Cisco Live 2016: Analyst Take On Important Security And Networking Announcements You May Have Missed

By Patrick Moorhead - July 27, 2016
20160711_175752371_iOS-1200x900 Cisco CEO Chuck Robbins kicking off Cisco Live (Photo courtesy Patrick Moorhead) Cisco Live is Cisco Systems’ annual education and training conference, held in multiple countries worldwide and attended by their customers, partners, resellers, press and analysts. Two weeks ago, I attended the U.S. analyst conference held in Las Vegas, July 11-12, called C-Scape, which is a “sub-show” inside of Cisco Live. This conference is always a good opportunity to get a finger on the pulse of what’s going on at Cisco Systems and here were the big announcements that were made that week, and some of my takeaways. I may do a follow up on C-Scape later in the month where I got up close and personal with Cisco’s senior executives, including CEO Chuck Robbins, but the following are about the Cisco Live announcements. Closing a “security effectiveness gap” One of the big pushes at Cisco Live this year was closing the Cisco-named “security effectiveness gap”—the vulnerability that arises, let’s say, from using a large, complex variety of disparate security solutions. The premise is that if you have disparate security systems trying to connect and work with each other, the complexity will make it insecure. I can see how that could be the case and it’s a matter of how much work an enterprise wants to put into it. There could be a counter risk in relying on a single vendor to solve all of your security challenges which is why, for instance, enterprises don’t rely on just EMC for all of their storage or just Microsoft for all of their software. 20160711_182632801_iOS1-1200x900 (Photo courtesy Patrick Moorhead) To bridge what Cisco Systems called the “security effectiveness gap”, Cisco Systems announced the launch of several new services and integrated cloud-based security solutions—that they say increase capabilities, while simultaneously reducing complexity. In their words, an “alternative approach for customers that helps them close the gaps in order to be more secure.” First, Cisco Systems launched Cisco Umbrella Roaming, a centralized cloud-delivered protection designed to eliminate off-network blind spots, and defend “roaming” employees from security threats—wherever they’re working from. In order to take advantage of this, customers must be running Cisco’s AnyConnect VPN solution, but for those companies using that product (and there are many), this is an added level of security. Cisco Umbrella Branch is another newly announced solution, which they say will give businesses better control over their guest WiFi (with easy content filtering) at branch locations for those companies using the Cisco Integrated Services Router. 20160711_182450747_iOS-1200x900 (Photo courtesy Patrick Moorhead) The next big one is Cisco Defense Orchestrator. Cisco says this new management application will “enable users to easily and effectively manage a large security infrastructure and policies in distributed locations across thousands of devices.” If that sounds like a complex mouthful, that’s because it is—but Cisco Defense Orchestrator will purportedly manage configuration and operation all through a simple, cloud-based console. The solution will orchestrate security policies across a variety of Cisco security products—ASA and ASAv firewalls, Cisco Firepower next-gen firewalls, ASA with FirePOWER services featuring Firepower Threat Defense, and OpenDNS. However, customers utilizing other products from companies like Barracuda, Checkpoint F5 or Symantec will still not have a holistic approach. They’re also launching the entirely cloud-managed Cisco Meraki MX Security Appliances with Advanced Malware Protection (AMP) and Threat Grid— designed to simplify threat protection for a distributed enterprise. Cisco says the unified threat management solution will protect branch offices by cross-checking files against their cloud database—identifying and blocking malicious content, but also increasing WAN traffic as this work is done in the cloud. 20160711_182838240_iOS-1200x900 (Photo courtesy Patrick Moorhead) The new Cisco Stealthwatch Learning Network License is a component designed to enable the Cisco ISR to act, in their words, as a “security sensor and enforcer” for branch protection. They say it will allow businesses to identify and monitor anomalies and suspicious activity in network traffic, and analyze it for threats. Most importantly this work is done directly on ISR device in order to hold down the traffic overhead. Finally, in addition to these new products, they launched Cisco Security Services for Digital Transformation, a service designed to assist organizations in the examination of their security basics– determining their readiness, and subsequently recommending strategies and providing the Cisco solutions necessary for a successful digital transformation. Cisco Systems is tying security to networking, which is really smart for Cisco as they dominate the enterprise core network and much of the campus. No vendor has figured this out yet and no one “owns” it, either. What’s also interesting that Cisco is pulling together security as vendors like Dell are spinning out their security capabilities. It’s a different strategy, however, the challenge remains that enterprises today have a wide range of security products in their