Cisco Systems has a vision of network security that is finally coming to light.
The company’s new line of routers, announced in September, reveals an essential component, which provides a key underpinning for Cisco’s Self-Defending Networks strategy. In a Self-Defending Network scenario, as envisioned by Cisco, networks have the inherent capability to identify security threats, automatically react to the severity level of those threats, isolate infected servers and desktops, then reconfigure network resources to appropriately respond to – and defend against – the attack.
The routers recently announced include the 3800, 2800 and 1800 series, which provide imbedded security capabilities. This security function can be further enhanced through what are described as embedded security services as well as modular additions. These new routers, although they do not deliver the entire vision of Self-Defending Networks, do provide part of the fundamental fabric necessary to achieve Cisco’s vision of intelligent and automated security. It is the beginning.
All three series of routers feature “on-board” encryption and firewall function. Modular additions may include network analysis/diagnostic function, URL filtering, HTTP caching and intrusion detection.
Also announced was Version 2 of Cisco’s Security Device Manager software, which among other things provides an ability to perform a “one-touch” auto lockdown of devices – a handy little feature when rapid response to a network security event is required.
What’s been delivered here is integration of security function as an imbedded feature of networking gear – a value proposition being extolled these days by most network equipment makers. It’s how many enterprises today seek to purchase security and how most network equipment vendors think it should be built. What’s becoming increasingly apparent these days, as both the market for security products advances and as vulnerabilities and risks to which IT environments are exposed increases, is that security as an overlay to existing infrastructures is the wrong approach.
Most experts seem to agree that security must be built into the very core of every connected IT device and within each and every process and application.
One size definitely does not fit all when it comes to the function and features required in security solutions. To that end, Cisco’s modular approach, at least in theory, means that a customer may add as little or as much as required and that there exists with the new routers a future growth path for security enhancements and new features as these are developed. On the flipside, however, not everyone will be happy or convinced that the Cisco approach to integrated security is the way to go.
For those who’ve recently purchased the 3700, 2600 or 1700 series routers, for example, you might be kicking yourself for not having waited longer to buy. The new lines of routers will ultimately replace these aforementioned models and probably sooner rather than later. Cisco says there is a buyback program available for those looking to move up to the new gear.
Much of Cisco security is based in software, which is added in modular form to the company’s communications hardware. The competition has long criticized this approach as having fundamental security weaknesses, since software coding can be accessed and modified by those determined enough to be malicious. Some network equipment makers, looking to similarly position network security as a key value add to their products claim that security should instead be part of the very hardware fabric – burned into the ASICs and other hardware components, which cannot so easily be compromised.
Then there is the question of whether Cisco can compete in the space of small business, where price competitiveness weighs heavily in purchase decisions. While Cisco has set its sights on what it calls the consumer market – two segments of business, which include companies with less than 250 employee and those with between 250 and 500 employees – many would doubt whether the company could unseat the competition in this space.
Small business customers would probably say they’d like to purchase Cisco gear, but in the same breath many would also admit that it’s too expensive for them. Cisco may not have dispelled this perception with its new router releases. The 1841 model offered in the 1800 series, for example, is designated a small office product and priced at US$1,395 – significantly more expensive than desktop routers from the likes of 3Com, D-Link, NetGear, Allied Telesyn, and SMC, among others.
Still, from Cisco’s perspective, the company’s new line of routers brings substance to an important vision. The future of networking and computing in general is one where security is an intrinsic piece, and Cisco clearly sees the value in that.