This week, Juniper Networks announced a new cloud-based threat intelligence service focused on fingerprinting attackers’ individual devices. We’d like to officially welcome Juniper to the cloud-based security intelligence market—a space where Cisco has a proven track record of leadership through Security Intelligence Operations (SIO). Imitation is indeed the sincerest form of flattery, but in Juniper’s case, they entered the market years late and with limited visibility.
Let’s take a closer look at Juniper’s latest offering.
To start, here is what we know for certain: cyber threats take advantage of multiple attack vectors, striking quickly or lurking for days, months and even years inside your network. Not only this, but the Cisco 2013 Annual Security Report showcases how the web is an equal opportunity infector, with cyber threats crossing national, geographic and organizational boundaries as quickly and easily as users can click on a link. Security solutions must understand the attacks and infrastructure they are launched from, with tracking individual hackers doing far less for your defenses than blocking malicious activity being actively distributed over the network.
The Problem of Visibility
When a detective walks onto a crime scene, they don’t just focus on one thing. The only way to understand an event is to look at the entire scene: interview witnesses, check the neighborhood and look into the history of everyone involved; in other words, context—or the “who, what, where and how” information using every available piece of data.
Just as a skilled investigator builds a holistic picture, security solutions are only as reliable as the intelligence they receive, with Juniper’s being limited by the number of “honeypots” across their customer base. In network security, focusing on a single piece of information, a single attack vector, or one delivery mechanism misses the global visibility and context needed to stop advanced attacks. Cisco SIO powers our security solutions, receiving over 100 terabytes of network intelligence across 1.6 million deployed web, email, firewall and IPS devices. We correlate this data from physical, virtual and cloud-based solutions with a world-class threat research team, augmenting all of this with an ecosystem of third-party contributors. Fingerprinting is one small tool you should deploy in your arsenal, even though it has limited utility and perhaps even limited accuracy.
Read More »
Tags: 2013 annual security report, attackers, attacks, cloud-based threat intelligence, cyber, cyber threats, malware, security intelligence, security intelligence operations, sio, targeted attacks, threat intelligence
The RSA Conference is expected to be bigger and better than ever this year—more booths, more vendors, more technical sessions and keynotes.
But I have to ask the question: “Are we as IT practitioners better off now than we were 4 or 5 years ago?” There are a lot of people at the show who worry that the old approaches aren’t working and next generation solutions have not clearly come into focus. I do think, however, there are reasons to be cautiously optimistic.
Join me for a live broadcast from the RSA show floor on Wednesday, February 27 at 10:30 AM PT as I discuss what I’m seeing at the RSA conference and what it means for the IT Security industry. We’ll be taking your questions live via Twitter and Google Hangouts. Read More »
Tags: Cisco Security, CSO, cyber security, John N. Stewart, RSA 2013
In case you missed it, Network World’s Ellen Messmer published a rather surprising article on how Dell was going to “trump” Cisco in the information security market as a result of some recent acquisitions. Now certainly Dell is entitled to their beliefs. They’re in a difficult position right now, as Michael Dell and Silver Lake maneuver the company through a very complex set of buy-out related transactions. They need to give their customers assurance that they won’t be distracted through this process. And if you want to set a big impression with your customers, you might as well go after the market leader in security. Be it as it may, we can’t just sit back and let these blatant statements go unchecked. So, in the spirit of “fair and balanced” reporting, we thought we’d issue our own little fact check and let you conclude for yourself.
- “Cisco is a great competitor but they don’t have our holistic view” – Acquiring assets and bundling them together doesn’t constitute a “holistic” approach. Those assets must be closely integrated, which is the approach Cisco is delivering with its next generation security architecture. This architecture will be built on top of a multi-function security platform with deep network integration. There are many proof points today that demonstrate we are delivering against this strategy and architecture. Today our customers are deploying Cloud Web Security with their Cisco ISR G2 and ASA Next Generation Firewall through connectors built from Cloud Web Security. In addition we’ve brought market leading application, visibility and control to ASA, embedded deep in the firewall. But it doesn’t stop here.
