Cisco Security Agent
This article has multiple issues. Please help improve it or discuss these issues on the talk page. (Learn how and when to remove these messages)
|
Developer(s) | Okena/Cisco |
---|---|
Stable release | 6.0.2.130
/ 7 June 2010 |
Operating system | Cross-platform |
Type | Security / IPS |
License | Per-computer, through Cisco |
Website | Cisco Security Agent |
Cisco Security Agent (CSA) was an endpoint intrusion prevention system made originally by Okena (formerly named StormWatch Agent), which was bought by Cisco Systems in 2003. The software is rule-based and examines system activity and network traffic, determining which behaviors are normal and which may indicate an attack. CSA was offered as a replacement for Cisco IDS Host Sensor, which was announced end-of-life on 21 February 2003. This end of life action was the result of Cisco's acquisition of Okena, Inc., and the Cisco Security Agent product line based on the Okena technology would replace the Cisco IDS Host Sensor product line from Entercept. As a result of this end-of-life action, Cisco offered a no-cost, one-for-one product replacement/migration program for all Cisco IDS Host Sensor customers to the new Cisco Security Agent product line. The intent of this program was to support existing IDS Host Sensor customers who choose to migrate to the new Cisco Security Agent product line. All Cisco IDS Host Sensor customers were eligible for this migration program, whether or not the customer had purchased a Cisco Software Application Support (SAS) service contract for their Cisco IDS Host Sensor products.
CSA uses a two or three-tier client-server architecture. The Management Center 'MC' (or Management Console) contains the program logic; an MS SQL database backend is used to store alerts and configuration information; the MC and SQL database may be co-resident on the same system. The Agent is installed on the desktops and/or servers to be protected. The Agent communicates with the Management Center, sending logged events to the Management Center and receiving updates in rules when they occur.
A Network World article dated 17 December 2009 stated "Cisco hinted that it will end-of-life both CSA and MARS". Full article linked below.
On 11 June 2010, Cisco announced the end-of-life and end-of-sale of CSA. Cisco did not offer any replacement product.
See also
- Network Intrusion Prevention System
External links
- [1]- "Surviving the Cisco CSA Transition" Endpoint Security Whitepaper
- Alternative to CSA
- End-of-Life Announcement - Cisco Press Release
- Cisco Security Agent - Cisco's product page for the Agent software
- Cisco IT Case Study about Cisco Security Agent
- Cisco IDS Host Sensor Migration Program
- EOS and EOL of for the Cisco IDS Host Sensor Product Line
- Cisco hinted EOL for CSA - Network World article