Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3756
Views
10
Helpful
5
Replies

Can Cisco Routers, Switches, or Firewalls run AV?

BEHowardGRDA
Level 1
Level 1

‎07-14-2010 09:27 AM - edited ‎03-09-2019 11:03 PM

Can anyone point me to a document or official statement from Cisco stating that their routers, switches, and firewalls are not capable of running Anti-Virus/Anti-Malware to protect their IOS?  NERC CIP standards require that all devices contained within the Electronic Security Perimeter run Anti-Virus/Anti-Malware software "where technically feasible", if the devices cannot run AV/AM you have to submit a "Technical Feasibility Exception"....done that...now they want proof that Cisco devices (routers, switches, firewalls) are not capable of running AV/AM to protect their IOS.  Please don't confuse this with all of the offering that Cisco has to protect end-user devices...this applies only to the routers, switches, and firewalls.

Any answers would be greatly appreciated, even comments from others dealing with this issue.

3 people had this problem
Labels:
0 Helpful
5 Replies 5

Panos Kampanakis
Cisco Employee
Cisco Employee

‎07-14-2010 02:11 PM

A couple of years ago in a conference there was a presentation that claimed to install a rootkit to Cisco IOS devices.

Here is the response from Cisco http://www.cisco.com/warp/public/707/cisco-sr-20080516-rootkits.shtml

That is the closest I can think of that could help you.

PK

BEHowardGRDA
Level 1
Level 1
In response to Panos Kampanakis

‎07-14-2010 02:34 PM

Thanks for the reply PK!

0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame
In response to BEHowardGRDA

‎07-14-2010 03:07 PM

The FW's have "Bot-Net Detectors" as added options.

0 Helpful

Panos Kampanakis
Cisco Employee
Cisco Employee
In response to Leo Laohoo

‎07-14-2010 03:50 PM 

The FW's have "Bot-Net Detectors" as added options.

I am not sure if you are referring to the ASA botnet filtering featute, but if that is the case, it is not a tool for bots or viruses against the ASA IOS itself. It identifies hosts infected and act as bots.

Please rate helpful posts.

PK

Leo Laohoo
Hall of Fame
Hall of Fame
In response to Panos Kampanakis

‎07-14-2010 03:55 PM 

you are referring to the ASA botnet filtering

Yup.  That's the one.  Thanks.

it is not a tool for bots or viruses against the ASA IOS itself. It identifies hosts infected and act as bots.

Heck no.  I'm not saying this is the magic pill but I'm just adding this to the options.

+5 

0 Helpful
Customers Also Viewed These Support Documents