Ciscos Challenge: Catching the CIOs Eye - Page 2

How is the wireless unit being integrated into the rest of Cisco? Is it the Rodney Dangerfield among Cisco business units—gets no respect?

If you remember, the switching business unit used to be the Rodney Dangerfield [of Cisco]. Wireless does get a lot of respect. We think wireless can be a $1 billion business in the next one to three years. We have to build best-of-breed wireless access systems, but its too important to do it just as stand-alone [appliances]. The security team works closely with wireless; voice integrates with it. We like to think of it as giving the business unit the autonomy it needs to be successful. The wireless team is in the throes of innovation, but with the ties to integration of wireless and wireline. We started with the Aironet acquisition, complemented that with Airespace for wireless controllers. Well solve this for commercial and large enterprises.

What is the status of the work that Cisco and Microsoft are conducting to ensure that Ciscos Network Access Control architecture works with Microsofts Network Access Protection architecture? And what concrete milestones can you point to as evidence of real progress in that effort?

The history of it is that we started the NAC concept as being network-centric. NAP is Windows-centric. We learned the customer wanted both. So we came up with a consistent implementation: We both use the same client, we use the 802.1X Linksec protocol, and Microsoft does NAP on the servers. We do NAC on the network. Weve been sharing NAC for six months and done internal testing with Microsoft. Now were waiting for Microsoft to introduce NAP in the mainstream with Vista. We will start another suite of activities [once Vista ships].

The next step is real-world deployments. We have more experience because we have it in the field. Weve deployed it in our own IT organization. We found out we have 1,000 [Apple Computer] Macs at Cisco. IT wanted NAC for Macs. We found a way to treat them as part of NAC, and we are working with Apple on a potential client. But for now we have a solution without one. NAC is like house cleaning. Youre never done. We started with Unix, Linux and Windows, and well expand it over time. We have 60 partners now for NAC, with half of them shipping products. Among those partners are Symantec, McAfee, Trend [Micro]. We have a healthy motive to make sure everything is more secure. Universities have the biggest NAC deployments. The biggest is over 50,000 nodes.

How much longer do you think selling stand-alone firewalls is a viable business?

Itll be a long time for those. First, its a healthy business for small and medium-sized businesses. Second, in the enterprise, its hard to define a perimeter. Firewalls have evolved to be the universal threat defense. Third, data center or application firewalls with flow-based inspections are a class in itself. Then there are specialized firewalls. The reality is its a $2 billion market that is segmenting.

How well has the market accepted the multifunction Adaptive Security Appliance 5500 series since its launch last May?

Its now being adopted well, but it had a slow start. At the launch we also introduced Pix 7.0. The ASA 5500 after two quarters did well. Pix 7.0 took off right away. New customers are looking at the ASA 5500 for unified threat defense not just one function.

Do you think that the departure of your mentor—Mario Mazzola—along with your colleagues Luca Cafiero and Prem Jain will hurt Cisco?

I personally miss Mario very much. I would like to believe that [for Cisco] its about cultivating depth in your leadership. Cisco is not the same without them, but it wont miss a beat. They will always have a special place in Cisco.


Check out eWEEK.coms for the latest news, views and analysis on servers, switches and networking protocols for the enterprise and small businesses.