Chapter 8. Managing the Cisco Security Agent

The Cisco Security Agent represents the last line of defense in a layered self-defending network. The Cisco Security Agent operates directly on the end station by monitoring the OS kernel and requests to the file system, network resources, and registry keys. The Cisco Security Agent can reside directly on the PC, laptop, or server in the network. Cisco Security Agent is supported on Windows, Solaris, and Linux machines.

Cisco Security Agent can provide a day-zero defense against new network attacks since the Cisco Security Agent is looking for malicious behavior directly on a workstation instead of known worms and viruses that can participate in a network attack. Day-zero is a fancy way of saying that ...

Get Self-Defending Networks: The Next Generation of Network Security now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.