Cisco Systems is adding security throughout the network, from the systems running in the data center through the campus networks and out to the cloud and endpoints in the users’ hands.
On the first day of the Cisco Live 2015 event in San Diego June 8, company officials outlined a strategy that they said will bring greater threat visibility into every part of the network, an important capability that comes as the promise of the Internet of everything (IoE) and what they call the Digital Economy also creates a broader attack surface for increasingly sophisticated cyber-criminals.
The new security capabilities will include more sensors for increased visibility, more control points and pervasive threat protection, Cisco officials said.
“The more things become connected, the more opportunities exist for malicious actors as well,” Scott Harrell, vice president of product management for Cisco’s Security Business Group, said in a post on the company blog. “We are now dealing with a new world where more and more devices are creating a broader and more diverse attack surface that can be exploited.”
Harrell wrote that being able to both respond faster to threats and achieve better outcomes “requires a tightly integrated security architecture that is as pervasive as the devices and services we are protecting. For this reason, we believe that the most effective way to confront these challenges is to evolve to an approach that extends security everywhere—both embedded into the intelligent network infrastructure and pervasive across the extended network—from the service provider to the enterprise network infrastructure, data center, IoT [Internet of things], cloud and endpoint.”
As Cisco executives over the past several years have pushed to grow the networking giant into an enterprise IT services and solutions provider, they have built up the company’s security portfolio through both in-house development and outside acquisitions of such vendors as Sourcefire, ThreatGrid, Cognitive Security and Neohapsis. They also have made security a key part of Cisco’s product planning, most recently in April when officials said they were integrating intrusion prevention technology from Sourcefire into the Application Centric Infrastructure (ACI) network virtualization solution.
The rapid industry changes and proliferation of mobile devices put the need in focus, according to Cisco officials. The company is predicting that by 2020, there will be 50 billion connected devices worldwide as part of a larger IoE market that they said will generate $19 trillion in value to businesses over the next decade and create a $1.7 trillion opportunity for service providers. At the same time, cyber-threats are growing in numbers and becoming more sophisticated, creating an opportunity for cyber-criminals of between $450 billion and $1 trillion.
In addition, since 2009, Cisco has seen a 66 percent annual growth rate of detected security incidents, Harrell wrote.
“By placing security at the heart of the infrastructure, security becomes a business enabler for businesses to confidently take full and secure advantage of opportunities presented by digitization,” he wrote.
Cisco Pushes Security to All Parts of the Network
With the new capabilities, Cisco networks can now automate and dynamically enforce security policies, according to officials.
For endpoints that use Cisco’s AnyConnect 4.1 VPN client, Cisco now is offering AnyConnect Feature Cisco AMP (Advanced Malware Protection) for Endpoints to continuously guard against advanced malware. In addition, at branch and campus offices, Cisco is bringing FirePower Services to its Integrated Services Routers (ISRs) that enables central management of next-generation intrusion prevention and AMP integrated in the network fabric.
Cisco officials also are embedding various security technologies into the network infrastructure to enable businesses to more quickly identify users and devices associated with anomalies, threats and misuse of the network and applications. They said the move will make the network more of both a sensor and an enforcer.
Cisco is bringing broader integration between its Identity Services Engine (ISE) and Lancope StealthWatch, enabling users to better identify threats. NetFlow on the Unified Computing System (UCS) hardware also will give businesses greater visibility into network traffic flow patterns and threat intelligence in the data center, officials said. The company also is offering its ISE through a hosted cloud service.
In addition, for service providers, Cisco is rolling out the Firepower 9300 Integrated Security Platform that can scale according to business demands and capabilities that enable the vendor’s new security solutions to integrate not only with its own architecture but also with third-party software-defined networking (SDN) and network-functions virtualization (NFV) solutions. Included in the orchestration and cloud capabilities are open APIs for integration with offerings from other vendors.
Other features such as secure containers will offer future security services and applications, officials said.