Is Big C missing the point on security?

Big company are really suited for security? This is what comes to my mind when we see what Cisco, HP and Co. do when we talk about security.

Are they really able to focus on the innovation and development that security require? I  can talk about what I know so i will express my mixed feeling about Cisco and Security.

For long times Cisco has not been perceived as a big player in the security space, beside the fact PIXASA is the most sold firewall in the world.

But honestly we should not only consider the magnitude of the numbers but also why and how companies buy a product. Alas seems to me that ASA success blind Cisco eyes to the reason where sold so many pieces… ASA wasis seen as a commodity. when you buy some million hardware equipment you can also add some ASA, they cams with the flaw.

So Cisco has never really realized what security selling is, but sold a lot so why do not expand the business. As ususal when you want to expand the business the first thing you do is to acquire someone, like Ironport for example, and Scansafe. but then?

To be honest this is not only a Cisco Issue : acquisitions seems to be the mainstream activity of those years in security, everyone think that becoming bigger will means to be stronger… not sure it is always the truth….

But to be successful in security require a log term plan, investment and specialized people in sales and technical aspects. And security is not just a product is a stream of solution that have to address something.

So let’s take a look at Cisco offering to understand if we can find any trace of this vision.

Cisco presented it’s Borderless Network Vision replacing the “old” self defending network message in order to push the acceleration in new network and security equipement sales.

The core fo the message was, lan has no more borders, so you have to change your way to think. I think the message is right and appropiated and Cisco made several progress in terms of product and technology to accomplish the new vision.

But what has never been clear to me is which kind of security is intended in Cisco for a borderless world? just to make some few example:

Application security

Well here is where i am most confused, apparently with the EOLEOS of the ACE XML gateway Cisco has, reasonably, decided to leave this field to someone else.

Application security, when intended how to protect a customer that is delivering services is a really nasty job. too many things to work on. it was a niche area and require too much investment.

What is not so clear to me, on the other end, is why Cisco abandoned also the Ddos and dos prevention field. They apparently have had the technology that could be used (I mean CIO, Reputation and so on…) but they simply does not explored that side. This is quite funny since Ddos and dos attach have been the mainstream attacks those last years (anonymous remind you anything?).

On the other end we have to admit that there are hard to beat product out there, and if I should look for a anti dos solution i would probably go to Radware.

Pity with the IPS the path seemed correctly planned, with the introduction of the global correlation….but IPS is nor enought nor an application security device.

End User Security

Here Cisco made some big investment, Ironport, Scansafe just to name the most renewed. but acquire a company is enought? after 7 years we’re still waiting for a complete integration of the product into cisco environment, implementation of “simple” features are still waiting. the general overview is that the company does not know where to go and how to go there. The historical difficulty of Cisco to adopt consistent management interfaces is quite clear when we see what happened to Ironport technology and the rest of the products. Still WSA is not able to talk with scansafe (bluecoat can, sigh) and even ASA has not been provided of a decent Scansafe connector yet.

So beside the products are intrinsically good (and the Gartner review show it quite evidently) what seems to be lacking is a project and a future. will they survive? or will they disappear?

On the End user security side we have seen also some weird moves that pissed off the market, think of the recent Linksys Router affair and the “cloud” management interface.

But I can understand that a big network equipement vendor has problem to understand the end user side of the equation, think also outside the security space with the CIUS and Flip….

Another indication that Cisco still not have a clear vision of the end user security space is the lack of basic feature like the Microsoft (c) AD multirealm support. No chaps Radius is not the solution, nor even Tacacs+

We have also some weird duplication like the ASA module to make application visibility and control (CX module) vs the Application visibility and control on WSA and Scansafe.

I’m not interested right now to go on detail but…guys where you want to go? where is the plan here?

Access Security

Here we have seen the most interesting moves, the new ISE product, the ASA improvements, the new Anyconenct are great products and good moves in this space.

Ok some of those, like ISE, are still new and need to growth, but seems the right direction to follow. and I have to admit that if correctly developed Trustsec will be a Winner technology. Just hoping that Cisco PM will understand that the point is to make things easier….

