Cisco is preparing to announce a major overhaul of its security portfolio next week, with upgrades to several of its existing products.

On Tuesday, at the RSA Conference in San Francisco, the company plans to announce the largest set of upgrades to its security products in three years, sources say.

The new enhancements should help the company catch up to leading vendors, focusing on such areas as secure socket layer virtual private networks and intrusion prevention. The upgrades should also help Cisco fulfill its promise of a "self-defending" network, beefing up security on IP telephony and other applications, while also extending network protection to the desktop. And to help corporate customers keep track of new threats, sources say, Cisco is also improving its management products.

Cisco declined to comment on the specifics of its announcements next week, but has scheduled a press briefing at the security show.

Security is an important market for Cisco. It is one of six new areas Cisco has been focusing on to help expand its overall business. So far, security has been proven to be a good investment for the company. Last quarter, revenues from security products were up 30 percent from a year earlier.

Cisco's strength in security has come not from having the best products in every category, but from having a wide breadth of offerings, analysts say. Next week's announcements should help level the playing field against the pure security vendors while cementing Cisco's dominance as a network-level security provider, they add.

"Cisco isn't known as a security company," said Zeus Kerravala, an analyst with the Yankee Group. "They sell security as part of a network strategy. But it's clear they are serious about providing more security in the network. They are definitely the security leader among networking vendors."

Nitty gritty
One of the more important upgrades to be announced next week is on Cisco's SSL VPN product, sources say. SSL VPNs allow users to remotely connect to the corporate network using a standard Web browser. Currently, Cisco's product only supports Web-based applications. The new version will allow users to access some non-Web applications, too, such as e-mail residing on a corporate mail server.

Such upgrades are an important addition to the product, since they will allow remote workers to use their Web browsers to connect to the corporate network rather than a difficult-to-manage IPsec client that must be pre-installed. SSL VPN competitors, such as Juniper Networks, through its Netscreen acquisition, and Aventail have been supporting non-Web applications in their products for some time.

Cisco has also beefed up its intrusion detection product by adding prevention software that can correlate possible symptoms of a worm or virus attack to determine whether certain traffic should be blocked. The new software will put Cisco's product on par with those from traditional security companies such as McAfee, say experts.

Cisco also plans to announce that it has added security features to its PIX Firewall that will make it more friendly to IP telephony protocols. The Cisco firewall has not been able to identify some of these protocols, leaving voice over IP traffic vulnerable to attacks.

To give customers more choice with respect to how they deploy this technology, Cisco is updating its Internetwork Operating Software (IOS) so that many of these new security features can also run on its switches and routers, sources report.

The company has also added more security features to its desktop security agent. This software is a big component of Cisco's Network Admission Control architecture, designed to prevent worms and viruses from entering the network. The security agent sits on individual workstations, identifying malicious code in communications between network software systems. When it detects a virus or worm, it denies access to the PC. Cisco has supposedly enhanced this software by adding new anti-spyware protection meant to identify and remove malicious programs before they jump from a PC to the network.

Cisco also plans to introduce a new blade that fits into its Catalyst switches to help prevent denial-of-service attacks on Web servers.

Finally, Cisco will announce improvements to its network management tools using some technology that it recently acquired from Protego. This technology, acquired in December, aggregates and correlates information about security threats, so that network managers can detect attacks.

SOURCE