Cisco Announces IDS Host Sensor for Mitigating Attacks Against Server Resources

SAN JOSE, Calif.–(BUSINESS WIRE)–Sept. 4, 2001–

New Intrusion Protection Systems Provides Robust

“Defense-in-Depth” for Today’s e-Business

Cisco Systems, Inc., the worldwide leader in networking for the Internet, announced today it is expanding its already rich portfolio of intrusion protection offerings with the introduction of the Cisco IDS Host Sensor, a host-based solution for enterprise-wide intrusion protection, and enhancements to its market-leading network-based IDS software.

Unlike traditional host-based intrusion detection systems (IDS), which log attacks but do nothing to prevent them, Cisco IDS Host Sensor software proactively detects malicious activity and blocks access to server resources before serious damage can occur. The software accomplishes this by intercepting system and API level calls to the operating system before the OS processes the calls. It then determines if the call is malicious or benign. If the call is malicious, the Cisco IDS Host Sensor’s policy database dictates which preventative action should be taken, such as terminating the call, terminating the process that launched the call or sending out alerts about the suspicious activity.

“New and increasingly ominous security attacks require vigilant monitoring of our e-business infrastructure,” said Bill Stevenson, network security officer at New Century Mortgage. “The Cisco IDS Host Sensor is a powerful tool, providing the necessary intrusion protection of business-critical resources.”

Based on technology from Entercept Security Technologies, the Cisco IDS Host Sensor software underscores Cisco’s strategy of delivering products and solutions that enable customers to adopt a “defense-in-depth” approach to security, in which critical systems are fortified throughout a network — not just at the perimeter. This strategy is a key premise behind SAFE — the security blueprint for Cisco AVVID (Architecture for Voice, Video, and Integrated Data). As an integral component of SAFE, the Cisco IDS Host Sensor can be easily and cost-effectively integrated and managed in any network secured by Cisco. Additionally, complementary solutions and services are also provided by Cisco AVVID partners that further enhance the Cisco IDS product line.

The Cisco IDS Host Sensor is capable of stopping both known and unknown attacks, including the notorious Code Red Worm virus. It also features a database that can be automatically updated with defined and generic attack behaviors affecting server resources, providing additional protection against future threats and vulnerabilities.

Cisco also announced version 3.0 of its market-leading network-based IDS appliance software, Cisco IDS Network Sensor. Like the Cisco IDS Host Sensor, it also offers protection from the Code Red Worm virus, available since the initial attack. Also included is an Active Update signature mechanism enabling automatic distribution of signatures, an extremely robust signature language allowing customers to write their own signatures, and extensions to the Active Response capability adding support for the Cisco PIX(TM) Firewall family and Cisco Catalyst(R) switches.

The Cisco IDS Host Sensor is sold as a part of the CiscoWorks VPN/Security Management Solution (VMS). Other components of VMS include the VPN Monitor, which monitors and troubleshoots enterprise site-to-site and remote access VPNs, and a new version of Cisco Secure Policy Manager (CSPM). CSPM provides a powerful policy-based security management system for Cisco’s PIX Firewall family, IOS routers, and network-based IDS solutions with new task-based GUIs and wizards. The CiscoWorks VPN/Security Management Solution gives customers everything they need for managing VPNs, firewalls, network and host-based IDS solutions in one affordable package.

“The Cisco IDS Host Sensor is an important extension of Cisco’s security monitoring and management portfolio, giving customers comprehensive network and host-based intrusion detection capabilities,” said Richard Palmer, vice president and general manager of the Cisco VPN and Security Services business unit. “It exemplifies Cisco’s continued commitment to provide customers with practical security solutions for today’s e-business demands.”

Pricing and availability

The Cisco IDS Host Sensor, which includes a management console and evaluation agents, is available today as part of the CiscoWorks VPN/Security Management Solution, starting at $7995 USD. The Cisco IDS Host Sensor is also available today standalone for $5000 USD. The agents are available separately today starting at $1750 for Standard Edition and $2150 for Web Server edition.

About Cisco Systems

Cisco Systems, Inc. (Nasdaq:CSCO) is the worldwide leader in networking for the Internet.

Note to Editors: Cisco, Cisco Systems and the Cisco Systems logo are registered trademarks of Cisco Systems, Inc. in the U.S. and other countries. All other trademarks mentioned in this document are the property of their respective owners.