CISCO SECURITY ANNOUNCEMENTS - February 19, 2003

Un po di novita' da parte di Cisco Security...



Latest Cisco Security Announcements 

NEW Cisco Integrated Network Security Solutions Help Protect
Productivity and Reduce Costs 

Cisco integrated network security solutions enable organizations to
protect their connected business assets from threats and increase
operating efficiencies for intrusion protection, firewalls, VPNs and
security management software. Cisco new advancements deliver efficient
intrusion protection by providing accurate detection, intelligent
investigation, ease of management, and flexible deployment. These
innovations are coupled with performance acceleration in new IDS 4250-XL
sensors, Catalyst 6500 IDS Modules and VPN modules for PIX Firewalls. In
addition, enhanced VPN remote access and routing integration is now
included with PIX Firewalls. 

Portfolio of NEW Products and Features Include:

Cisco IDS 4250-XL Sensor Appliance 
Cisco IDS Sensor Software Version 4.0 
Cisco Catalyst 6500 Series Intrusion Detection System (IDSM-2) Services
Module 
Cisco Threat Response Technology 
Cisco PIX Firewall Enhancements 
Cisco Security Agent (Okena StormWatch) 
SAFE Blueprint Enhancements- A Layer 2 Network Attacks White Paper




Cisco IDS 4250-XL Sensor Appliance
Back to top 

At 1 Gbps, the Cisco IDS 4250-XL provides unprecedented performance by
providing customized hardware acceleration to protect fully-saturated
gigabit links as well as multiple partially-utilized gigabit subnets.
Existing owners of Cisco IDS 4250 can upgrade to IDS 4250 -XL

Ordering Information
Cisco IDS-4250-XL-K9
US List Price- $39,995 Orderability- March, 2003

For More Information:
Cisco IDS 4250-XL Sensor : 
http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_data_shee
t09186a008014873c.html 

Cisco Intrusion Detection System Solution :
http://www.cisco.com/en/US/products/sw/secursw/ps2113/products_data_shee
t09186a008014873f.html

Complete Intrusion Protection Presentation :
http://www.cisco.com/en/US/customer/products/sw/secursw/ps2113/prod_pres
entation_list.html

Case Study: M.D. Anderson Cancer Center :
http://www.cisco.com/en/US/netsol/ns110/ns170/ns171/ns292/networking_sol
utions_customer_profile09186a0080145b1e.html 






CiscoIDS Sensor Software Version 4.0 
Back to top 

Providing unprecedented security, the Cisco IDS 4.0 is the core of the
Cisco Intrusion Protection. It is designed to accurately identify and
classify known and unknown threats targeting your network, including
worms, denial-of-service (DoS), and application attacks. The first step
in delivering an efficient and secure intrusion protection system is
accurately detecting all possible threats. To achieve this goal,
multiple detection methods are employed, thus ensuring comprehensive
coverage. The methods include stateful pattern recognition, protocol
analysis, traffic anomaly detection, and protocol anomaly detection. In
addition, Cisco IDS 4.0 enhances the capability to prevent detected
attacks from reaching their targets. And, several ease-of-use features
are integrated to maximize efficiency. 

For More Information :
http://www.cisco.com/en/US/products/sw/secursw/ps2113/products_data_shee
t09186a008014873f.html 





Cisco Catalyst 6500 Series Intrusion Detection System (IDSM-2) Services
Module
Back to top 

A second-generation IDS service module for the Cat 6500 series, Cisco
IDSM-2 provides 600Mbps of performance. The IDSM-2 works by inspecting
packets traversing customer networks and comparing them to pre-assigned
signatures-searching for patterns consistent with known network attacks.

Features and Benefits : 
Cisco is the only vendor to provide an in-switch IDS solution supplying
access to the data stream via VLAN access control list (VACL) capture
capable of supporting an unlimited number of VLANs 
Transparent operation via passive, promiscuous operation that inspects
copies of packets via VACL capture and Switch Port Analyzer/Remote SPAN
(RSPAN/SPAN) without exposing the network to performance degradation or
downtime if the unit needs maintenance because it is not in the
switch-forwarding path 
One-rack-unit size takes up only a single slot in the Cisco Catalyst
chassis making it an effective platform across all Catalyst chassis,
from the 3-slot Catalyst 6503 Switch to the largest chassis available,
allowing as many modules to be installed simultaneously as desired
providing protection for a greater number of VLANs and traffic 
500 megabits per second (Mbps) of IDS inspection provides high-speed
packet-examination capabilities and allows for more protection of a
wider variety of networks and traffic 
Multiple techniques for capture and actions including SPAN/RSPAN as well
as VACL capture combined with shunning and TCP resets allows customers
to monitor various network segments and traffic while the product
provides timely action to mitigate threats 
Uses the same code as the award-winning Cisco IDS network appliances
allowing users to standardize on a single management technique and makes
installation, training, operation, and support simpler and faster while
taking advantage of Cisco IDS comprehensive attack recognition and
signature coverage 
Improved management techniques such as support by the Cisco VMS 2.1
security bundle, as well as built-in Cisco IDS Device Manager (IDM) and
IDS Event Viewer (IEV) local management capabilities and CLI support
make the IDSM-2 easier to manage and more capable of detecting and
responding to threats while alerting operators to potential attacks. In
addition, the new option makes management of multiple devices across
wide and varied networks much simpler 
Cisco IDSM-2 Part Numbers
WS-SVC-IDS2-BUN-K9
US List Price - $29,995 Orderability- March, 2003

