Cisco IPS Integration Turns Security Data Into Information

Born out of its dominance in the networking world, Cisco's coverage in IT environments is hard to match. While Cisco has spent much of the past few years gobbling up niche security providers and growing its security product lines, the company is now looking at ways to better manage and coordinate mountains of threat data into a landscape its customers can defend.

The company took a significant step in this direction Monday when it unveiled a strategy of expansive security data communication, in particular among intrusion prevention systems. Cisco IPS 6.0, in conjunction with Cisco Security Agent 5.2, Cisco Security Mitigation Analysis and Response System 4.3, and Cisco Security Manager 3.1, represents a "systemized approach to self-defending networks," says Mick Scully, a Cisco VP of product management.

The thinking is that the security threat environment will always change more rapidly than security vendors can produce security enhancements, so the security measures already in place need to get better at recognizing and responding to attacks. The latest Cisco security agents enlist PCs into reporting on the security of a network, giving Cisco's latest version of the Cisco Security Mitigation Analysis and Response System (CS-MARS) even more to work with. If your PC is pinged, CSA will now report that ping to MARS, something Cisco is hoping will help companies catch attacks in their earlier stages.