Cisco Gives ACI Security Makeover
Due to ship sometime next month, Cisco has announced the integration of Application Centric Infrastructure embedded security with the threat detection of FirePOWER Next Generation Intrusion Prevention System. The company said the combination of ACI with the NGIPS will provide automated real-time threat protection to combat emerging datacenter security threats. Cisco also announced that independent security assessors have validated ACI for deployment in payment card industry (PCI) compliant networks, which should reduce costs for managing and simplifying the scope of compliance.
The combination of ACI and FirePOWER addresses data centers challenged by cloud, manual processes and complexity, such as multi-tenant requirements, said Cisco’s Dave Stuart, Director of Product Marketing, Security. He also told IT Trends & Analysis that together they should drive up the attachment rates, which has been somewhat of a struggle.
He said the threat environment is becoming much more complex and the attachment rate has been “relatively low”. “This is removing many of those obstacles… and I think will drive up adoption of security into the data center and drive up adoption of ACI”.
Hari Krishnan, Director of Product Management, Cisco ACI added that from the data center side, they’re seeing security as a key use case. “This takes it to a new level, automation…”
Automation addresses a significant ACI customer pain point, he said. “This kind of automation, being able to address these new threats, to do things that are not possible today with manual processes…”.
According to a report on a recent gathering of Cisco’s largest customers, they are ‘dazed and confused’ about the network architectural changes required in deploying new products like ACI. ACI requires Cisco customers to think differently about networking. In the past, Cisco provided the traditional switch and router, which customers deployed. ACI demands that customers revamp their network architecture, said Daniel Conde, analyst for the Enterprise Strategy Group.
“Some of the confusion may occur because ACI requires people to have a newer way of looking at things,” he said.
Stuart said a new model is needed from a security perspective. “That’s what we’ve been advocating since the coming together of Sourcefire and Cisco. Security is broken.”
To beat the flood of security surveys that accompanied the recently concluded RSA Conference 2015, Cisco published its doom-and-gloom horror story at the start of April, reporting that the cyber security situation is bad and getting worse. While there’s growing awareness at the board level about security, what’s lagging is that investment that comes along with it, said Cisco.
According to the network giant:
-54% of breaches remain undiscovered for months;
-60% of data is stolen in hours; and,
-100% of companies connect to domains that host malicious files or services.
It estimates the global cybercrime market is worth somewhere between $450 billion and $1 trillion.
“We have security as the number one, number two, number three, number four concern for all of our customers,” said Chuck Robbins, SVP Worldwide Field Operations, during a three-day Cisco-thon of journalists and analysts last December. The company reported a 25% revenue jump in the previous quarter, and increased its security appliance market dominance 2.8 points to 18.7% of revenues, well ahead of second-place Check Point and more than twice the revenues of third-place Palo Alto Networks.
Cisco’s key focus is addressing customers’ security issues, said Marty Roesch, Vice President/Chief Architect, Security Business Group/Sourcefire CTO, but solving them is more of an aspirational goal.
He said one of the areas the company is working on is a comprehensive architecture (AKA Security Operations Maturity Model) to deliver dynamic controls that will enable customers to address the before, during and after aspects of data protection. The model plots a journey along a scale of controls that moves from static to human intervention to semi-automatic to dynamic and, ultimately, predictive controls.
With the latest announcements Cisco has taken a step forward, but they have a long way to go, said Stuart. “We’re not going to tell them we have a silver bullet here… a 100% addressed.” What will happen is a shift in focus – from 70% on the before (discover, enforce and harden), and 30% on the during (detect, block and defend) and after (scope, contain and remediate) – to a more balanced approach over the next couple of years.