Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


Product Watch: Cisco Unveils New Security Architecture

Highly distributed architecture designed to enable "Borderless Networking" concept

SAN FRANCISCO -- RSA Conference 2011 -- Cisco today launched its SecureX Architecture, a highly distributed, "context-aware" architecture designed to support its Borderless Networks approach.

Borderless Networking is Cisco's networking road map, which defines methods for enabling users to access corporate data with equal security regardless of the location or device they are using.

SecureX is a highly distributed architecture that manages enforcement elements, such as firewalls, Web proxies, and intrusion prevention systems, with higher-level policy language that is context-aware, according to Cisco.

"These next-generation scanning elements are independent of the physical infrastructure and can be deployed as appliances, modules, and cloud services," Cisco says. "Better suited to address today's security challenges, they are designed to know exactly who a user is, what role that user plays in the organization, and whether that user should be allowed access."

The context-aware concept means IT systems will understand who a user is, what department they are in, how they are connecting to the network, and where they are at the time of access, says Ambika Gadre, senior director of the Cisco Security Technology business unit. Using this context, the network can make better decisions on who the user is and whether they should be allowed to connect to the network, she says.

SecureX includes new context-aware policy language that helps manage the context-aware enforcement elements, the company says. It also includes Cisco AnyConnect, which tethers any device, from anywhere, into the security fabric. It supports Cisco's virtual data center switching capabilities and includes Cisco Security Intelligence Operations, a cloud-based service that provides global context and threat intelligence.

The network will gather the context through TrustSec, which tags packet streams with information about where they come from and how they were generated, Gadre says.

Aside from SecureX, Cisco says it is adding context-aware capabilities for the Cisco Adaptive Security Appliance, the company's firewalling and policy enforcement technology. By combining local context using Cisco TrustSec, global context from Security Intelligence Operations, and mobile insight from AnyConnect, the Cisco ASA allows businesses to gain visibility into their network infrastructures and create better policies that correspond to business rules, Cisco says.

Cisco also is enhancing AnyConnect to include real-time, client-based threat telemetry for Security Intelligence Operations. "Telemetry from existing Cisco security services for email, Web, intrusion prevention, firewall, and cloud security services will enable powerful global context and threat intelligence, ensuring fast and focused protection against a full range of malicious activity," Cisco says.

Have a comment on this story? Please click "Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message. Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-01-28
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-35128. Reason: This candidate is a reservation duplicate of CVE-2020-35128. Notes: All CVE users should reference CVE-2020-35128 instead of this candidate. All references and descriptions in this candidate have been removed to preve...
PUBLISHED: 2021-01-28
A cross-site scripting (XSS) vulnerability in the assets component of Mautic before 3.2.4 allows remote attackers to inject executable JavaScript through the Referer header of asset downloads.
PUBLISHED: 2021-01-28
An issue was discovered on Accfly Wireless Security IR Camera 720P System with software versions v3.10.73 through v4.15.77. There is an unauthenticated stack-based buffer overflow in the function CNetClientManage::ServerIP_Proto_Set during incoming message handling.
PUBLISHED: 2021-01-28
An issue was discovered on Accfly Wireless Security IR Camera System 720P with software versions v3.10.73 through v4.15.77. There is an unauthenticated heap-based buffer overflow in the function CNetClientTalk::OprMsg during incoming message handling.
PUBLISHED: 2021-01-28
An issue was discovered on Accfly Wireless Security IR Camera System 720P with software versions v3.10.73 through v4.15.77. There is an unauthenticated stack-based buffer overflow in the function CNetClientGuard::SubOprMsg during incoming message handling.