Cisco weaves security with networking

The pasha of networking, with huge market shares in switches and routers, Cisco now wants to go a step further and tap the security market by embedding security modules in its networking gear. SRIKANTH R P & Stanley Glancy analyse the impact Cisco could make in this highly fragmented market

‘When opportunity does not knock, build a door,’ goes a not-so-famous adage. In sluggish times, this adage sounds apt, as a host of innovative companies are looking at opportunities beyond their traditional domains. Take networking giant Cisco’s strategy to tap the booming security market, which is growing at an exponential rate and more so since the infamous 9/11 episode. What’s interesting is that to gain headway in this lucrative market Cisco does not have to exactly build a door, since it already has a foot in the door, courtesy its networking gear.

Cisco’s switches and routers power most networks in the world, and in India too the company has a dominant market share in this space. But if one looks at security, Cisco’s brand recall is not as high as in the case of networking. But recent moves by the company could position Cisco in a dominant position in the security segment too. While the company has been selling security solutions like VPNs and firewalls for a long time now, the move to start offering security-based modules integrated with the hardware it sells to customers could create a huge impact in the market.

Cisco has started integrating network security modules into its Catalyst 6500 series of multilayer switches.

What this means is that existing users of the Catalyst 6500 range can simply buy and plug in features like firewalls, VPNs, intrusion detection systems and secure socket layers without the hassles of integration. If Cisco succeeds in this approach, security could become a standard feature on all switches and routers, similar to the way more and more notebooks today ship wireless-ready.

Cisco’s bullishness and optimism on security can be seen from the fact that Cisco is chasing a record $1 billion target from security alone this year, on a global basis. Says Naresh Wadhwa, vice president-West for Cisco Systems, “In line with global phenomena, in India too awareness about investing in security is increasing in a big way. Organisations are also realising that it is important to have a complete blueprint in place before investing in standalone products from various vendors. As we have a presence in almost all the major security products such as VPNs, firewalls and Intrusion Detection Systems (IDS) we are adequately positioned to offer the customer an end-to-end solution. But the key difference with respect to the competition would come from the fact that we are the clear leaders in the enterprise networking space. As our security products like VPNs, firewalls and IDS have been integrated in the hardware itself there are no hassles of integration for the end-customer.”

He goes on to add, “There is also a significant investment protection for the customer as the cost of ownership is far less than when it comes to investing in fresh infrastructure.” Wadhwa claims that Cisco in India is witnessing growth rates of over 100 percent in the security space.

Naresh Wadhwa says the key difference between Cisco and other security vendors comes from the fact that Cisco is a clear leader in the enterprise networking space	By integrating firewalls, VPNs, SSL and intrusion detection into switches in a modular way, Cisco has provided flexibility to customers in deploying security technology, says Rajat Mohanty	Dilip Kumar says the strategy of integrating security technologies with routing capabilities benefits customers, thanks to ease of deployment and single-point accountability

Cisco’s strategy is a significant departure from the vendor-based approach where a customer bought different products from different vendors and then integrated them into the network. While Cisco has separately sold security products like VPNs and firewalls for years, the new integrated approach could fundamentally change the way the security space is looked at today, with a plethora of specialist players fighting for market share.

Says Rajat Mohanty, CEO, Paladion Networks, “Cisco’s initiative is a logical step towards integrating security with networking products. By integrating firewalls, VPNs, SSL and intrusion detection into switches in a modular way, Cisco has provided flexibility to customers in deploying security technology. It can also cater to high speed networks better, which will be another added benefit.”

Approach
The seriousness of the company’s approach when it comes to conquering the security market can also be seen in the spate of acquisitions Cisco has made in the last six months. The company recently acquired Psionic Software to strengthen its intrusion detection system portfolio. Psionic Software is a company specialising in network security software that increases the efficiency of intrusion detection systems (IDS) by dramatically reducing false alarms that most security analysts claim is the number one problem associated with current IDS technology.

As the software follows a reactive approach and has the capability to escalate legitimate attacks, it ensures that only those attacks that have high damage potential are terminated. Besides cutting down the number of false alarms, the deal could also help Cisco reduce the time security administrators take to react to compromised systems. The IDS market is one of the biggest emerging markets with market research firm IDC estimating that out of the $13 billion security market in 2003, approximately $2.4 billion is attributed to IDS as well as other vulnerability assessment software. In this scenario, the acquisition of Psionic Software could prove to be advantageous over specialist niche players.

Cisco followed this up by acquiring Okena. Okena specialises in host-based intrusion detection systems, which will complement Cisco’s IDS systems in a big way. For instance, Okena’s technologies protect devices and even desktops by analysing behaviour as opposed to matching signatures. This provides a greater level of security as it negates the need to identify a signature from a database as is traditionally done before taking action. The other key advantage of the Okena technology is that it aggregates and extends multiple endpoint security functions in a single solution.

Okena’s strengths in host-based intrusion detection systems, distributed firewall, malicious code protection and operating system lockdown is also a perfect complement to Cisco’s security offerings. Additionally, the technology would provide enhanced protection for Cisco’s sever-based solutions such as IP telephony call manager and network management applications. With more and more customers insisting on secure applications today, Cisco’s Okena acquisition gives it a competitive advantage over specialist players.

Future
While Cisco’s approach will not immediately set the market on fire, with user organisations moving on to integrated security systems, it does promise a revolutionary way of changing the fragmented individual vendor/standalone product of approach to an integrated security scenario. But for the moment, specialist firms in security are optimistic on Cisco’s approach. Says K Natarajan, head-facilities management, Mahindra Consulting, “The network is the very reason that necessitates security.

Obviously, a vendor who knows networking well will be a better bet for securing information as well.” The integrated approach also cuts down costs related to managing applications.

Opines Dilip Kumar, regional director, India and Subcontinent, Datacraft, “The very interconnection that makes network environments so useful to business are also potential hazards. On one side, the increased use of shared applications, networks and data has become very critical. But on the other hand, the Internet has also thrown open myriad security challenges like unauthorised access or denial of services. Hence, the strategy of integrating security technologies with routing capabilities benefits customers with ease of deployment along with single point accountability.”

Hence, while customers will not immediately change their standalone systems and go in for integrated built-in-security systems, in the future customers may prefer integrated security systems from vendors like Cisco while replacing or enhancing their network infrastructure. Analysts also believe that due to integrated security systems, in the future, the security market will see more and more specialised standalone products to meet specific requirements of customers. Explains Mohanty, “Vendors will continue to add more features to their standalone products. Another impact is greater integration of products of various vendors in terms of management of these products. Cisco’s move will provide a good value proposition to customers looking for integrated management.”

Conclusion
With an established huge base of customers and a dominant market share in the switches and router market, the company’s integrated security approach could give Cisco the key to dominate and exploit the next big potential goldmine—security.