Highly distributed architecture designed to enable "Borderless Networking" concept

Tim Wilson, Editor in Chief, Dark Reading, Contributor

February 14, 2011

2 Min Read

SAN FRANCISCO -- RSA Conference 2011 -- Cisco today launched its SecureX Architecture, a highly distributed, "context-aware" architecture designed to support its Borderless Networks approach.

Borderless Networking is Cisco's networking road map, which defines methods for enabling users to access corporate data with equal security regardless of the location or device they are using.

SecureX is a highly distributed architecture that manages enforcement elements, such as firewalls, Web proxies, and intrusion prevention systems, with higher-level policy language that is context-aware, according to Cisco.

"These next-generation scanning elements are independent of the physical infrastructure and can be deployed as appliances, modules, and cloud services," Cisco says. "Better suited to address today's security challenges, they are designed to know exactly who a user is, what role that user plays in the organization, and whether that user should be allowed access."

The context-aware concept means IT systems will understand who a user is, what department they are in, how they are connecting to the network, and where they are at the time of access, says Ambika Gadre, senior director of the Cisco Security Technology business unit. Using this context, the network can make better decisions on who the user is and whether they should be allowed to connect to the network, she says.

SecureX includes new context-aware policy language that helps manage the context-aware enforcement elements, the company says. It also includes Cisco AnyConnect, which tethers any device, from anywhere, into the security fabric. It supports Cisco's virtual data center switching capabilities and includes Cisco Security Intelligence Operations, a cloud-based service that provides global context and threat intelligence.

The network will gather the context through TrustSec, which tags packet streams with information about where they come from and how they were generated, Gadre says.

Aside from SecureX, Cisco says it is adding context-aware capabilities for the Cisco Adaptive Security Appliance, the company's firewalling and policy enforcement technology. By combining local context using Cisco TrustSec, global context from Security Intelligence Operations, and mobile insight from AnyConnect, the Cisco ASA allows businesses to gain visibility into their network infrastructures and create better policies that correspond to business rules, Cisco says.

Cisco also is enhancing AnyConnect to include real-time, client-based threat telemetry for Security Intelligence Operations. "Telemetry from existing Cisco security services for email, Web, intrusion prevention, firewall, and cloud security services will enable powerful global context and threat intelligence, ensuring fast and focused protection against a full range of malicious activity," Cisco says.

Have a comment on this story? Please click "Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.

About the Author(s)

Tim Wilson, Editor in Chief, Dark Reading

Contributor

Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one of the top cyber security journalists in the US in voting among his peers, conducted by the SANS Institute. In 2011 he was named one of the 50 Most Powerful Voices in Security by SYS-CON Media.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights