Open sourcing the CTA agent is just part of a much larger effort at Cisco to push beyond mere network access control to a much broader security architecture that addresses problems such as data leaks and policy enforcement -- architecture in which Cisco's Security Agent (CSA) will play a much bigger role, Gleichauf said.

"Data leakage is about things crossing boundaries from areas you control to areas where you have less control: e-mail attachments going over IM, or data going from someone in [human resources] to someone in manufacturing who shouldn't see it," he said.

"For us, it's all about modeling based on how data moves around. We recognize that data has its own identity, and we want to use the controls we've built up around where users can go -- role based access -- to figure out where data can and can't go," he said.

Components like the technology Cisco recently will provide some of the intelligence to stop messaging and Web based leaks, and Cisco will use intelligence in its routers and switches to control data flows and in the CSA agent to enforce data-level policies on the desktop, Gleichauf said.' "CSA is the next area where you're going to see us make go to market announcements that offer real value in the data leak space," he said.

"Cisco's getting out of the desktop plumbing business and focusing on areas on the desktop where they can add value to what they're doing on the network," said Jon Oltsik, an analyst at Enterprise Strategy Group.