Cisco looks to grab broader security role

At next week's RSA Conference, Cisco plans to debut major security products to help bolster its already strong security portfolio.

Security is categorized as one of the vendor's six Advanced Technologies and already brings in approximately $2 billion per year in revenue, though routing and switching still account for more than 60% of Cisco's revenue.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

At next week's RSA Conference, Cisco plans to debut major security products to help bolster its already strong security portfolio.

Security is categorized as one of the vendor's six Advanced Technologies and already brings in approximately $2 billion per year in revenue, though routing and switching still account for more than 60% of Cisco's revenue.

More:
See how Argonne National Laboratory secures its network and is looking at federated security among DOE labs
Q&A: Cisco's Palmer discusses Cisco's latest security initiative

The company has 1,500 engineers working solely on security products - VPN, firewall, intrusion-prevention, intrusion-detection systems (IPS/IDS) and other technologies. Hundreds more engineers work across its various infrastructure product lines to integrate security features into network gear.

Cisco is slated to announce upgrades to several of its key security products at the event. An upgrade to its Adaptive Security Appliance (ASA) 5500, a VPN/firewall/IPS device, is due. Also on tap are upgrades to Cisco's Integrated Services Routers (ISR) and Monitoring Analysis and Response System (MARS) system, which orchestrates network infrastructure responses to virus/malware threats.

Cisco CEO John Chambers is one of the headliners at the show and is expected to push a theme of more tightly integrating security with infrastructure components.

"If you're going to provide security, Cisco's very uniquely positioned to do that," Chambers said in a recent interview.

A wide berth

Looking at the breadth of Cisco's security portfolio - and its market share in security products - Chambers' statement is hard to refute. The company leads in worldwide sales and shipments for most major security product categories, including VPN equipment and appliances, firewalls, and IPS and IDS, according to Infonetics Research. (But its total share in any of these markets is less than 40%; a vast difference from its core routing and switching markets, where it holds 70% to 80% market share).

Through a series of acquisitions over the last two years, Cisco has spent over a half-billion dollars enhancing its product portfolio to address security in almost every area of a network. It added traffic-anomaly detection with its Riverhead acquisition in 2004, as well as monitoring and client-scanning software from Protego and Perfigo. The vendor has since turned these acquired technologies into products, or components of its Network Admission Control (NAC) architecture, which uses scanning technology to block malicious users via routers and switches.

"Security is not done in any one place" or product line, says Richard Palmer, vice president and general manager of Cisco's VPN and security business unit. "We focus on security not just as a set of technologies or functions that are done in one box, but more as a system."

Research is never done

An example of Cisco's multiproduct integration of security is its MARS product, which can interpret signals and alerts from IPS gear and react by sending policies to routers and switches. NAC technology is another example, Palmer says. Cisco even reaches into desktops with its Security Agent (part of NAC), which works with third-party anti-virus software and alerts a NAC-enabled infrastructure of potential threats on a client machine.