Switches taking on new security roles
Security innovations being built into switches are attracting attention from buyers who not long ago focused primarily on feeds and speeds.
Network executives say they need all the help they can get to cope with today's threats. They are eager to use new switch-based security schemes - such as the ability to quarantine viruses and enforce policies - being touted by Alcatel, Cisco and Enterasys Networks, among others. In the forefront:
• Alcatel next month is expected to introduce its Automated Quarantine Engine switch technology that works with intrusion-detection systems (IDS) to isolate worm-infected machines for remediation purposes.
• Cisco says this summer it will enable its Catalyst switches to defend against worms and distributed denial-of-service (DoS) attacks.
• Enterasys recently introduced its Automated Security Manager, which provides policy-based control on its switches through help from IDS; and this month the company will expand its quarantine mechanism through use of information from scanners and anti-virus policy enforcement.
When the Blaster worm crippled the campus network at Abilene Christian University in Texas a year ago by getting scores of infected student computers to scan wildly, the IT staff concluded that it needed more tools.