Cisco unveils trusted security architecture for networks

Dec. 10, 2007
Software can be deployed at enterprise level to enforce policies at switches, routers

Cisco on Thursday introduced a new software architecture that combines identity and role-based security, which is intended to be implemented across enterprise networks.

The software, called Cisco Trusted Security or TrustSec, can be deployed enterprise-wide and utilized to authenticate users, assign roles, and enforce policies on networks comprised of Cisco's switches, routers, and Unified Wireless Network controllers.

"Customers are demanding a highly secure way to expand their businesses and compliance policies," said Jayshree Ullal, senior VP of the Data Center, Switching and Security Technology Group at Cisco, in a statement.

The most important feature of TrustSec is the security measures it assigns based on the roles and identities of users. For example, access to the network is granted based on an employee's role in the company. The "role aware" network can enforce security policies regardless of the employee's access method, whether they're wired, wireless, or using a mobile device, laptop, or printer.

Additionally, network administrators can manage policies consistently across the network because TrustSec contains a central policy engine that combines different authentication procedures. The architecture is designed so that data remains confidential as it move through various points in the network. This helps safeguard again data leakages and support regulatory requirements, according to Cisco.

Cisco said it's also working with Intel and Ixia, a company that specializes in Internet Protocol performance testing, to ensure that their technologies interoperate with Cisco's new architecture.

Both Cisco and Intel have agreed to support the IEEE 802.1AE standard, which enables the network to intelligently prioritize data based on business processes. This allows for interoperability between Cisco's TrustSec-capable switches and Intel's Ethernet controllers.

Ixia began supporting encrypted line cards based on the IEEE 802.1AE standard in its test equipment, which means customers can test them with TrustSec-capable switches.

TrustSec will be available in Cisco switching platforms in the first quarter of next year.

Cisco has dedicated a new group to products like TrustSec called the Data Center, Switching and Services Group, which will develop enterprise-class products that are in line with Cisco's Data Center 3.0 and Campus Communications Fabric visions.

In related news, the company unveiled its new organizational model this week, creating other new groups, including Access Networking and Services, Consumer and Small Business, and Software, to develop the next phase of communications technologies.