Informational protection from Cisco
Evgenie Rudometov
On the presentation held in Moscow company Cisco Systems has presented the new solutions raising level of informational safety
Today one of the main problems whom users of computers have faced, the problem of informational safety is. Continuously varying threats of safety as with external and c an inside of the business oriented network can bring chaos in business operations, negatively effecting profitableness. The computers hooked up to a network can undergo to attack of program viruses, hearts, programs-spies. They penetrate into systems through e-mail or the Internet sites as a result of loading of various files. The most smart attacks can be undertaken through wireless networks or mobile communication resources. Thus before private users and heads of small enterprises, there are same problems of safety, as before a manual of the big companies. A difference only that their financial and manpower resources are often non-comparable. Nevertheless, in approaches to a safety problem is and much in common. Really, many of the named categories use diverse solutions which have appeared as a result of long-term unsystematic acquisition and installation of so-called dot solutions. Anti-virus programs, and various management systems concern them and monitoring both internetwork screens, and systems of preventing of intrusions (IDS), both. A problem of diversity of the resources used by end users, that fact complicates also, that they are made by the different companies and realised by different corporations.
Absence of a system approach in a choice and application of protection frames inevitably reduces an information security clearance. It is linked to impossibility of the forecast and reflexion of informational attacks in the environments constructed on the basis of diverse tools of the warning and protection. As a result it results or in the overestimated waitings of the users blindly trusting to diversity of used resources, or on the contrary - to their underestimation. Both that, and another is fraught with troubles.
The problem of the diverse equipment consists and that different arrangements are controlled by different systems. And, as is known, diverse arrangements extremely difficultly effectively to control, if at all it is possible. It is linked by that it is necessary to gather data from each system, to compare these data, and also manually to watch operation of each of hardware arrangements or program components. All it is very difficult and expensive, especially in the conditions of limited financial and manpower resources that is characteristic and for private users, and for the small-scale business companies.
To problem of protection of the information the presentation of the newest products led in Moscow (the Photo 1) has been devoted company Cisco Systems (Cisco), attempts of unauthorized access providing effective reflexion to the confidential information. The presentation was led by Alexey Lukatsky, the leading expert concerning informational safety, and Alexander Palladin, the director of the press-service of company Cisco Systems.
Photo 1. Presentation of products Cisco
Company Cisco is one of leaders in development of processing techniques of informational safety. Only in the given area it annually spends $300 million for research and development As a result of the led researches and the fulfilled developments company Cisco Systems offers the new concept of informational safety.
Protection system basis is "self-protected network Cisco" (Cisco Self-Defending Network). It integrates into uniform system all resources of safety, including internetwork screens, systems of preventing of intrusions and anti-virus programs. She creates new possibilities for safe interaction between products and services, allowing the organisations is more flexible and effectively to reduce risks and to liquidate threats. Besides, new possibilities simplify a network control and is better protect an exchange of the confidential information with remote users.
Within the limits of concept Self Defending Network company Cisco has refreshed the products developed for support of safety of networks. In particular, following components have been presented: system of preventing of intrusions Cisco IPS 6.0 (Intrusion Prevention System); the program agent of safety CSA 5.2 (Cisco Security Agent); system of monitoring and reaction to threats CS-MARS 4.3 (Cisco Security Mitigation Analysis and Response System); system of the centralised handle of safety CSM 3.1 (Cisco Security Manager) and functionality of virtual private networks Cisco SSL VPN (Secure Sockets Layer Virtual Private Network).
For original "brain" of the centralised infrastructure of safety the system of monitoring and reaction to threats CS-MARS (Cisco Security Monitoring, Analysis, and Response System) is.
The important component of self-protected network Cisco the program of safety Cisco Security Agent (CSA) which works on transportable computers, desktop computers and servers is considered. Unlike the traditional anti-virus scanners comparing program codes with signatures of known viruses, CSA parses behaviour of users and arrangements, detects anomalies and locks possible attacks, including what are "skipped" by the standard anti-virus scanner. The main feature and value CSA consists that this solution locks threats in the germ. Threats are locked during the moment when anti-virus programs only start to recognise type of an unknown virus and to build the new signature.
Besides, the CSA component gives a number of possibilities of handle of system hardware. In particular possibility of disconnecting of some tools through which it is possible to steal the confidential information is provided.
And in complex system it is offered to use built in systems of enciphering and the decoding, working on different levels.
All components provide protection high levels, as from external attempts of unauthorized access, and external. Thus implementators of system assert, that all is made possible not to limit users and to provide a functionality maximum level. It in particular is reached by an effective utilisation, both system possibilities of used OS, and specially developed units.
It is necessary to mark, that the majority of protection frames work in an automode. It allows to lower essentially load on the system administrator and users, not distracting them on each occurred and predicted event. It is necessary to add, that many components work on adaptive algorithms. Such algorithms allow to consider the stored experience linked to reflexion of attacks (unauthorized access to the confidential information) and overcoming of the hardware-software glitches breaking correct system operation. All it essentially raises value of company Cisco of operation made engineers.
Concept SDN is the long-term strategy of company Cisco on protection of business processes by revealing, preventing and adapting to external and internal threats. Self-protected network Cisco allows to secure today's business and to adapt for the future requirements. It continuously develops and finds new functionality in process of perfection existing and additions of new hardware-software components.
In more details the information about SDN can be received on site Cisco System.