Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Can Cisco Routers, Switches, or Firewalls run AV?

Can anyone point me to a document or official statement from Cisco stating that their routers, switches, and firewalls are not capable of running Anti-Virus/Anti-Malware to protect their IOS?  NERC CIP standards require that all devices contained within the Electronic Security Perimeter run Anti-Virus/Anti-Malware software "where technically feasible", if the devices cannot run AV/AM you have to submit a "Technical Feasibility Exception"....done that...now they want proof that Cisco devices (routers, switches, firewalls) are not capable of running AV/AM to protect their IOS.  Please don't confuse this with all of the offering that Cisco has to protect end-user devices...this applies only to the routers, switches, and firewalls.

Any answers would be greatly appreciated, even comments from others dealing with this issue.

5 REPLIES
Cisco Employee

Re: Can Cisco Routers, Switches, or Firewalls run AV?

A couple of years ago in a conference there was a presentation that claimed to install a rootkit to Cisco IOS devices.

Here is the response from Cisco http://www.cisco.com/warp/public/707/cisco-sr-20080516-rootkits.shtml

That is the closest I can think of that could help you.

PK

New Member

Re: Can Cisco Routers, Switches, or Firewalls run AV?

Thanks for the reply PK!

Hall of Fame Super Gold

Re: Can Cisco Routers, Switches, or Firewalls run AV?

The FW's have "Bot-Net Detectors" as added options.

Cisco Employee

Re: Can Cisco Routers, Switches, or Firewalls run AV?

The FW's have "Bot-Net Detectors" as added options.

I am not sure if you are referring to the ASA botnet filtering featute, but if that is the case, it is not a tool for bots or viruses against the ASA IOS itself. It identifies hosts infected and act as bots.

Please rate helpful posts.

PK

Hall of Fame Super Gold

Re: Can Cisco Routers, Switches, or Firewalls run AV?

you are referring to the ASA botnet filtering

Yup.  That's the one.  Thanks.

it is not a tool for bots or viruses against the ASA IOS itself. It identifies hosts infected and act as bots.

Heck no.  I'm not saying this is the magic pill but I'm just adding this to the options.

+5 

1999
Views
5
Helpful
5
Replies