For More Information :
Cisco Catalyst 6500 Intrusion Detection System (IDSM-2) Services Module
:
http://www.cisco.com/en/US/products/hw/modules/ps2706/products_data_shee
t09186a0080148727.html 





Cisco Threat Response Technology
An Intrusion Protection Security Solution : What Security Personnel Need
to Know 
Back to top 

Monitoring and identification of alarms can be very time consuming
process, especially when many of the alarms are false alarms.Cisco
Threat Response works with Cisco Network IDS to virtually eliminate
false alarms, escalate real attacks, and aid in the remediation of
costly intrusions. Unlike other intrusion-management solutions, this
technology provides an automated, just-in-time analysis of each targeted
host to determine whether a compromise has actually occurred. The
automated, real-time capabilities of this technology help protect your
network environment around the clock. 

For More Information :
http://www.cisco.com/en/US/products/sw/secursw/ps5054/products_white_pap
er09186a0080148743.shtml 

  




Cisco PIX Firewall Enhancements
Back to top 

The Cisco PIX Firewall Software Version 6.3 delivers a wealth of new
features including OSPF dynamic routing, VLAN-based virtual interface
support, and expanded VoIP and multimedia security. It also provides
numerous VPN performance, scalability, and reliability enhancements
including support for the new Advanced Encryption Standard and Easy VPN
Remote enhancements. The new VPN Acceleration Card+ (VAC+) provides up
to 400% more encrypted throughput, and customers can now easily take
advantage of these services via the improved Cisco PIX Device Manager
software v 3.0 for simplified, Web-based device management.

New VAC+ card will soon be shipping standard with all PIX 515-UR, PIX
525-UR, PIX 535-UR.VAC+ card will be available separately for $3,750

Features : 
Enterprise-Class Security 
Virtual LAN (VLAN)-based virtual interfaces 
Open Shortest Path First (OSPF) dynamic routing 
Secure Hypertext Transfer Protocol (HTTPS) authentication proxy 
Local user authentication database 
HTTPS and FTP Web request filtering via enhanced Websense integration 
Advanced Encryption Standard (AES) 
VPN Acceleration Card+ (VAC+) 
VPN NAT transparency 
Custom IKE port numbers 
Integrated Dynamic Host Configuration Protocol (DHCP) server support on
multiple interfaces 
Small Office and Home Office 
Cisco Easy VPN Remote (hardware VPN client) enhancements 
DHCP relay 
PAT for Point-to-Point Tunneling Protocol (PPTP) 
PAT for IPSec 
Increased number of IPSec VPN peers supported on Cisco PIX 501 Firewalls

For More Information:
Cisco PIX Firewall Software Version 6.3 :
http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_data_shee
t09186a0080148714.html

Cisco PIX Device Manager 3.0 :
http://www.cisco.com/en/US/products/sw/netmgtsw/ps2032/products_data_she
et09186a008014871d.html

Cisco PIX Firewall VPN Accelerator Card Plus (VAC+) :
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_data_shee
t09186a0080148722.html 






Cisco Security Agent (Okena StormWatch)
Back to top 

Cisco recently announced its intent to acquire Okena which provides
integrated end point security. This product is available today as an OEM
product. The Cisco Security Agent provides host Intrusion Prevention,
Distributed Firewall, malicious mobile code protection, Operating System
integrity assurance, and audit log consolidation all with a single
agent. It goes beyond conventional host/desktop security solutions by
identifying and preventing malicious behavior before it can occur,
thereby removing potential known and unknown security risks.

For More Information:
http://www.cisco.com/en/US/products/sw/secursw/ps5057/products_data_shee
t09186a0080144669.html 





SAFE Blueprint Enhancements- A Layer 2 Network Attacks White Paper
Back to top 

The SAFE Enterprise white paper published by Cisco Systems discusses
various network attacks on a large-scale enterprise network. These
network attacks are based on the premise that each device on the network
is a potential target. During the time since the original publication
date of the SAFE Enterprise white paper, significant research on network
attacks has been conducted, focusing on Layer 2 of the OSI reference
model. This research has prompted the need for an update to the white
paper focusing on more specific requirements to protect Layer 2 in the
network infrastructure.

For More Information:
http://www.cisco.com/en/US/netsol/ns110/ns170/ns171/ns128/networking_sol
utions_implementation_white_paper09186a008014870f.shtml




-------------------- --- --  -  - 
 Marco Misitano, CISSP              
 Enterprise Consulting, Security    
 Cisco Systems Italy, Milano        
 Via Torri Bianche, 7               
 20059, Vimercate, MI 
--------- --- -- - -  -   -    

________________________________________________________
http://www.sikurezza.org - Italian Security Mailing List