Slashdot Mirror
Cisco Evolving Into A Security Company
ChipGuy writes "Om Malik has an opinion piece stating his opinion that Cisco Systems is slowly becoming a security company, a move which may prove problematic for traditional security vendors like Symantec. Cisco has bought its way into the market, worried about the security moves of its main rival, Juniper Networks. The company expects to make major announcements at the RSA Conference later this week. "
They are still a "networking" company and networks are becoming security battlefields.
"a move which may prove problematic for traditional security vendors like Symantec."
Which means competition and is therefore good for the user.
Apart from that, another company concerned about security is no bad thing.
And some pretty good stuff, I might add. Popular with PHBs, too. Can we say "No one ever got fired for buying [Cisco]." yet?
This is going to be their major advantage when it comes to security, even down to the linksys brand for home users.
Good, proactive hardware provides real security. Bloaty, reactive software (Norton AV) goes down with the sinking ship (an exploding windows box).
Software, and security software has its purpose and can have value, but Cisco's advantage doesn't lie there.
~Rebecca
Or security is a network battefield.
You don't 'sell' security : security for security is useless. Networking is something you sell and it needs security.
Sig (appended to the end of comments you post, 120 chars)
It will probably be Cisco's continued development of Network Admission Control(NAC) as it extends further down the network. NAC will interrogate a PC(via Cisco Trust Agent) that is plugged in to see if it running the latest MS patches, latest virus definitions, and Cisco Secure Agent policies. If not, it will prevent the workstation from going anywhere but to MS update, the AV vendor for updates, and the CSA policy server. Cisco is also pushing their IPSes into their devices. I wouldn't be surprised to see Cisco pushing IPSes to their switching line.
do you really have to evolve into a security company in order to ensure that your products are secure... isn't it a fair expectation that when you buy an expensive router etc. that it won't have enormous flaws that allow for numerous exploits? regardless of who you buy it from?
Get your torrents...
...when you ask them why you must use plaintext telnet to maintain routers you bought as recently as a year or two ago...they mumble around and then say "have you heard of our self defending networks?"
Then there are other little things, like the limited authentication options unless you spend bookoo bucks...or the very limited logging/audit functions...or the way PIX assumes all 'outgoing' connections are valid (the very concept of 'outgoing' is a SOHO concept and not an enterprise firewalling concept)...ugh...don't get me started on the pix....
The more you look at Cisco products hands-on, it just highlight what Cisco does: Make networking products.
Granted, they make networking products *very* well and I wouldn't hesitate to recommend them over anyone else. But myself and just about every security pro I know sees them as networking devices with security kind of bolted on...NOT security devices. It's more like some IOS networking programmers tried to figure out what security folks need instead of researching what's actually going on out there or getting some real world infosec experience.
If they are becoming a security company, great. But they've said this for awhile now and it hasn't changed the fact that the focus is networking networking networking.
There is also the issue of whether any security, except your own, can be trusted. Will Cisco guarantee the absence of backdoors or 'approved' (not by the user) surveillance?
Then there is the issue of who makes the call on what 'security' is. There's a fair chance the average geek, sys admin, government and music trade rep will all have different ideas of what security is. Who's version gets implemented by Cisco and friends? Better that each one gets to do their own security.
I hate to sound like a sales guy for the company, but they have something called NAP that's just completely sick.
An agent (CSA) runs on all endpoints and checks them for AV, firewall, OS patches, etc. If it's clean, the switch or router let's them through to the main netowrk. If not, you get VLAN'd off to a remediation network, and once you are done there you are allowed on.
The trick here is that no one is in better position to do such a thing than the company that owns most of the network infrastructure.
Don't dismiss them as a security company; we've only seen the beginning.
dmiessler.com -- grep understanding knowledge
Their PIX firewall is no competition to the other popular vendors. It lacks both the performance and features of Netscreen/Junpier and has a shoddy security record.
Their IDS is less sensitive than Snort and its VMS manager software is slow, hideously bloated and buggy.
For several years, Cisco have been promoting an insecure combination of IPSEC shared-secret with xauth. Despite being documented as dangerous on their own website, it was still the taught and recommended way of configuring "convenient" secure remote access VPNs. Only in the last six months have they fixed this.
Their NAC/self-deluding-network initiative is broken as proposed. All enforcement is performed in the wrong place: routers off in the edge of the network. Right now, there is no way to deploy NAC on a switch or even a MSFC.
Cisco need to stop their marketing droids from directing their product development and get back to competing on technology.