Cisco LIve 2016

Cisco flexes its security muscle at Cisco Live

Cisco flexes its security muscle at Cisco Live
Credit: Thinkstock

Cisco’s new automated security products help users find more threats—and remediate them—faster

This week in Las Vegas, Cisco is hosting 28,000 of its best customers at Cisco Live, it’s annual, global user event. It’s hot in Vegas in July, which is fitting, as Cisco’s security business has been red hot of late. This is in stark contrast to the company’s position in security just a few years ago when many Cisco watchers questioned if it was serious about security.

Over the years, Cisco has mastered the art of using market transitions to capture share, and it appears it is well on its way to doing so in the security market. The market transition that’s changing security is digital transformation. Earlier this year, I wrote a post highlighting the new rules of security in the digital era.

Digital businesses need to move with speed and be agile, but they also must be secure. The problem is the traditional security model in most companies doesn’t allow this. Legacy security is based on putting up big firewalls at the perimeter and deploying point products to solve specific challenges. This is one reason why ZK Research data shows that the average large enterprise has 32 security vendors. There’s no way to be fast when 32 vendors are involved.

Cisco’s security strategy is based on the concepts of simplification and automation to find more threats and then shorten the time to detection and remediation. The company’s “network as a sensor/enforcer” strategy is based on using the network to look for anomalies that would then trigger an action. For example, if a user’s computer accessed the same applications every day and then all of a sudden was trying to connect with an accounting server, that might indicate a threat. At that moment, the machine should be quarantined for further investigation.

At the show, Cisco announced the following security products to bolster its position: 

  • Cisco Stealthwatch Learning Network License. This extends Stealthwatch out to the branch by turning Cisco’s Integrated Services Routers (ISR) into a sensor. The strength of the product comes from using machine learning to analyze packet capture data to improve visibility and incident response. The machine learning capabilities can significantly speed up the process of threat detection and mitigation over traditional manual processes. Industrywide, the average time to find a breach is about 100 days; Cisco is trying to get this number down into the minutes.
  • Cisco Defense Orchestrator. Managing large-scale, highly distributed security infrastructure is a significant challenge for most organizations because it’s difficult to keep policies consistent. Defense Orchestrator is a cloud-based portal that keeps track of and synchronizes security policies across Cisco security products. When a customer deploys a security appliance in a new location, Defense Orchestrator can push a set of policies that’s like those on similar devices. The product also monitors and reports on duplicate or erroneous policies.
  • Cisco Umbrella Roaming and Branch. Last year, Cisco acquired OpenDNS. Its service protects users from known malicious websites. DNS security can be thought of as the first line of defense because it blocks traffic before it gets to the user or the company. Cisco now offers this capability at a user level by embedding Umbrella Roaming into the AnyConnect VPN, so now users are protected even when they’re off the company network. Cisco also released Umbrella Branch, which performs content filtering and protects branch offices. The benefit of this model is that organizations no longer have to backhaul all this traffic to the central location.
  • Cisco Meraki MX Security Appliance. This product is a completely cloud-managed, unified threat protection (UTM) solution. It embeds Cisco Advanced Malware Protection (AMP) and Threat Grid into MX, giving SMEs a cost-effective, easy-to-deploy, threat management solution.  

Just a few years ago Cisco lost its position as a security thought leader, but it has roared back and is leveraging its position in the network to provide security for the digital era. Customers need to shed legacy thinking regarding security and start thinking more about data and analytics as a way to protect the business into the future. Cisco’s bevvy of security announcements shows just how far the company has come in a relatively short period of time. This may be the best it has ever been positioned in this market, and Cisco customers will benefit greatly.

Must read: Hidden Cause of Slow Internet and how to fix it
View Comments
Join the discussion
Be the first to comment on this article. Our Commenting Policies