Cisco has rolled out a new product plus additional enhancements aimed at protecting data centers moving towards consolidated and virtual environments, as well as cloud enablement.
"Rather than bolting on security as an afterthought, we are layering all of our security throughout the network itself," said Jeff Aboud, product marketing manager at Cisco. "We get a lot of network information and pull that intelligence, based on millions of endpoints, in order to establish what is really going on. Security needs to be able to scale. You need to secure the environment without introducing chokepoints." Highlights include software updates to increase the scalability of the Cisco Adaptive Security Appliance (ASA) line of firewalls, a virtualized variant of the ASA to support multi-tenant environments, a new intrusion prevention system (IPS) product optimized for the data center, as well as various improvements to the Cisco AnyConnect Secure Mobility Client in order to better secure BYOD environments.
Another new offering, the IPS 4500 Series, is a new intrusion prevention system (IPS) designed for data center-grade performance. "This is a standalone IPS that is really built for the enterprise," said Aboud. It has 10 Gbps IPS throughput, and the top slot is empty so that in future releases we can double the performance of the device."
Meanwhile, Cisco Security Manager 4.3 provides centralized management for a wide range of Cisco security devices, featuring high visibility and information sharing in order to augment compliance and assessments. "We've added a lot of new capabilities that really streamline the operation and increase efficiency," said Aboud. It has everything from health and performance monitoring to physical network security deployment, all from a single screen. You can also set parameters for proactive alerts. It also does image upgrade capabilities that makes it a lot easier to load updates." Supported devices include the Cisco ASA 5500 and 5500-X Series Adaptive Security Appliances; Cisco IPS 4200, 4300 and 4500 Series Sensor Appliances; the Cisco AnyConnect Secure Mobility Client; and Cisco Secure Routers. Cisco AnyConnect 3.1 is positioned as a BYOD enabler, providing full IPv6 support as well as next-generation "Suite B" cryptography. Cisco has also included various professional and support services that can smooth customer transitions as well as added additional margin for channel partners. "Partners can follow the money and be able to provide the products and services that solve the problem that the customers deal with," said Susan Don, director of security business development. "This will help partners to call on customers of all sizes, and bring to the table a full opportunity. The partner can really be consultative and then back it up with their professional services. They can see a 30 percent uplift by incorporating security into the conversation." At least one Cisco partner is recognizing the opportunity associated with the raft of new security products being rolled out. "This has the performance that we need to take the discussion to the next level with our customers," said Michael Zozaya, practice manager for security, wireless, and network infrastructure at Nexus IS, a Valencia, Calif.-based partner. We love having all these firewall capabilities within the virtual stack. We think it is going to be a very good moneymaker for us." Zozaya also called upon Cisco to market and evangelize their security capabilities more effectively than they have done in the past. "They go to the mainstream trade shows in the security space, but they are a lot more focused on collaboration and everything else that they do. So they are not seen as a security player, regardless of market share, because they don't say very much about it. That really needs to change."