Data Center Security

er VSG, Virtual ASA? is anyone outside a few people in Cisco that are able to understand and explain what are those things? (I mean, of course we need both? what are the differences…..). And the rest?

Cloud Security

can cloud services as scansafe and cloud ironport email service be considered cloud security? or will be the new generation of virtual appliances that will cover this area? please can someone en-light me?

Just at a first overview, and not going product by product, seems quite clear that there still not a vision of what would be the approach in security by Big C, and considering the recent budget cuts I hardly see a bright future for the security in Cisco. We will continue to see great products with useless one, weird choices and a overall confusion cloud (so something in the cloud space is present).

Beside the marketing message seems that most of the promises are still waiting to be taken in consideration by Cisco, and in this field (security) where things change so quickly not to decide and not to act means to loose.

Is still security an Opportunity for Cisco? I do not think so, Big C, with a few product exception, can be a good follower, and when the market and the economy will allow they will buy something to claim to be the state of the art technology but without a consistent project we will see only randomly good product that, by the way, is not a bad thing per se.

But for Cisco will be hard to accomplish the BN vision and the other claim, one vendor is better, because at the moment it seems that, at least in the security space,  there is not a real difference to buy only Cisco product or from other vendors in terms of manageability, integration and development.

we’ll se what will happen soon.

A

 

Related articles

• Cisco releases Updates for ASA, ACE, VPN (laws.qualys.com)
• BYOD, Mobility, and Remote Access VPN – How Can I Troubleshoot All These Technologies and Solutions? (blogs.cisco.com)
• Cisco patches vulnerabilities in VPN client, security appliances (networkworld.com)
• Cisco @ VMworld 2012 (blogs.cisco.com)
• Hackers can break into your Cisco TelePresence sessions (zdnet.com)
• Cisco Router Software Connects Enterprises to the Cloud (pcworld.com)
• Gartner: Don’t trust cloud provider to protect your corporate assets (networkworld.com)
• Cisco snaps up stealthy security startup Virtuata (venturebeat.com)
• UPDATE: Answering Our Customers’ Questions about Cisco Connect Cloud (blogs.cisco.com)
• Cisco Patches Vulnerabilities in VPN Client, Security Appliances (pcworld.com)
• Cisco Security Advisory: Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module Denial of Service Vulnerability (seclists.org)
• Cisco warns of major vulnerabilities in TelePresence kit (go.theregister.com)
• As Hooper Leaves Cisco, Warrior Adds Strategy-Chief Role (snspost.com)
• Cisco closes holes in its VPN client and security appliances (h-online.com)
• Cisco’s Real Problem Is Way Bigger Than Europe (CSCO) (businessinsider.com)
• The Cisco security directive (networkworld.com)
• CBT Nuggets Cisco CCDP ARCH Design 642-873 (hazimsos.wordpress.com)
• Cisco’s loss is Palo Alto Networks’ gain (mercurynews.com)
• More From VCE At Cisco Live 2012 (chucksblog.emc.com)
• Cisco acquires Virtuata (zdnet.com)
• ScienceLogic at Cisco Live!: Padmasree Warrior Prepares for IT Management Mega-Trends (sciencelogic.com)
• Cisco buys Virtuata to beef up VM security (gigaom.com)
• Cisco ONE as the Bridge Between Apps and Infrastructure (blogs.cisco.com)
• Is There a Standard Definition for BYOD? (blogs.cisco.com)
• Freeing your router from Cisco’s anti-porn, pro-copyright cloud service (arstechnica.com)
• Cisco dumps Ogilvy… Hires Goodby! (adscam.typepad.com)

Related Posts via Taxonomies

• Digging it up on Security Costs and Security Budgets – part1
• Diary of an acquisition part1
• My Latest Article on Hakin9 is on Ddos
• Look what I found
• Foretelling: Will Crystal Balls Run On Android?
• Wanted Dead or Alive: The Human Factor
• Security Costs and Security Budgets
• Spear Phishing: can it fool me?
• SECURITY: Web Browsing infection and protection basics
• IoT, Internet of Things or Internet of Terror?

To the official site of Related Posts via Taxonomies.

Is Big C missing the point on security? by The Puchi Herald Magazine is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.