Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cisco Evolving Into A Security Company

Posted by Zonk on from the the-more-things-change dept.

ChipGuy writes "Om Malik has an opinion piece stating his opinion that Cisco Systems is slowly becoming a security company, a move which may prove problematic for traditional security vendors like Symantec. Cisco has bought its way into the market, worried about the security moves of its main rival, Juniper Networks. The company expects to make major announcements at the RSA Conference later this week. "

9 of 196 comments (clear)

  1. Kind of like by Dachannien · · Score: 4, Funny

    Cisco is becoming a security company - sort of like how Microsoft is becoming a security company.

    1. Re:Kind of like by In-Doge · · Score: 5, Interesting

      Indeed.

    2. Re:Kind of like by Alsee · · Score: 4, Interesting

      You're more right than you realize.

      Microsoft and Cisco are both becoming "security companies" in the sense that "security" == "enforcing Trusted Computing". First I'll skim over the Windows issue, then I'll cover this new and insane threat from Cisco.

      I assume we've all heard of Palladium. Well the next Windows release, Longhorn, *is* Palladium. Microsoft's own website documents that:
      The Next-Generation Secure Computing Base (NGSCB) is new security technology for the Microsoft® Windows® platform. It will be included as part of an upcoming version of the Microsoft Windows operating system, code-named "Longhorn."...

      "SSC" refers to the Security Support Component, a new PC hardware component...

      The term "SSC" is generally interchangeable with "TPM" or trusted platform module. The TPM is a secure computing hardware module specified by the Trusted Computing Group

      While Longhorn will likely technically run on a non-trusted computer, Microsoft has elswhere documented that it will go into a brain-damged cripple mode and lock you out of the full desktop graphics interface mode. Microsoft has documented that only Trusted Compliant hardwill will be "CertifiedWindowsCompatible". And we all know no PC manufacturer can afford to sell new PC's that are not CertifiedWindowsCompatible and which only run with a crippled and downgraded interface. Whebn Longhorn rolls out the simple fact is that ALL new PCs will ship with Trusted Computing compliant hardware. No major PC manufacturer can afford to do otherwise. At least one manufacturer - Samsung - has already declared that they are nor manufacturing nothing but Trusted compliant machines.

      And now for Cisco. Cisco Cisco Cisco.

      Some time ago Slashdot ran this story: Cisco Working to Block Viruses at the Router. Sounds wonderful, right? What the Slashdot story missed was that it does not actually have anything to do with routers blocking viruses. What it actually is is Cisco's new Network Admission Control (NAC). Anyone attempting to research exactly what Network Admission Control is and exactly how it works will find very little information available. Most Trusted Compuing projects tend to bury the fact that they are Trusted Computing based because they know it will draw anger and bad press, but Network Admission Control it a real whopper. I can back it up better with bits and peices from various sources, but this source has just enough details in one place to pin it down. The title is "Cisco, others plan to ban insecure PCs". The last few paragraphs state that it requires "new hardware" and states that it will "spur sales of PCs and devices that use trusted-computing hardware". If you read tha article it should be quite clear how it functions. Any computer which attempts to connect to the router and request a net connection must be running a Cisco Trust Agent. That Trust Agent only works on a Trusted Computing compliant computer. If you don't have a Trusted Computer then you are denied access to the net. The Trust agent then scans the operating system and software running on your computer and reports it to the router. If you are not running an approved operating system and running selected MANDATORY software then you are denied access to the net. The advertized purpose is to ensure that you have all of the latest operating system patches and that you are running an approved (mandatory) firewall and/or virus scanner. Of course it can be arbitrarily configured to make absolutely any kind of software mandatory, but the firewall and virus scanner are the ones they hype. And that where the silly Slashdot title about "Blocking viruses at the router" came from. It doesn't block viruses at the router, the router BANS computers that are not Trusted Compliant and it CAN be configured to enfor

      --
      - - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
  2. Or by venicebeach · · Score: 4, Insightful

    They are still a "networking" company and networks are becoming security battlefields.

  3. competition - not a bad thing by ngc.for.life · · Score: 5, Insightful

    "a move which may prove problematic for traditional security vendors like Symantec."

    Which means competition and is therefore good for the user.

    Apart from that, another company concerned about security is no bad thing.

  4. Cisco has hardware by rkcallaghan · · Score: 5, Insightful

    And some pretty good stuff, I might add. Popular with PHBs, too. Can we say "No one ever got fired for buying [Cisco]." yet?

    This is going to be their major advantage when it comes to security, even down to the linksys brand for home users.

    Good, proactive hardware provides real security. Bloaty, reactive software (Norton AV) goes down with the sinking ship (an exploding windows box).

    Software, and security software has its purpose and can have value, but Cisco's advantage doesn't lie there.

    ~Rebecca

  5. SSH by cyberkahn · · Score: 5, Interesting



    And it took them how long to get SSH into the IOS? Give me a break. They are going to have to move at a lot faster pace if they want to be a security company.

  6. They have said this for awhile BUT..... by flinxmeister · · Score: 4, Insightful

    ...when you ask them why you must use plaintext telnet to maintain routers you bought as recently as a year or two ago...they mumble around and then say "have you heard of our self defending networks?"

    Then there are other little things, like the limited authentication options unless you spend bookoo bucks...or the very limited logging/audit functions...or the way PIX assumes all 'outgoing' connections are valid (the very concept of 'outgoing' is a SOHO concept and not an enterprise firewalling concept)...ugh...don't get me started on the pix....

    The more you look at Cisco products hands-on, it just highlight what Cisco does: Make networking products.

    Granted, they make networking products *very* well and I wouldn't hesitate to recommend them over anyone else. But myself and just about every security pro I know sees them as networking devices with security kind of bolted on...NOT security devices. It's more like some IOS networking programmers tried to figure out what security folks need instead of researching what's actually going on out there or getting some real world infosec experience.

    If they are becoming a security company, great. But they've said this for awhile now and it hasn't changed the fact that the focus is networking networking networking.

  7. Similar, not the same though. by anti-NAT · · Score: 4, Informative

    While I'm not defending the issues listed on that page, Microsoft are directly responsible for the flaws in their software, as they wrote it, where as the products described on the Attrition site came to Cisco via acquisition (the ONS products came from Pirelli (I think the same company that make tires and very "interesting" calendars)), in times when security probably wasn't one of the checkpoints on the due diligence list.

    The only "true" Cisco products are routers, IOS, and more recently the IOS that is on the CRS-1. The security record for IOS has been pretty resonable, when you consider that it has and will always be "exposed" to the Internet.

    --
    The Internet's nature is peer to peer - 20050301_cs_profs.pdf