Cisco also has security solutions for endpoint security: the Cisco Security Agent and the Management Center for Cisco Security Agents. The Cisco Security Agent software integrates endpoint server and desktop computers into the Cisco Self-Defending Network. The Cisco Security Agent provides the following services for endpoints:
■ Spyware and adware protection
■ Protection against buffer overflows
■ Distributed firewall capabilities
■ Malicious mobile code protection
■ Operating system integrity assurance
■ Application inventory
■ Audit log consolidation
The Cisco Security Agent identifies and prevents malicious behavior, eliminating known and unknown ("Day Zero") network threats. The Cisco Security Agent aggregates and extends multiple endpoint security functions by providing intrusion prevention and distributed firewall capabilities in addition to malicious mobile code protection, system integrity assurance, and audit log consolidation. All these capabilities are based on deploying Cisco Security Agents throughout the network and configuring and managing the agents through the Management Center for Cisco Security Agents. The Cisco Security Agent also provides important endpoint information to the Cisco Security MARS to enhance threat identification and investigation across the network. The Cisco Security Agent integrates with Cisco NAC and NAC Appliances with trusted QoS to improve the delivery of mission-critical traffic when the network is under a heavy load.
As discussed earlier, the Management Center for Cisco Security Agents provides all management functions for all agents in a centralized manner. Its role-based web browser access makes it easy for administrators to create agent software distribution packages, create or modify security policies, monitor alerts, or generate reports. The Management Center ships with more than 20
fully configured default policies, making it easy for administrators to deploy thousands of agents across the enterprise. It also allows customers to deploy agents in IDS mode, in which alerts are generated for suspicious activities, but traffic is not blocked.
Was this article helpful?