We’ve invested considerable time, effort, and money in the effort to make Cisco products robust enough for deployment as Trustworthy Systems, either in their own right or integrated into a complete solution. At its essence, attaining trustworthiness is a matter of discipline—a series of conscious actions to build products in the right way, certify their conformity to prevailing industry and customer-required standards, and keep a careful watch on the integrity of the product supply chain, from initial product concept through their integration and operation over a solution lifecycle. But the most important attribute of a trustworthy system is vendor transparency. I define this as a customer’s ability to ask a vendor any question and to receive a complete, honest answer in return.
Mobility and application access capabilities have encouraged many of today’s work patterns. Some work behaviors were recently noted in a Cisco-commissioned research report on mobility and BYOD comparing IT and end user viewpoints. Striking about the findings is that day-to-day business activities were relatively balanced on wired and wireless connections—so while mobility is here and growing, usage is no more than wired. Core to the findings were end users’ view that mobile devices are 37% less effective than their corporate laptop for conducting business activities. From an IT perspective, managing devices and multiple policies in a wired and wireless environment was a key challenge. Mobile device usage behaviors surveyed suggested a personal and social flair. The predominant applications used on mobile devices are not specific business applications (22%) but collaborative applications (56%). The report also indicates that mobile devices are used for personal use more frequently than IT estimates. Read More »
This week, Juniper Networks announced a new cloud-based threat intelligence service focused on fingerprinting attackers’ individual devices. We’d like to officially welcome Juniper to the cloud-based security intelligence market—a space where Cisco has a proven track record of leadership through Security Intelligence Operations (SIO). Imitation is indeed the sincerest form of flattery, but in Juniper’s case, they entered the market years late and with limited visibility.
Let’s take a closer look at Juniper’s latest offering.
To start, here is what we know for certain: cyber threats take advantage of multiple attack vectors, striking quickly or lurking for days, months and even years inside your network. Not only this, but the Cisco 2013 Annual Security Report showcases how the web is an equal opportunity infector, with cyber threats crossing national, geographic and organizational boundaries as quickly and easily as users can click on a link. Security solutions must understand the attacks and infrastructure they are launched from, with tracking individual hackers doing far less for your defenses than blocking malicious activity being actively distributed over the network.
The Problem of Visibility
When a detective walks onto a crime scene, they don’t just focus on one thing. The only way to understand an event is to look at the entire scene: interview witnesses, check the neighborhood and look into the history of everyone involved; in other words, context—or the “who, what, where and how” information using every available piece of data.
Just as a skilled investigator builds a holistic picture, security solutions are only as reliable as the intelligence they receive, with Juniper’s being limited by the number of “honeypots” across their customer base. In network security, focusing on a single piece of information, a single attack vector, or one delivery mechanism misses the global visibility and context needed to stop advanced attacks. Cisco SIO powers our security solutions, receiving over 100 terabytes of network intelligence across 1.6 million deployed web, email, firewall and IPS devices. We correlate this data from physical, virtual and cloud-based solutions with a world-class threat research team, augmenting all of this with an ecosystem of third-party contributors. Fingerprinting is one small tool you should deploy in your arsenal, even though it has limited utility and perhaps even limited accuracy.
Tags: 2013 annual security report, attackers, attacks, cloud-based threat intelligence, cyber, cyber threats, malware, security intelligence, security intelligence operations, sio, targeted attacks, threat intelligence
The RSA Conference is expected to be bigger and better than ever this year—more booths, more vendors, more technical sessions and keynotes.
But I have to ask the question: “Are we as IT practitioners better off now than we were 4 or 5 years ago?” There are a lot of people at the show who worry that the old approaches aren’t working and next generation solutions have not clearly come into focus. I do think, however, there are reasons to be cautiously optimistic.
Join me for a live broadcast from the RSA show floor on Wednesday, February 27 at 10:30 AM PT as I discuss what I’m seeing at the RSA conference and what it means for the IT Security industry. We’ll be taking your questions live via Twitter and Google Hangouts. Read More »
In case you missed it, Network World’s Ellen Messmer published a rather surprising article on how Dell was going to “trump” Cisco in the information security market as a result of some recent acquisitions. Now certainly Dell is entitled to their beliefs. They’re in a difficult position right now, as Michael Dell and Silver Lake maneuver the company through a very complex set of buy-out related transactions. They need to give their customers assurance that they won’t be distracted through this process. And if you want to set a big impression with your customers, you might as well go after the market leader in security. Be it as it may, we can’t just sit back and let these blatant statements go unchecked. So, in the spirit of “fair and balanced” reporting, we thought we’d issue our own little fact check and let you conclude for yourself.
- “Cisco is a great competitor but they don’t have our holistic view” – Acquiring assets and bundling them together doesn’t constitute a “holistic” approach. Those assets must be closely integrated, which is the approach Cisco is delivering with its next generation security architecture. This architecture will be built on top of a multi-function security platform with deep network integration. There are many proof points today that demonstrate we are delivering against this strategy and architecture. Today our customers are deploying Cloud Web Security with their Cisco ISR G2 and ASA Next Generation Firewall through connectors built from Cloud Web Security. In addition we’ve brought market leading application, visibility and control to ASA, embedded deep in the firewall. But it doesn’t stop here.
- Now what about Dell’s comment that Cisco “doesn’t have an identity business“? Cisco’s Identity Services Engine provides the backbone of Cisco’s secure Unified Access solution. The real network security action is in delivering access privileges based on more than just user identity and group which is all Dell can do today with Quest. In the BYOD world customers also require action based on the type of device, posture of the device, and location. Cisco’s Identity Services Engine is the industry leading platform to deliver context based policy controls and then leveraging the network for distributed enforcement consistently across wired, wireless, and VPN access. This is a game-changer for the enterprise and our next generation end-to-end security architecture. Enterprises can now implement context-based policy from the access layer through the data center switching fabric without using brittle and costly network segmentation methods tied to VLANs and ACLs. This is real synergy, and it is delivering a holistic solution as opposed to a holistic press sound bite. But don’t just take our word for it; check out Gartner’s latest Magic Quadrant for NAC. Cisco’s ISE combines identity, device, and network with a market leading platform deployed in over 3000 customers.
- Just weeks ago we announced another key milestone with the introduction of ISE 1.2. With this latest release we also became the first vendor in the industry to offer automated profiling feeds making us better and faster at identifying new devices and operating systems. We’ve increased the speed and scalability of ISE to address the increasing demands brought on by the “Internet of Everything”. And we’ve added a new set of partner APIs enabling integration into key MDM partners – SAP, AirWatch, Citrix, Mobile Iron and Good. This expands the reach of ISE and enables customers to drive common context and identity management from the network all the way to the end point. Dell talk’s about their direction to advance the “concept” of embedded security to virtually any type of device. We’re not just talking about it, we’re doing it. Read More »
Tags: AirWatch, Cisco TrustSec, citrix, cloud, cloud security, dell, Ellen Messmer, Good technology, Internet of Everything, IoE, MDM, Mobile Iron, Network World, next generation firewall, next generaton firewall, nextgen firewall, NNW, SAP, TrustSec