Cisco Systems’ $2.7 billion acquisition of cyber-security company Sourcefire on Oct. 7 could significantly boost its growing security business, a key part of the tech vendor’s efforts to expand its networking roots to become an enterprise IT solutions and services provider.
The deal, which was first announced in July, came several months after the company’s purchase of Cognitive Security in January. Deals like these are not new to Cisco, but company executives have been vocal about the significance of the Sourcefire buy.
The deal greatly expands Cisco’s capabilities in areas such as next-generation firewalls, next-generation intrusion-preventions systems and advanced malware protection, according to Bret Hartman, chief technology officer of Cisco’s Security Group. It also dovetails with Cisco’s efforts to expand its reach throughout the data center.
“The goal that [Cisco CEO] John Chambers has stated is for Cisco to be the number-one IT company,” Hartman said in an interview with eWEEK. “Security is a very crucial component, and enterprises expect that. … You can’t be considered a credible [IT vendor] without this security.”
Security concerns should only increase as more devices and systems becomes connected to the Internet and more workloads find their way into the cloud. Hartman said that what companies are looking for are flexible and simple security solutions that protect them from the edge to the data center, which Sourcefire will enable Cisco to do.
Cisco has been aggressive over the past year in building up its security capabilities. The company in 2012 hired Hartman, who at the time was CTO at RSA Security, the security business for storage giant EMC. In January came the Cognitive acquisition, which brought with it a real-time behavioral analytics solution that Cisco has been integrating with its cloud-based global threat intelligence technology. These changes may help enhance security in distributed networks and reduce cyber-threats, both crucial capabilities during a time of increasing cloud computing and mobility.
With Sourcefire, Cisco is gaining security technologies that complement what it already offers with little overlap, Hartman said. The first step will be to integrate Sourcefire into Cisco, and to begin moving the products closer together. Customers should immediately be able to access Sourcefire products through Cisco, but enterprises will see tighter integration between Sourcefire and Cisco solutions occur over the next few months, he said.
For example, Cisco will continue innovating both its ASA firewall technology and the FirePower platform from Sourcefire, looking for ways to incorporate both in future security solutions. The result will be a wider range of security capabilities for Cisco, according to Chris Young, senior vice president of Cisco’s Security Group.
“The single network perimeter has been replaced by a constantly morphing set of users, locations, access methods and devices creating the dual challenge of defending a dynamic perimeter and creating a near infinite number of points of vulnerability,” Young wrote in a post on Cisco’s blog. “To address these customer concerns, Cisco will provide a deep and broad portfolio of integrated solutions that deliver unmatched visibility and continuous advanced threat protection across the entire attack continuum, allowing customers to act smarter and more quickly—before, during, and after an attack.”
Cisco Execs: Sourcefire Deal Bolsters Security Portolio
He wrote that Cisco will rely on a threat-centric security model with a heavier focus on threats rather than policy and controls.
“Given the fast-changing threat landscape, an organization’s approach to reducing the time from breach to recovery needs to be integrated, pervasive and continuous, as well as open,” Young wrote. “Through our threat-centric model, we will provide broad coverage across all potential attack vectors, rapidly adjust to and learn from new attack methods, and implement that intelligence back into the infrastructure after each attack.”
Additionally, Cisco’s Sourcefire acquisition shows the company’s continued commitment to open technology. Sourcefire founder and CTO Martin Roesch in 1998 developed Snort, an open-source intrusion-detection and prevention engine that Cisco officials said they plan to integrate within their own security solutions.
Competitors have consistently criticized Cisco for what they say are closed and proprietary solutions, However, Hartman and others point to Cisco’s support of such open protocols as OpenFlow for software-defined networks and its participation in groups like the OpenDaylight Project—a vendor-driven effort to create a standards-based SDN platform—as evidence of the company’s support of open technology. Roesch, who will become vice president and chief architect of Cisco’s Security Group, said he is confident that Cisco is the right home for both Sourcefire and Snort.
“I can assure you that Sourcefire’s standard for security innovation will thrive under Cisco with our shared commitment to provide market-leading, threat-focused capabilities,” he wrote in a post on the Sourcefire blog.
Cisco’s push to expand its reach in the data center and cloud is placing it in greater competition with a range of top-tier tech vendors. Where once the company’s primary concern was other networking vendors, such as Juniper Networks, Cisco is now competing with the likes of IBM, Hewlett-Packard, EMC and Dell as enterprise IT vendors.
“It’s no longer just about the classic set of network vendors,” Hartman said. “A lot of the bigger companies are building out” their enterprise solutions portfolio.
For Cisco, part of that effort is convincing people to look at it as a company providing a broad range of IT offerings beyond its networking portfolio. And people now are recognizing it for its security capabilities, Hartman said.
“It’s definitely changing,” he said, when asked about customers’ perceptions about Cisco and security technology. “We’ve made massive progress getting people to see Cisco as a … security vendor.”