Cisco today launched new enterprise security architecture aimed at governing remote workers and their devices.
Its Secure Borderless Network architecture encompassed two offerings: the AnyConnect secure mobility solution; and an upgraded version of access control software TrustSec that included network admission control and identity-based networking services.
AnyConnect involved a skinny VPN (Virtual Private Network) client that would seamlessly and intelligently allow users to access the corporate network.
Once a device had the client installed, it would be ever-present without needing to be booted up at the start of each session.
According to Cisco IronPort ANZ manager Glenn Welby, AnyConnect would cause any devices that had corporate network privileges to be managed "in a stateful way".
The client would connect automatically to the corporate network, and extend corporate access policy and controls to the device, whether it was on or off corporate premises.
To protect against "accidental infection", Welby said the client could not be turned off by a user. There would be no way of connecting to the Internet without it, he said.
"You can have a personal browsing experience, but AnyConnect won't turn off," he told iTnews. "The reason for this is networks become vulnerable by exactly that behaviour."
Welby acknowledged that the client may not suit organisations in which workers used their own, personal devices for which constant corporate governance would be inappropriate.
However, he said some of Cisco's customers in "security-conscious verticals" were known to require users to sign wavers and accept corporate security policies to use their personal devices for work.
Users found the value of choice to outweigh any downsides to accepting corporate policies, he noted.
"Different organisations are going to have different rules," Welby said. "I can't define the way organisations choose to provide their technology."
The AnyConnect solution also included the Cisco IronPort S-Series web security appliance and the Adaptive Security Appliance firewall.
Both AnyConnect and an upgraded version of TrustSec were expected to be delivered in the second quarter of 2010.