- Now what about Dell’s comment that Cisco “doesn’t have an identity business“? Cisco’s Identity Services Engine provides the backbone of Cisco’s secure Unified Access solution. The real network security action is in delivering access privileges based on more than just user identity and group which is all Dell can do today with Quest. In the BYOD world customers also require action based on the type of device, posture of the device, and location. Cisco’s Identity Services Engine is the industry leading platform to deliver context based policy controls and then leveraging the network for distributed enforcement consistently across wired, wireless, and VPN access. This is a game-changer for the enterprise and our next generation end-to-end security architecture. Enterprises can now implement context-based policy from the access layer through the data center switching fabric without using brittle and costly network segmentation methods tied to VLANs and ACLs. This is real synergy, and it is delivering a holistic solution as opposed to a holistic press sound bite. But don’t just take our word for it; check out Gartner’s latest Magic Quadrant for NAC. Cisco’s ISE combines identity, device, and network with a market leading platform deployed in over 3000 customers.
- Just weeks ago we announced another key milestone with the introduction of ISE 1.2. With this latest release we also became the first vendor in the industry to offer automated profiling feeds making us better and faster at identifying new devices and operating systems. We’ve increased the speed and scalability of ISE to address the increasing demands brought on by the “Internet of Everything”. And we’ve added a new set of partner APIs enabling integration into key MDM partners – SAP, AirWatch, Citrix, Mobile Iron and Good. This expands the reach of ISE and enables customers to drive common context and identity management from the network all the way to the end point. Dell talk’s about their direction to advance the “concept” of embedded security to virtually any type of device. We’re not just talking about it, we’re doing it. Read More »
Tags: AirWatch, Cisco TrustSec, citrix, cloud, cloud security, dell, Ellen Messmer, Good technology, Internet of Everything, IoE, MDM, Mobile Iron, Network World, next generation firewall, next generaton firewall, nextgen firewall, NNW, SAP, TrustSec
As the demand for next-generation data center services increases, organizations have embraced virtualization and cloud-computing technologies that require security architectures to be more dynamic, automated, and services-oriented. Most network security technologies have not kept pace, they are static and fail to protect against modern threats. Additionally, siloed security technologies are a networking and data center team’s worst nightmare—they often require that the network be “dumbed” or retrofitted to accommodate security approaches.
This is why Cisco has embraced security as part of an end-to-end architecture. Cisco builds in security functions as part of the network fabric to help ensure an automated and resilient infrastructure. Our latest Secure DC bundle pairs the industry-leading router (Nexus 7000) and firewall (ASA 5585) to provide the backbone for a dynamic network with which to accelerate the adoption of newer and more capable applications and services. Various mix-and-match configuration options make this bundle ideal for data centers or any size industry. Read More »
Tags: asa 5585, Cisco Security, firewall security, multi-scale security, Nexus 7000, secure data center, small business network security
Employees, and many business, want to allow personal devices to be used at work, and potentially for work. However, balancing that with corporate policies for information security, clear rights-of-use, liability, and then bounding it within an acceptable IT cost structure is no small feat. Cisco joined forces with leading MDM vendors to link together a solution that starts at day zero – when an employee first buys a new device and tries to use it at work. It includes self-service onboarding to the network, offering a choice of using a device as a guest or work asset, and forced enrollment in (and compliance with) MDM when business policy must be enforced.
Citrix recently acquired Zenprise to add top-tier MDM to their mobile workspace and application management solution. The good news is Zenprise is an early MDM partner with Cisco, and Citrix inherits the integration work. The tight linkage of Cisco’s Unified Access Solution, and the Cisco Identity Services Engine, to what is now Citrix XenMobile MDM, is a powerful combination for customers to deploy since it brings quite a bit more to the table than standalone MDM.
Tags: citrix, Identity Services Engine, ISE, MDM, Mobile Device Management, mobile device security, mobile devices, unified access, Zenprise