datacenters; they need the option of a holistic product, not one that focuses all of its benefit on a select set of products from only one vendor. This points to a big need in the market that is not being met: a true vendor-neutral security orchestrator. Cisco’s drive to transform to Digital-Ready networks The other big announcement out of Cisco Live was that the company would be heavily involved in efforts to prepare the industry for the transition to digital-ready networks—helping engineers, partners, developers, and customers gain the skills and knowledge they need in advance of an impending shift. This announcement was foreshadowed back in March with the launch of their Digital Network Architecture (DNA)—a network architecture Cisco built from the ground up to be, in their words, “flexible, programmable, and open,” and scalable to handle the increasing complexity of cloud analytics, IoT, and mobility—as well as the increasingly sophisticated security threats associated with it. IMG_01021-1200x900 (Photo courtesy Patrick Moorhead) The degree of openness that customers will receive is a bit unclear right now as Cisco DNA is positioning a Cisco Systems solution to every problem instead of a “best of breed” approach that many enterprises are looking for. Cisco DNA is shifting several variables to accomplish this—hardware-centric to software-driven, manual to automated, and from reactive to adaptive. Three of the new security technologies I mentioned earlier are key components in Cisco’s shift towards Digital Ready Networks—Umbrella Branch, Stealthwatch Learning Network License, and Meraki MX Security Appliances with AMP and Threat Grid. All three aim to embed security into the branch office infrastructure to bring branch offices closer to the level of security that a headquarters will enjoy. Aside from the new technology though, Cisco’s big push is focused on rallying their global community to drive the transformation. With their extensive reach and strong channel presence, they’re in a great position to be drivers of the change. Cisco Systems is preparing their vast community of network engineers by making some changes to their career certification portfolio— a new Cisco Certified Internetwork Expert (CCIE) framework will be integrated across all of Cisco’s expert-level certifications, and they are also implementing a new Cisco Network Programmability Engineer Specialist Exam. Cisco is driving the positioning of an “open” environment with Cisco DNA very hard, but right now, I see is an effort to drive more interoperability and targeted solutions across Cisco products. This is, in and of itself, a good thing, but I think it’s too early to look at Cisco DNA as an alternative to the other, more open approaches on the market. With more open source and open initiatives, the world of networking is becoming far more interoperable and open than ever before. Cisco is working with organizations like OpenDaylight and OPNFV, which I applaud, but those are the “more open” environments. Cisco Systems has a large developer base and approximately 70,000 channel partners that they can marshal towards their Cisco DNA vision, and those partners should take heed and join the initiatives as Cisco holds not only a large install base but also a loyal one. Cisco can assist in helping partners develop new skills and create new job roles centered around automation, analytics and security. There is plenty of opportunity within this base, and more independent partners can help bridge the Cisco DNA with other solutions that round out exactly what these customers are needing. Wrapping up With all the current buzz about the “digital transformation,” it seems like everybody is trying to stake their claim on a piece of the pie and if Cisco’s new line of products and services work as advertised, both simplifying and strengthening threat protection, Cisco might just have the network security aspect on lockdown, at least at the core. Enterprise datacenter security is a mess and if enterprises just want to press the “easy-button”, Cisco wants to be there. I do like that DNA enables better interoperability across Cisco products and customers will love this, but this can’t be confused with open approaches that use a third party operating system or designed to work with many different brands. Enterprises should always weigh commitments and lock-ins to any vendor, Cisco included. Where I’ve settled is that each enterprise needs to choose the lock-in they’re most comfortable with and run with it unless you are one of the “Super 7” public cloud giants with thousands of hardware engineers, which enterprises aren’t.
+ posts

Patrick founded the firm based on his real-world world technology experiences with the understanding of what he wasn’t getting from analysts and consultants. Ten years later, Patrick is ranked #1 among technology industry analysts in terms of “power” (ARInsights)  in “press citations” (Apollo Research). Moorhead is a contributor at Forbes and frequently appears on CNBC. He is a broad-based analyst covering a wide variety of topics including the cloud, enterprise SaaS, collaboration, client computing, and semiconductors. He has 30 years of experience including 15 years of executive experience at high tech companies (NCR, AT&T, Compaq, now HP, and AMD) leading strategy, product management, product marketing, and corporate marketing, including three industry board appointments.