Cisco Security System Shuts Out Third-Party Tools

alphadogg writes "Cisco has finally publicly acknowledged it won't add support for new third-party devices to its security information and event monitoring appliance, ending months of speculation about the future of its Monitoring, Analysis and Response System. Some claim it's the beginning of the end for MARS as a multi-vendor SIEM device. 'MARS customers can expect non-Cisco network device data and signature updates to continue for currently supported third-party systems, but no new third-party devices will be added,' Cisco declared in a statement, noting that 'Cisco MARS continues to focus on supporting Cisco devices for threat identification and mitigation.' Cisco's SIEM competitors this week have eagerly grabbed at the topic of Cisco MARS freezing third-party support because of a Gartner research memo published Oct. 29 in which analyst Mark Nicolett stated, 'Cisco has quietly begun informing its customers of a decision to freeze support for most non-Cisco event sources with its [MARS].'"

DMCA Borks Homeland Security, Film at 11

[girlintraining]

Since SIEM equipment is typically used to consolidate alert and event data from multiple vendor sources...

Isn't that quaint! All these demands by the government to secure and protect critical "cyber"-resources, and here we have a major vendor basically giving the middle finger to that initative, making it more expensive and difficult to accomplish that objective. Once again two government initatives are at odds with each other: You have the DMCA and copyright advocates on one side, who have made overriding vendor lock-in by creating interoperability illegal, and national security interests on the other side asking ISPs and internet-connected networks to be secure.

Cisco won't allow legitimate owners to patch

[overThruster]

Cisco doesn't allow legitimate owners of their hardware to apply security patches without an exorbitantly expensive software subscription. I found this out when I purchased some of their hardware on ebay for self-study purposes. Personally, I think that's a bigger issue. It means that many individuals and small businesses out there are probably running outdated, insecure versions of their software. Not good!

Security patches should be freely available for the good of the whole Internet community.