Cisco and their Security Strategy

The Security Strategy from Cisco has become vague and ill defined. The rumoured death of CS-MARS and EOL of Cisco Security Agent show a change in focus away from end point protection to network protection. And the fact that Cisco still doesn’t have an application proxy (other than IronPort which is for web and email only, and still looks like an independent company suggesting that Cisco executives have moved into the top jobs yet) means that their edge / network strategy has some very big holes in it.

What about VPN ? First a push into SSL VPN, then a backflip to support IPSec again. The ASA stateful firewall is same product from five years ago except for minor tinkering. IDS systems have the same problem, minor tinkering and lack of a good management platform (no, Cisco Security Manager is NOT a good platform for managing IDS).

Cisco Security Manager won’t get the LONG overdue updates for another six months, and the important new features until late next year.

I guess all the R&D money got spent on developing Android tablets and Flip cameras. Oh and Telepresence, that’s not going to so well for HP or Cisco either.


Caption Text.

Cisco Security Strategy.(Click for a full size image)

Other Posts in A Series On The Same Topic

  1. Poster: Life Dashboard (10th October 2014)
  2. Poster: Network Visibility Dual State Diagram (14th May 2014)
  3. Poster: Only Two Problems With IP Routing (5th May 2014)
  4. Poster: Network Safety Starts With You (21st April 2014)
  5. Poster: Manager, Engineer, Architect, ITIL Consultant (12th March 2013)
  6. Poster: Keep Calm, Do Networks Everywhere (21st November 2012)
  7. Poster: Cloud Price Negotiations (6th April 2012)
  8. Poster: Cloud Kittens (21st February 2012)
  9. Poster: The Eight Levels of Vendor Acceptance (30th September 2011)
  10. Poster - Cisco VPN Client Licensing (13th August 2011)
  11. Poster: Servers, Tablets. Just Desktops and Printers to Go. (21st January 2011)
  12. Cisco and their Security Strategy (3rd July 2010)
  13. Poster - Reassuringly Expensive (3rd July 2010)
  14. Cisco Borderless Networks Motivational Marketing Poster (24th March 2010)
  • MikeInSeoul

    > CSM is NOT a good platform for managing IDS

    I have no argument with you here. Really, it’s not a good platform for managing ANYTHING. Even on the newest, beefiest workstation/server combo, using it (3.x) is still like a slow death. However …

    > CSM wonít get the LONG overdue updates for another six months

    Are you talking about the release of version 4.0? That’s a pretty major update, and it just came out last month (June 18).

    What kind of other “important new features” are in the wings? I’ve always had high hopes for CSM, but always end up being disappointed.

  • http://blog.norgetek.com Ralph

    Greg,

    Totally agree. I harass our CAM all the time about when the ASA or other security product line updates are coming. Especially after he sent me the announcement about the tablet.

    Listened to the recent PacketPushers where you commented about liking the Juniper SRX. Have you had to do any remote access VPN on it?

    Have you played with Palo Alto box yet?