Cisco Tuesday announced the Cisco IPS Sensor v. 7.0, adding what it calls "reputation analysis" to augment the signature-based defense of the intrusion-prevention system.
This means that the Cisco IPS is able to detect and block traffic based on an analysis of threat intelligence aggregated and correlated by Cisco through a worldwide array of 700,000 sensors, says Fred Kos, director of security solutions and marketing at Cisco. This information will be used for both automated response in security gear and written reports for guidance for managers.
He says much of that threat intelligence is coming from ISPs making the data available to Cisco through the sensors. "Until now, we've relied on attack signatures," says Kos, saying the use of threat data means a way to determine bad traffic based on information obtained quickly across the world.
Cisco also announced Adaptive Security Appliance v.8.2 as an upgrade that adds a botnet-filtering capability to Cisco's ASA 5500 line of multi-purpose security appliances so they can identify infected computers and block them from "calling home" to botnet master trying to control them.
This filtering capability will also be assisted with the threat intelligence gathered by Cisco's Security Intelligence Operations receiving information from over 700,000 sensors and 500 third-party feeds.
Cisco owns the online collaboration service Webex and today Cisco announced an update to its Webex Collaboration Cloud service to extend the ability to attend Web conferences via the iPhone and 3G browsers, plus Nokia, Blackberry, Samsung smart phones. The new Webex cloud also has an "attentiveness monitor" to observe whether someone attending a Webex Conference is actually doing something else on their computer.
In related news, Cisco also said in July it will make available the Webex Node for ASR 1000 Series, which is specialized software for the ASR 1000 edge router to optimize bandwidth, video and VoIP performance for organizations making use of Webex meetings internally via the Internet-based WebEx Collaboration Cloud.
"If you have a lot of people attending a meeting, it allows you to consolidate traffic rather than have 1000 connections though the firewall," Kos points out about the Webex Node for the ASR 1000 Series. It will bring bandwidth and quality advantages, he says, "and you still have failover, plus more policy control."
One thing Cisco won't be talking about officially at RSA is the topic it stressed at last year's RSA Conference - a deal with EMC's RSA division to incorporate the RSA data-leak prevention technology into Cisco networking gear. "We've been working with them but we haven't made any big announcements yet," says Kos.
Cisco this week will be publishing its security-design and architecture, dubbed the SAFE Architecture, as a set of documents to describe ways to configure and use Cisco-based products securely. In addition, Cisco is now offering professional services for IT Governance, Risk Management and Compliance, a security assessment of business infrastructure.