cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3777
Views
10
Helpful
5
Replies

Can Cisco Routers, Switches, or Firewalls run AV?

BEHowardGRDA
Level 1
Level 1

Can anyone point me to a document or official statement from Cisco stating that their routers, switches, and firewalls are not capable of running Anti-Virus/Anti-Malware to protect their IOS?  NERC CIP standards require that all devices contained within the Electronic Security Perimeter run Anti-Virus/Anti-Malware software "where technically feasible", if the devices cannot run AV/AM you have to submit a "Technical Feasibility Exception"....done that...now they want proof that Cisco devices (routers, switches, firewalls) are not capable of running AV/AM to protect their IOS.  Please don't confuse this with all of the offering that Cisco has to protect end-user devices...this applies only to the routers, switches, and firewalls.

Any answers would be greatly appreciated, even comments from others dealing with this issue.

5 Replies 5

Panos Kampanakis
Cisco Employee
Cisco Employee

A couple of years ago in a conference there was a presentation that claimed to install a rootkit to Cisco IOS devices.

Here is the response from Cisco http://www.cisco.com/warp/public/707/cisco-sr-20080516-rootkits.shtml

That is the closest I can think of that could help you.

PK

Thanks for the reply PK!

The FW's have "Bot-Net Detectors" as added options.

The FW's have "Bot-Net Detectors" as added options.

I am not sure if you are referring to the ASA botnet filtering featute, but if that is the case, it is not a tool for bots or viruses against the ASA IOS itself. It identifies hosts infected and act as bots.

Please rate helpful posts.

PK

you are referring to the ASA botnet filtering

Yup.  That's the one.  Thanks.

it is not a tool for bots or viruses against the ASA IOS itself. It identifies hosts infected and act as bots.

Heck no.  I'm not saying this is the magic pill but I'm just adding this to the options.

+5