View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
January 12, 2006

Cisco to extend anomaly-detection

Cisco Systems Inc plans to extend the anomaly-detection capability from its host client and DDoS mitigation technology into its IPS offering, as well as allowing all its security offerings to correlate information across a corporate network.

By CBR Staff Writer

Bob Gleichauf, VP and CTO of the San Jose, California-based networking company’s security technology group, said imbuing the IPS portfolio of appliances and modules with anomaly detection is key to overcoming the limitations of signature-based inspection in the context of encrypted traffic. I hear lots of dedicated IPS vendors saying how much traffic their products can inspect, but they never mention the fact that they’re forwarding all the encrypted stuff, he said.

Cisco already has anomaly-detection in both its Cisco Security Agent, CSA, software client for host devices (PCs and laptops) and the Cisco Guard DDoS Mitigation Appliances and Traffic Anomaly Detectors it acquired when it bought Riverhead two years ago. The idea now is to add that same expertise to the IPS product line, all the way down to individual ports on the Catalyst switches bearing the modules.

In addition, Gleichauf said CSA will be able to share state with IPS to make what he called service chaining possible. They’ll be able to share state to determine what’s going on in the network, he said, adding that the company wants the Monitoring, Analysis and Response System appliance (the result of the acquisition of Protego Networks in December 2004) to be the authority for regulating [security] policy, with its ability to correlate events and its awareness of the individual network’s topology.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.