Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

Future of Network Security

I have been working on Cisco Products for a while and have been looking at the direction Cisco is going with Network Security. I would like to put together some stuff and see what other people on the NPC forums thought they should be going to. In the future I would like to see Cisco IOS support some type of host checking or security function in their network devices.

1.When a user connects to the network and has the Host Based IDS loaded it "checks in" with a master security server (VMS).

2.After this the IOS device verifies with the server that MAC address on that port has the required security (Host Based IDS) loaded and its business as usual for that user.

3.If the user doesn't have the required security for the network then it is either cut off or assigned to a "unsecured VLAN" or tag that port as a posiblie issue that might not have all the functionality of a secured user. Maybe even at

this point give the user the option of loading the HIDS if they "opt in".

4.The VMS servers can also do periodical checks to make sure that

someone hasn't shut off the IDS on the host.

5.From the VMS satiation you can send out alert levels to your network and if their is a DDOS flooding the network the VMS station can instruct IOS devices to shut off all unsecured host and not allow back on till verified by an administrator.

6. You can even have Trusted Segments of your network that has unrestricted access to the say server farms and Untrusted Segments that have only access to limited areas of the network and do this with dynamic access list on the cisco routing and switching devices.

Pull this all into the wireless, VOIP, and VPN security

platforms and drive network security for a while like this.

New Member

Re: Future of Network Security

Glad to see other people are thinking about the future of security and how Cisco can take people there!! :-)

Without responding directly to each of the toipics, I would prefer to perhaps point you in a direction where you can help drive the future of security with Cisco products. Please use your account team. Your Cisco account team can take these requests and turn them into reality, for those items not already implemented. For the items that are on the horizon, or for more information on what is available to address some of your concerns, they can give you detailed information about the solutions and products.

The account team is a great resource for this and I have seen many new features in Cisco products because of the efforts of customers discussing concerns like these with their local account team.

Hope this helps!