Cisco is buying security start-up Perfigo for $74 million in cash, helping it to secure network "end-points" and protect them from worms, viruses and hacking.

Perfigo sells network access control technology for remote worker desktops, and mobile and wireless computers. It will join Cisco's Security Technology Group and the company's products, including SecureSmart and CleanMachines, will be added to Cisco's evolving Network Admissions Control (NAC) portfolio.

NAC uses client security programs and Cisco networking gear to inspect machines before they are connected to corporate networks.

Founded in May 2002, Perfigo is privately held and backed by venture firm Greylock. The company unveiled its first product, SecureSmart, last April. The product allows customers to manage and authenticate users connecting to wired and wireless networks. The company's second product, CleanMachines, appeared in November 2003 and combines network and device-based vulnerability scans with network security policies to evaluate the security of user machines.

Using CleanMachines, customers can quarantine devices that do not adhere to security polices in an isolated area of a network, then use network-based compliance and remediation tools to resolve any security issues raised in the scan.

Perfigo's software runs on a hardened Linux platform and ties in with an enterprise's existing user authentication infrastructure, such as LDAP, Radius and Kerberos. The company's products are popular among colleges and universities.

Unveiled in November 2003, the NAC program is part of Cisco's Self-Defending Network strategy and pairs the equipment maker with security companies, including CA and IBM and anti-virus companies like Symantec, McAfee and Trend Micro. In June, Cisco announced software updates that allow its IOS routers to enforce end-point access privileges based on security information such as the state of anti-virus software updates and operating system patch levels. NAC will be extended to Catalyst Switches and VPN Concentrators in the first half of 2005, Cisco said.

The Perfigo's acquisition is just the latest in a series of moves designed to boost the NAC program. On Monday, Cisco and Microsoft agreed to improve interaction between NAC and Microsoft's competing security architecture, called Network Access Protection.

Cisco expects to complete its acquisition of Perfigo in its second fiscal quarter, which ends on 29 January 2005. Cisco has already licensed CleanMachines and will begin selling it in October.