Now that National Cyber Security Awareness Month has come and gone, it’s apparently safe for Cisco to announce it has new and improved security products and features that advance its Security Everywhere strategy ‘ deeper into the cloud, network, and endpoints’. The company has also beefed up its security assets with a number of recent acquisitions, including Lancope, Inc. (intent to acquire) – October 27; Portcullis (intent to acquire) – September 30; and Pawaa – August 6; all following the June 30 acquisition of OpenDNS, which figures in today’s announcements.
The announcements tie into the company’s recent acquisitions, said Scott Harrell. VP of Product Management for Cisco’s Security Business. They also address two thematic elements: “how do we extend capabilities into the cloud, and reach further into the cloud”, he told IT Trends & Analysis.
Security is the company’s “number one priority”, he said, so much so that John Chambers, who recently passed the CEO torch to Chuck Robbins, is driving the company’s security focus as part of his responsibilities as Executive Chairman. “He’s our executive sponsor,” said Harrell. “He’s heavily engaged, but it’s more of an advisory role.”
The company reported a 12% increase in security-related revenue last fiscal year, to $1.75 billion. The cybersecurity market is expected to be worth $77 billion this year, climbing to as much as $170 billion by 2020, so Cisco has a lot of opportunity.
“I expect security to grow very healthily as we move forward. And you will continue to see us make a number of resource investments in areas like services, sales, and consultancy in a way that really brings this picture to life. I think you’re going to see good growth out of our security business. . .we are positioned really well.” (Q2 FY15 Earnings Call, February 11, 2015)
According to Harrell, most of the security industry tends to ignore the network. “We think that’s a mistake.” He said Cisco believes that the network ought to be part of the solution.
Most of the time, they compete with other vendors, sometimes they partner, and sometimes they do both. With today’s announcements, “we’re adding a competitor we fight with every day, Check Point.”
That’s because it’s all about the customer, said Harrell. We want to solve the customer problem, “make everything around us work better.”
A few weeks prior to National Cyber Security Awareness Month Cisco was rocked by news of a major attack against its routers. Called SYNful Knock, it is ‘a stealthy modification of the router’s firmware image that can be used to maintain persistence within a victim’s network. It is customizable and modular in nature and thus can be updated once implanted.’ The company responded to the news saying it had already alerted customers about the attacks.
Looking ahead, Harrell said the company will continue to build out capabilities across the entire attack continuum, especially around advanced threat. To solve that problem it’s not going to be a single silver bullet, he added.
Cisco is among only a handful of companies that can adress the big picture, and is moving aggressively down this path, said Harrell. “Security is a place screaming out for people to solve architecturally.”
Architecture happens to be Cisco’s middle name. “If you’re selling a single, stand-alone product, you’re ignoring perhaps the strongest thing Cisco does, which is an architectural approach, which protects their investments, allows them to move into new markets relatively seamlessly,” said Chambers.
The Fiddly Bits
Cisco security enhancement/additions include:
-Cisco Cloud Access Security (CAS): partnering with Skyhigh Networks and Elastica, CAS delivers increased visibility into “hidden” applications, that employees might bring onto the network; detection of malicious behavior; and the ability to set security policies that tailor application usage and user behavior to align with corporate policies; and, to protect cloud-based applications, such as Dropbox and Salesforce.com, it prevents the uploading of sensitive information and inappropriate sharing of data in the applications, to limit data exposure breaches;
-Identity Services Engine (ISE) is extending software-defined business policies for control over more granularly segmented endpoint, user and geographical access. ISE now integrates with the Cisco Mobility Services Engine, so IT can create and enforce location policies that define access to data down to a specific room; ISE also is extending its security coverage through its pxGrid partner ecosystem with nine new partners – including Check Point, Infoblox, and Invincea – bringing the total number of partners to 30;
-Threat Awareness Service, which provides organizations with threat visibility into their networks.
-the addition of the Network Visibility Module to AnyConnect VPN to provide traffic flow and contextual data regarding users, applications, devices, locations, and destinations; also, AMP (Advanced Malware Protection) Threat Grid now provides broader contextual information across the full AMP portfolio, extending protection for ASA with FirePOWER Services and AMP for Networks; and,
-OpenDNS Umbrella threat enforcement platform update prevents system compromise and data exfiltration over any port or protocol for both DNS and IP-initiated connections; additionally, the OpenDNS Investigate global threat intelligence product now features a new search functionality that can uncover shared attacker infrastructure, find newly registered domains that are used to impersonate brand websites and identify other patterns in phishing or targeted attacks.