Digital transformation. It's a reality that few companies today can escape. For some, the process is well underway. For many others, it's an oncoming inevitability. Whichever side of the gap your organization is on, you're probably facing a "security effectiveness gap" as the process brings more users, devices and applications online, creating an ever-expanding attack surface.
Cisco today moved to close that gap with an architectural approach to services and cloud-based security solutions that it says will make security more effective and simpler for customers.
"The problem we're trying to address is helping our customers to close the security gap," says Ben Monroe, senior product marketing manager, Security Business, Cisco. "There's a disparity between what our customers are trying to do, the tools they're being provided with to do it and the challenges the external threat landscape is pushing onto them."
More security products make you vulnerable
Companies today are deploying up to 70 disparate security products to address a variety of needs, Monroe says. But that practice is difficult to manage and can ultimately make businesses more vulnerable, not less. In many cases, he notes, adding a new feature to your layered defense can dramatically increase the complexity of managing that defense.
"It's very hard to tell customers that a layered approach is important when each of those layers is operating independently — different operating consoles, interfaces, not sharing data," he says. "When a customer adds a new product, they are gaining sometimes not very much more in terms of security capability, a small percentage point more effectiveness, whereas the complexity they're adding is exponential."
By combining its network visibility and breadth of integrated products, Cisco aims to make it simple for distributed and mobile businesses to deploy effective security where needed — whether at the branch office, headquarters or with the end user wherever they go. Cisco's approach is to embed security into the points of connection that users traverse so that the network, access points or endpoints are safe before a user even logs on.
Cisco announced the following solutions and services today:
- Cisco Umbrella Roaming. This centralized, cloud-delivered protection is designed for removing off-network blind spots, guarding roaming employees wherever they work. It's embedded as a module with AnyConnect (Cisco's VPN solution), giving organizations the capability to add a new layer of off-network protection that blocks connections to malicious sites without needing to deploy another agent.
- Cisco Umbrella Branch. This cloud-delivered solution provides increased control over guest Wi-Fi use with content filtering. Businesses can upgrade Integrated Services Routers (ISR) to provide comprehensive security at branch locations.
- Cisco Defense Orchestrator. This cloud-based management application provides the capability to manage a large security infrastructure and policies in distributed locations across thousands of devices through a cloud-based console. Monroe says it allows users to manage security policies across Cisco security products ranging from ASA and ASAv firewalls to Firepower next-generation firewalls and ASA with FirePOWER Services featuring Firepower Threat Defense and OpenDNS.
- Cisco Meraki MX Security Appliances with Advanced Malware Protection (AMP) and Threat Grid. This cloud-managed unified threat management (UMT) solution is designed for advanced threat protection for the distributed enterprise. It provides branch offices with malware protection that checks files against its cloud database to identify malicious content, blocking the files before users download them.
- Stealthwatch Learning Networks License. This component allows the Cisco ISR to act as a security sensor and enforcer for branch threat protection. Businesses can use it to detect and track anomalies in network traffic, analyze suspicious network activity and identify malicious traffic.
Sign up for CIO Asia eNewsletters.