Cisco, Microsoft shake hands on security

Cisco and Microsoft have gotten the word: IT managers are tired of constantly plugging security holes in their networks.

As a result, the two technology giants have hatched an agreement to develop and promote interoperability between their network access technologies. The two companies will collaborate by sharing technical information on Cisco’s Network Admission Control and Microsoft’s Network Access Protection to ensure interoperability.

The process has already started, said Bob Muglia, senior vice president of Microsoft’s Windows server division. “The first step will be to ensure that the two security architectures will work together by understanding and passing enforcement decisions between them,” he said. That means that if a network manager authorizes a user on the Cisco system, the Microsoft system should recognize that authority and vice versa, he said.

The end result is that, by 2007, when Microsoft releases its latest version of Windows server software, the two security technologies should be compatible, allowing companies to examine Windows software and Cisco network infrastructure simultaneously.

Cooperation between Microsoft and Cisco is good for security, said Russ Cooper, senior scientist at Cybertrust and longtime manager of the NTBugtraq mailing list. “Working together is the best way for the industry to go because it makes everyone think about security,” he said.

And security woes appear to be on the rise. The SANS Institute said an unprotected computer attached to the Internet today is attacked in 20 minutes, while a year ago the average time was nearly an hour.

While Microsoft and Cisco ease security management at the 50,000-foot level, numerous vendors are attempting to fill other holes. Protego Networks this week will release its threat mitigation appliance, the PN-MARS (Mitigation and Response System) GC (Global Controller). The PN-MARS GC uses local PN-MARS appliances to execute queries and rules across the enterprise. The results are then consolidated for analysis by central IT managers, said Scott Gordon, vice president of marketing at Protego.

Also offering centralized integrated management features is Check Point Software Technologies, with a new version of its InterSpect software expected shortly. Version 2.0 of the Internet security application will also include new endpoint security functions and e-mail security options, company officials said.

The desire for security is even drawing the attention of overseas security vendors. BitDefender, a Romanian security software provider, is making a push into the U.S. market dominated by McAfee and Symantec. The just-released Version 8 of BitDefender Professional Plus takes a multipronged approach to security, including a virus scanner, a built-in firewall, an anti-dialer, and anti-spam features.