Upgrades to software for Cisco's ASA 5500 family of multifunction security appliances add antimalware protection to the devices'
core firewall/VPN capabilities. The upgrades were made in partnership with Trend Micro.
 Related linksTim Greene is a senior editor at Network World, covering virtual private networking gear, remote access, network admission
control, and aspects of VoIP and security. You can reach him at tgreene@nww.com.
Also in conjunction with Trend Micro, users of the devices can buy an antispam service that Cisco says can knock down 80%
of spam. Local software draws on Trend Micro's database of e-mail addresses and their associated reputation for being the
source of unwanted e-mail.
The new software also adds application filtering to the functionality of the devices, so they can block certain traffic that
network executives don't want running on the network.
The upgrades give the ASA devices the ability to assess devices that are trying to access networks to determine if they meet
corporate security policies before they are allowed access. This fits into Cisco's Network Admission Control (NAC) framework
that describes how to check the endpoints and how to enforce admission policies. This implementation requires deployment of
Cisco's Security Agent on the end device that is trying to gain access.
All this new capability adds up to a potentially versatile device, assuming customers want all that functionality and assuming
they want it all from one vendor. As is often noted, the alternative is picking and choosing among vendors of firewall, VPN,
application firewall and other technologies. Some call that best-of-breed selection.
But for companies that want a range of protections and can't afford the time, money or training to pick and choose, this type
of device can be the better choice.
|
