Trend Micro, Cisco to fight worms

Cisco Systems Inc. and Trend Micro Inc. on Monday announced a partnership under which Cisco will improve its routers, switches and firewalls with Trend’s worm-blocking technology.

Trend Micro, which uses the technology in its own VirusWall product, plans to make its signature-based worm-blocking technologies available in Cisco products by the third quarter. Cisco says the technology initially will fit into its intrusion-detection code base and be used to stop network worms that take advantage of software vulnerabilities. Trend Micro will supply updates, which will be managed via CiscoWorks and other Cisco management tools.

The agreement sets the stage for broader technology integration later under which Cisco plans to bring Trend’s policy-based anti-virus response and remediation technologies into its gear.

The arrangement between Cisco and Trend Micro is facilitated by the fact that there is little direct competition between the companies. That’s not the case with Cisco and security vendors Network Associates and Symantec, the only anti-virus vendors bigger than Trend Micro.

“There is very little overlap when we go to our customers jointly on this,” says Tom Russell, director of product management for VPN and security products at Cisco.

In other Cisco security news, the company recently outlined its technology and pricing strategy for a new version of the Firewall Services Module, which has been free for use in Catalyst 6500-series switches.

Cisco, which introduced the firewall services module hardware about 18 months ago with periodic six-month upgrades, now will begin licensing it, starting at $12,500 for a 20 virtual-firewall license. This pricing is intended for Version 2.2.

The module can be deployed and configured through any of three Cisco management consoles so that network managers can establish logical firewalls between Catalyst switching points.

In addition, Cisco announced what amounts to a rebranding of the Riverhead Networks equipment — Guard and Detector — gained via the acquisition of Riverhead in March for $39 million. Guard and Detector are used to monitor traffic flows and combat distributed denial-of-service (DoS) attacks.

The new names for the anti-distributed DoS gear are Cisco Guard XT 5650, which costs $90,000, and Cisco Traffic Anomaly Detector XT 5600, which costs $45,000. Cisco said it intends to integrate distributed DoS detection and mitigation technology into the Catalyst platform in coming months.