Your power perspectives

Ask network executives which vendor wields the most power in their network today and they'll say Cisco, but ask them which holds the second-highest place, and many will name a niche security vendor.

With an estimated 70% enterprise market share, it's no surprise that most users say they rely on Cisco for the bulk of their network infrastructure. "There's safety in that market share," says Bill Ashton, director of IT for the town of Herndon, Va., which uses Cisco for its VoIP network. "No IT exec I've ever heard of has been fired for deciding to go with Cisco."

The network giant is so well entrenched that few organizations look elsewhere for network gear. "We're a Cisco shop, and that's who we are, and it's who we stay with," says Kent Hargrave, CIO at Overlake Hospital Medical Center in Bellevue, Wash., which uses Cisco for its wireless and wired network infrastructures. "I'm not going to look at anyone else."

But many users are beginning to see the problems of going solely with all-powerful Cisco. "When companies get very big, they tend to be a bit complacent," says Greg Chottiner, CIO of University of Maryland University College (UMUC), a public distance-learning university in Adelphi, Md. (see "Chasing the big one"). UMUC's core network is Cisco, but its VPNs, firewalls and Web-acceleration technology hail from Juniper Networks. "It's tough turning that large ship to respond to customers. Many times, Juniper responds faster, and its products are cheaper, because it doesn't have Cisco's overhead," Chottiner says.

Security rivals

Almost all agree that the area where Cisco doesn't navigate quickly or well enough is security. "Cisco is vulnerable on the security side, though it doesn't want to hear that," says Joe Granneman, manager of networking and data security at Rockford Health System in Rockford, Ill. "A lot of companies are beating it and gaining power."

Granneman's network, though based on Cisco switches, relies on Juniper's NetScreen firewalls and Top Layer Networks' intrusion-prevention systems (IPS). "On the security side, I really like Top Layer. Its devices aren't terribly expensive, and they just tend to run," he says. "I think those niche players are the ones who will succeed, because that is something that Cisco is trying to do but doesn't do well."

Even staunch Cisco supporter Overlake Medical Center agrees security isn't Cisco's strong suit. "We use Aventail for our SSL VPN," says Jeff Bernstein, network engineer at the hospital group. "It's one clear area where we said Cisco just isn't really strong. We did an evaluation and found that both Juniper [with its Neoteris technology] and Aventail had better products, and we decided on Aventail."

Herndon's Ashton says straying from Cisco in security, especially in the light of recent vulnerabilities within Cisco's IOS and its IPS-configured routers makes sense. "When you have diverse and rising threats that you have to continually try and stay one step ahead of, the best practices in security dictate that you go with best of breed, in IPS [and intrustion-detection systems], firewall, remote access, host protection and so on," he says. "Smaller companies in these niches have an appeal. Cisco is trying to sell homogenous security products that just don't work as well."