Cisco today said it would add a security arm to its existing services division with an eye toward pushing its support of its security products as well as offering a range of managed security services.
Bryan Palma, the senior vice president and general manager of the newly-created Services Security Practice, said Cisco plans to offer new types of managed security services based on Cisco security products, though he did not provide detail on what that might be specifically and how it would be done.
Cisco’s security products today range from firewall/VPNs, intrusion-prevention systems, to Web and messaging security gateways. Cisco also recently acquired IPS and threat detection vendor Sourcefire. Palma suggested that Cisco may also plan to broaden its partnerships in new ways with other security product and service providers.
[CISCO: 15 more useful Cisco sites
MORE ON CISCO: 10 Cisco partners you should get to know]
Before joining Cisco, Palma was vice president of Cyber and Security Solutions at Boeing, which sold products and services related to network surveillance, data analytics, and cyber simulation to the federal sector as well as private-sector customers globally. Prior to that, Palma worked at PepsiCo as chief information security officer and at HP as vice president of service delivery operations. He also served as a special agent with the U.S. Secret Service on cybercrime.
“I think the best opportunity for them to focus on services is on the network security side,” says John Grady, research manager, security products at IDC. With Cisco bringing the Sourcefire portfolio into its fold, “the implementation and consulting around IPS and advanced threat detection will be important. Also, managed offerings leveraging the existing ASA portfolio and Sourcefire products across the broad would see traction.”
Grady adds, “But it will be tough.” Cisco may want to convert existing customers into managed security service customers, he notes. That may certainly be possible, but there is already competition among managed security service providers (MSSP) that may support Cisco equipment. In addition, Grady points out, product competitors such as Fortinet and Dell with its SonicWall gear have strong relationships in the MSSP space.
Nonetheless, in terms of sheer products, Cisco remains the market leader in network security, though its lead has been under pressure for the last few years, Grady says. “This is true in the combined firewall/UTM space, where they have nearly 21% of the market but have lost share to competitors like Check Point, Fortinet and Palo Alto. Also in the IPS space, where they have a 14.4% share but have lost to McAfee and Sourcefire over the past couple of years.”
Palma’s group will work closely with the Cisco security group headed up by its senior vice president, Chris Young. Palma will be reporting directly to Edzard Overbeek, senior vice president of Cisco services.
In comments on Cisco’s security blog, Young said, “Over the past 20 years, the industry has been largely product focused, with customers deploying point products across the network in an effort to ‘cover’ all security gaps. Over time and with the arrival of mobile, social and cloud, customers now recognize that having all the security products in the world is not going to close all the gaps.” He said customers now want more in the way of an integrated combination of “services, products and people,” and that’s what Cisco will aim to do.
Services may be part of Cisco’s strategy for growth. In his Cisco security blog today, Young said “our goal at Cisco is to be the number one security partner for our customers” and stated “Cisco’s integrated security strategy is to defend, discover and remediate the most critical threats. With world-class products, research teams, global intelligence, advanced threat protection — and now services — our customers will benefit from continuous security in more places across the infrastructure.”
Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: MessmerE. E-mail: email@example.com