approach to stopping malicious code from entering an enterprise through unprotected mobile devices or home PCs trying to access the company network. Such a weakness in security policies is believed to be one reason behind the year's biggest worm and virus outbreaks -- Slammer, Blaster and Sobig-F.
The joint project reflects the need for collaboration to combat threats created by the growing number of software vulnerabilities, an upswing in exploit code and proliferation of remote users. Those using unprotected laptops, home PCs, hotel connections or unauthorized wireless devices are particularly problematic.
"We, as an industry, need to put aside our differences and solve the problem," said Cisco president and CEO John Chambers. The CEOs of Network Associates, Symantec and Trend Micro, who jointly developed the program with Cisco, joined Chambers in Tuesday's announcement.
Key to the program is the new Cisco Trust Agent, a software client that must be installed on PCs and mobile devices that connect to the corporate network. The agent will gather data from other clients -- including antivirus software -- and relay to routers and other network devices whether the machine's security patches and antivirus signatures are up to date. Those out of compliance, or not registered with the program, will be banned from the network or given limited access.
Though the largest antivirus vendors took part in Cisco Network Admission Control's formation, the program eventually will integrate with other security companies' solutions. The ultimate goal is to enable routers and switches to enforce access privileges and force compliance on reluctant or recalcitrant end users.