Where do Cisco's network security plans go from here?

Despite its leadership position in most enterprise security product areas, Cisco faces a number of technological and competitive challenges to stay out in front.
For example, the overarching security plan Cisco outlined two years ago known as SecureX remains very much a work in progress. The basic idea behind SecureX is to give customers a broad view of what computer and mobile device users are doing on the network.
The SecureX architecture has been called over-complicated and perhaps too dependent on having a Cisco-based infrastructure, but the basic idea is that by collecting real-time information about the individual's network usage and applications, device make, location and other variables, appropriate security policies can be established for network authorization.
Originally spearheading SecureX was Tom Gillis, a former vice president and general manager for the Cisco technology group who departed in 2011 and is now CEO of startup Bracket Computing. But Cisco says the importance of the SecureX initiative remains the same.
Support for SecureX has come first in the Cisco ASA CX Context-Aware Security Next-Generation Firewall. Dave Frampton, vice president of security at Cisco, says it's now on to "the next phase of SecureX," which will be the "routing and switching infrastructure," though he offers no specific time frame for completion.
Frampton emphasizes that "SecureX conveys our entire approach to security." He says about 3,000 Cisco customers have adopted SecureX security components, which include the older Cisco Identity Services Engine and TrustSec tagging methodology. He says tens of thousands more are indicating a high level of interest in SecureX.
Beyond SecureX, Cisco faces other challenges from analysts and enterprise IT security managers alike.
Gartner -- the consultancy whose thumbs-up or thumbs-down opinions on information technology are often a strong influence on enterprise managers and vendors -- has been critical of Cisco, especially in terms of its firewalls. For example, Gartner says that so-called next-generation firewalls (NGFW) that are application-aware rather than simply port-based are the direction that firewalls should be going. So while lavishing praise on other Cisco competitors -- Palo Alto Networks for its NGFW and Check Point Software Technologies for its array of firewalls and their management for complex environments, putting these two vendors in the Gartner firewall "leaders" category -- Gartner's report calls Cisco merely a "challenger."
While giving Cisco kudos for having a good support network and reputation analysis capabilities for its firewall customers, Gartner indicates that Cisco at this time does not seem to be displacing Palo Alto or Check Point on "vision or feature" and Cisco "does not effectively compete in the NGFW field that is visible to Gartner."
According to Cisco spokesman David Oro, "Cisco customers would say differently." He notes that the Cisco ASA CX firewall only shipped last July, and it would only be fair to give it time in the market. He says Cisco consider Gartner's research in this case "outdated," perhaps because it takes considerable time to put together this kind of lengthy Gartner report.

By Ellen Messmer

0 yorum: