Network World - Networking Nuggets and Security Snippets
Cisco held its annual customer event, CiscoLive, in San Diego this week, while hosting industry analysts like me at C-Scape. As part of the agenda, the Cisco security team provided details on its present position and future strategy. Here are a few of my take-aways:
Network changes drive security. Cisco believes that network infrastructure is rapidly changing, driven by SD-WAN, direct internet access (DIA), and user mobility. These changes will drive emerging technologies such as Wi-Fi 6 and 5G, and Cisco says organizations will look to bolster network security as they transition their network infrastructure. Thus, Cisco is baking security into networking products like Meraki and Viptella and introducing a cloud-based secure internet gateway (SIG) to safeguard users regardless of their location. These changes should help Cisco sell networking and security products while bridging the collaboration gap between cybersecurity and network operations teams.
Cisco’s security portfolio is much broader than people think. Common wisdom is that Cisco makes all its security money selling firewalls and IDS/IPS. Yes, it is a market leader in those areas, but the company’s portfolio is far broader than perimeter network security. For example, Cisco is gaining share with AMP for endpoints, Tetration for micro-segmentation, and Duo for multi-factor authentication (MFA). Like other large security vendors, Cisco is focused on product integration and interoperability. To accomplish this goal, Cisco provides a unified front-end with Cisco threat response (CTR) that amalgamates products for threat hunting and security investigations. Cisco products are also back-ended by Talos, providing threat intelligence feeds that complement individual product alerts. The company offers different types of enterprise licensing models, so its customers can easily consume all its wares.
Zero-trust is a major part of Cisco’s strategy. Everyone’s talking about zero-trust these days, but trusted network connections are really nothing new. Furthermore, zero-trust is where networking meets security – an intersection that gives Cisco a homecourt advantage. Cisco is responding to market demand for zero-trust in three areas: the workforce (secure user/device connections to applications), workload (secure connections between applications across hybrid infrastructure), and workplace (secure all network connections). Cisco covers these three use cases with Duo, Tetration, and its SD-Access products today and plans to provide an integrated end-to-end solution over time.
Cisco gets cloud-delivered security. Yes, Cisco still sells a lot of network security devices, but its security offerings are increasingly cloudy. The best example of this is Umbrella, Cisco’s DNS security offering that helps companies block connections to rogue domains. Cisco has expanded Umbrella to include SIG, a cloud-based proxy that can protect corporate, branch office, and roaming users. On another note, Cisco takes advantage of the cloud to offer a consolidated management plane called Cisco Defense Orchestrator (CDO). CDO can be used for common configuration and policy management across Cisco ASA firewalls and will soon include support for Firepower and Meraki products. Over time, CDO will cover more and more of Cisco’s portfolio, helping customers streamline and accelerate security operations across all their Cisco security products and SaaS.
Cisco is serious about customer experience (CX). Rather than just selling products, Cisco wants to work hand in hand with customers throughout the product lifecycle and help them consume Cisco technology to its fullest. This means a lot more bundling of security products with staff augmentation and managed services. Of course, CX is a big cultural change for the company, and the initiative is still in its early stages. Nevertheless, CX should be especially welcome by CISOs haunted each day by the global cybersecurity skills shortage.
Still some work to do
Cisco is quietly executing on its cybersecurity strategy and is poised to be a $5 billion-plus player by 2022. To achieve that level of success, however, Cisco should do the following:To read this article in full, please click here