Antivirus vendors propose worm lockdown technology

Cisco Systems Inc [CSCO], Networks Associates Inc [NET], Symantec Corp [SYMC] and Trend Micro Inc [TMIC] are working together to extend virus knowledge to the network and help mutual customers deal with worm attacks.

Cisco has launched the Network Admission Control program, an initiative under which it is opening some host security APIs free of charge to third parties, so they can have their technologies interoperate with Cisco network access control systems.

The company envisages a system whereby policies can be written that allow computers infected by viruses, or vulnerable to infection by virus, to be prevented from spreading the infection by disconnecting them or isolating them on the corporate network.

The system will comprise existing Cisco products, including its Security Agent host intrusion detection software and its Radius policy server. New is the Cisco Trust Agent, which will be built into NAI, Symantec and Trend software and will be added next year.

The Trust Agent sits on hosts, compiles security state data, such as OS patch level or last virus update time, and provides it to the policy server. If the server detects a policy violation it can instruct Cisco routers to quarantine the machine to a safe VLAN or block traffic from it completely.

This article was based on material originally published by ComputerWire.

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

Sign up for our regular news round-up!

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

I would also like to subscribe to:

Thank you for subscribing