Cisco tackles worms with network gatekeeper

By Steve Malone

Posted on 19 Nov 2003 at 09:59

Networking giant Cisco Systems has come up with a solution which will enable system administrators to block off computers and other devices from attaching themselves to sensitive networks.

The Cisco Network Admission Control program has been developed in collaboration with a number of security companies including Network Associates, Symantec, and Trend Micro.

Cisco has identified a problem whereby administrators have managed to prevent attacks through firewalls and mail servers yet have fallen victim to viruses and worms which are spread when an infected PC via a mobile or guest user logs directly into the network.

To address this issue, the Network Admission Control (NAC) program interrogates the attached device. If it finds the machine does not have adequate AV software or recent patches installed on it, the NAC can restrict access to the network at the router level.

Part of the defence is the Cisco Trust Agent which is installed on a remote PC and communicates with the Cisco network. The Trust Agent collects information about the security status of the machine (such as level of AV software) and sends the information to the connected Cisco network. The network can then set the level at which that machine can be 'trusted'. As part of the alliance, Cisco has licensed the Cisco Trust Agent technology to its AV partners so it can be integrated into future products.

Cisco says that the Network Admission Control system will be supported on its access and mid-range routers by the middle of 2004. It also says it will extend the technology to its range of switches, wireless access points and security appliances in the future.