Can Cisco Provide the Right Kind of Security?

By Chris Preimesberger  |  Posted 2009-05-04 Print this article Print

But is this the kind of expertise that enterprises will be able to depend upon during the crunch-time production workloads that can make or break a business?

"This is an integrated solution, so I guess if you crack part of it, you crack all of it," Kerravala said. "There are other ways around this; I'm sure you could encrypt the disks. Looking back, though, I am a little surprised that with all the third-party vendors they brought in, there wasn't a security vendor that was part of it. It would have been good to have had a third party legitimize the security of it."

Cisco is a good security company when it comes to securing transport, Kerravala said, but has he added that Cisco has never been proven to secure the data itself.

"All a [knowledgeable] hacker has to do to get into this UCS system is to hack into the [Cisco] switch, which controls the data flow and the data itself," Desai said. "For some [sophisticated] hackers, this is not that hard to do."

What asked about this, Brian Schwartz, Cisco director of product management for the UCS platform, pointed out the EMC-RSA relationship to eWEEK as a possible option for potential customers. Nonetheless, RSA is not a part of the original UCS initiative. But it is possible, certainly, that Cisco will bring in RSA as a security partner at a later date.

It also turns out that for other specific kinds of security that might be required in a UCS deployment, customers are expected to use their own existing server, storage and management security vendor-not one provided by Cisco itself.

"When we go out and talk to customers [about UCS], we tell them this: There are things in this system that we [provide that] add value, and there's a bunch of stuff that's essentially unchanged," Schwartz told eWEEK.

"There are a lot of standard best practices and solutions that we don't factor into solving customers' challenges. Built into the UCS Manager, however, we do have a sophisticated RBAC security system that handles both internal and external [network] authentication, that we've spent a lot of time on.

"This is very granular, to give people appropriate privileges, and also to support a full set of [standard] authentication devices. It supports LDAP (Active Directory authentication for server administrators) and others; on the network side, customers often use a Radius-type server or something similar. ... Most customers already have one of these systems in place, and what they want is for our system to fit into it gracefully," Schwartz said.

So, the bottom line is this: In the UCS scheme, Cisco will provide the built-in network protection through its UCS Manager.

However, if an enterprise wants to encrypt storage disks or desires high-end protection for its application, database, Web or any other type of servers, then the customer is on its own.

Chris Preimesberger Chris Preimesberger was named Editor-in-Chief of Features & Analysis at eWEEK in November 2011. Previously he served eWEEK as Senior Writer, covering a range of IT sectors that include data center systems, cloud computing, storage, virtualization, green IT, e-discovery and IT governance. His blog, Storage Station, is considered a go-to information source. Chris won a national Folio Award for magazine writing in November 2011 for a cover story on and CEO-founder Marc Benioff, and he has served as a judge for the SIIA Codie Awards since 2005. In previous IT journalism, Chris was a founding editor of both IT Manager's Journal and and was managing editor of Software Development magazine. His diverse resume also includes: sportswriter for the Los Angeles Daily News, covering NCAA and NBA basketball, television critic for the Palo Alto Times Tribune, and Sports Information Director at Stanford University. He has served as a correspondent for The Associated Press, covering Stanford and NCAA tournament basketball, since 1983. He has covered a number of major events, including the 1984 Democratic National Convention, a Presidential press conference at the White House in 1993, the Emmy Awards (three times), two Rose Bowls, the Fiesta Bowl, several NCAA men's and women's basketball tournaments, a Formula One Grand Prix auto race, a heavyweight boxing championship bout (Ali vs. Spinks, 1978), and the 1985 Super Bowl. A 1975 graduate of Pepperdine University in Malibu, Calif., Chris has won more than a dozen regional and national awards for his work. He and his wife, Rebecca, have four children and reside in Redwood City, Calif.Follow on Twitter: editingwhiz

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel