Cisco’s Security Architecture

I’m at the paranoid geek-fest otherwise known as the RSA Conference. The event kicked off on Monday with a Cisco press conference announcing a new security architecture known as SecureX. SecureX isn’t anything brand new, rather it is the consolidation of a number of Cisco products (ASA, TrustSec, IronPort), management tools, and cloud services. What’s new here is the architecture. By combining independent products, Cisco can now understand who wants access to the network, what type of device he or she is using, where they are located, and what services they want to access. Armed with this information, Cisco can enforce calls “contextual security” policies at the network ingress point. While Cisco’s vision isn’t new, it’s position in security and networking give it a unique opportunity. Large organizations are sick of buying an army of security tools that don’t communicate. Cisco understands this and is offering an alternative — an integrated solution. An architecture where the whole is greater than the sum of its parts. What’s more, the Cisco architecture will get better over time as the number of integrated products increases and Cisco opens its APIs to 3rd parties.I’d like to see Cisco take its architecture further and focus on software rather than hardware. For example, Cisco could create its own message bus, data standards, and transaction processing to integrate 3rd party devices into its architecture as well. This could open up software (i.e. high margin) and services (i.e. custom integration), and even business logic development opportunities. Perhaps Cisco will go in this direction but Cisco’s announcement will certainly impact the security market. From now on, other security vendors will have to talk about integration, standards, and architecture rather than just point tools and the threat Du Jour.