Specifications
Chapter 5 VPN and Security
5-9
Cisco Security Agent
Specifications
For More Information
See Chapter 1: Routing for more details.
Cisco Security Agent
The next-generation Cisco Security Agent network security software provides threat
protection for server and desktop computing systems, also known as “endpoints.” The Cisco
Security Agent goes beyond conventional host and desktop security solutions by identifying
and preventing malicious behavior that threaten enterprise networks and applications before
it can occur. It aggregates and extends multiple endpoint security functions by providing host
intrusion prevention, distributed firewall, malicious mobile code protection, operating
system integrity assurance, and audit log consolidation all within a single agent package.
The Cisco Security Agent analyzes behavior rather than relying on signature matching, its
solution provides robust protection with reduced operational costs. It provides patch relief to
reduce the system administration workload allowing companies to wait for “roll-ups” and
Service Packs, which come better qualified from the vendor. Testing and implementation of
updates can be scheduled without undue change control interruption. Fewer updates reduce
the cost of ownership.
When to Sell
Key Features
• Provides industry-leading protection for Unix and Windows servers
• Multiple security functions in a single agent
• Open, extensible architecture offers the capability to define and enforce security
according to corporate policy
• “Zero Update” prevention for known and unknown attacks
• Integrates with Cisco Network Security Products
• Provides application inventory and use tracking, hotfix and Service Pack status checking,
and antivirus DAT version check for Symantec and McAfee antivirus agents
•
A key component of the SAFE blueprint for secure e-business
Competitive Products
Feature Cisco VPN Security Router Bundles
All Bundles Include
Network Admission Control (NAC) Firewall with IPS; GRE and IPSec; High Availability/Failover; VPN QoS;
AES in Hardware (excluding C1700 Bundles)
IPPCP Compression
Software: C800, C1700 Bundles
Hardware: Cisco 1800 bundles, C2600XM, C2691-VPN, Cisco 2800 bundles, C3725-VPN, C3745-VPN, Cisco
3800, 7200, 7301 Bundles
Max Tunnel
C800 - 10, C1700: 100; Cisco 1800: 800,C2600XM, C2691-VPN: 800; Cisco 2800: 1500; C3725-VPN,
C3745-VPN: 2000; Cisco 3800: 2500; 7200/7301 Bundles: 5000
Firewall Performance
C800 - 10Mbps, C1700: 20Mbps; Cisco 1800: 125 Mbps,C2600XM: 35Mbps; C2691-VPN: 197Mbps; Cisco
2800: 530Mbps; C3725-VPN, C3745-VPN: 197 Mbps; Cisco 3825: 855Mbps; Cisco 3845:1 Gbps, 7200/7301
Bundles: 1Gbps
Sell This Product When a Customer Needs These Features
Cisco Security Agent
• Host intrusion protection, distributed firewall, malicious mobile code protection, operating system hardening,
file integrity and/or audit log consolidation. The Cisco Security Agent provides all of these features in one
integrated package
• Protection against both known and unknown attacks
• Protection for servers and/or desktops/laptops
• A solution that is scalable to protect thousands of servers and desktops for large enterprise deployments
• Provides endpoint protection enabling businesses to participate in e-commerce securely and take advantage
of the Internet economy
• Internet Security Systems (ISS)
• Symantec: Intruder Alert
• Enterasys: Squire
• Sana Security: Primary Response
• NAI: Entercept
• NFR (Centrax)