Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Cisco security chief: How to beat back security system complexity

Tim Greene | March 9, 2016
Cisco’s David Goeckeler Software on how upgrades can reduce the proliferation of security point products.

Cisco has aggressively bought up security vendors and worked on integrating their software protections into existing Cisco gear, making for a simpler, more secure and flexible network, says Cisco’s security chief.

“The customers we talk to have an average of somewhere around 50 to 60 different vendors in their network to deliver their security posture,” says David Goeckeler, senior vice president and general manager of Cisco’s security business. “What’s happening in the industry is the complexity of managing all those different products is overwhelming the effectiveness of them.”

To beat back that complexity, Cisco is making new security features available as software that can be deployed on existing devices such as Cisco ASA firewalls. Via its acquisition of OpenDNS, it’s also offering cloud services that add security protections without requiring upgrades or new gear.

Goeckeler recently spoke with Network World Senior Editor Tim Greene about these and other developments in Cisco’s evolving security architecture. This is an edited transcript of that interview.

What is Cisco’s broad approach to security?

Our customers have a patchwork of point products. It’s very difficult for them to tie those together so we’re constantly thinking about how do we decrease complexity and build security platforms that are open and extensible, drive enhanced visibility, automation, these kinds of issues, to basically give our customers more capability and at the same time reduce the complexity.

When you say reduce the complexity because customers have a patchwork of products, do you mean a patchwork of Cisco products or a patchwork of other vendors’ products?

A patchwork of security products. The customers we talk to have an average of somewhere around 50 to 60 different vendors in their network to deliver their security posture. I talk to many customers that have over 100. What’s happening in the industry is the complexity of managing all those different products is overwhelming the effectiveness of them.

We want to deliver new innovation into the security market. But we need to figure out a new way to do it that we’re not – every time we add a new product - we’re not adding a new box to the network, a separate management point. [W]e’re addressing this with a security architecture where the products work together to deliver a more effective and simpler solution to our customers.

We’ve spent approximately $4 billion in M&A in that timeframe to bolster the portfolio, pivot up the threat, fill in gaps, extend the portfolio, basically accelerate the building of that architecture and then we partner. No security vendor is going to have every single function. It’s a big market. We want to build an architecture that’s open and extensible and we partner and drive innovation around that architecture.

 

1  2  3  Next Page 

Sign up for CIO Asia eNewsletters.