• United States



Contributing Writer

Cisco’s Security Architecture

Feb 16, 20112 mins
Cisco SystemsData and Information SecuritySecurity

SecureX: The Right Direction

I’m at the paranoid geek-fest otherwise known as the RSA Conference. The event kicked off on Monday with a Cisco press conference announcing a new security architecture known as SecureX. SecureX isn’t anything brand new, rather it is the consolidation of a number of Cisco products (ASA, TrustSec, IronPort), management tools, and cloud services. What’s new here is the architecture. By combining independent products, Cisco can now understand who wants access to the network, what type of device he or she is using, where they are located, and what services they want to access. Armed with this information, Cisco can enforce calls “contextual security” policies at the network ingress point. While Cisco’s vision isn’t new, it’s position in security and networking give it a unique opportunity. Large organizations are sick of buying an army of security tools that don’t communicate. Cisco understands this and is offering an alternative — an integrated solution. An architecture where the whole is greater than the sum of its parts. What’s more, the Cisco architecture will get better over time as the number of integrated products increases and Cisco opens its APIs to 3rd parties.I’d like to see Cisco take its architecture further and focus on software rather than hardware. For example, Cisco could create its own message bus, data standards, and transaction processing to integrate 3rd party devices into its architecture as well. This could open up software (i.e. high margin) and services (i.e. custom integration), and even business logic development opportunities. Perhaps Cisco will go in this direction but Cisco’s announcement will certainly impact the security market. From now on, other security vendors will have to talk about integration, standards, and architecture rather than just point tools and the threat Du Jour.

Contributing Writer

Jon Oltsik is a distinguished analyst, fellow, and the founder of the ESG’s cybersecurity service. With over 35 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies. Jon focuses on areas such as cyber-risk management, security operations, and all things related to CISOs.

More from this author