EtherealMind

Software Defined & Intent Based Networking

You are here: Home / Blog / Opinion: Giving up on Cisco CS-MARS

Opinion: Giving up on Cisco CS-MARS

By Filed Under: Blog, Opinion

When Cisco acquired the CS-MARS platform, there was a lot of buzz in the Security community that we would finally be able to have a single platform that could manage all of the our firewalls. I managed to be involved in a couple of deployments and was impressed by the product that what it could do.

One of the best features of the product was the ability to manage multiple vendors products. That is, CS-MARS has the capability to manage Checkpoint, Juniper and a few other mainstream products. For many customers, this was a clear advantage of the product since it offered a single security analysis platform for the entire security estate.

It’s common security practice in larger networks to always use two firewalls in highly untrusted connections such as the Internet. Especially in networks where Checkpoint firewalls were the primary vendor, the CS-MARS made the Cisco ASA products possible. That is, better management and control using CS-MARS would have generated a push to choose the ASA instead of alternate security products. It certainly created more opportunities for me to choose Cisco ASA compared to Checkpoint especially (less so Juniper).

Why move to Cisco only ?

My only guess is that is it saves money. By only developing interfaces and support for Cisco, they can drastically reduces the development time (and head count) and the post-sales support. This means a bigger profit on sales AND support. That makes for a lazy decision by management who aren’t looking at the bigger picture.

You could also make the argument that it delivers a better customer experience. Developing interfaces for competitors product is difficult, messy and easy to get wrong. Developing for products within your own company is still difficult but not impossible. The loss of multi-vendor support is quite a problem for a lot of customers.

EtherealMind View

Given that CS-MARS has a number of problems in operation. My experiences is bad performance, interface is slow, buggy / crashy and complicated to use. A key driver was multi-vendor support, and now that’s gone I can no longer recommend the CS-MARS as a suitable product.

When will Cisco begin to seriously focus on the Security portfolio. The whole product line is obviously in maintenance mode with few new products, little development on existing assets and certainly no innovation. Even the Cisco IDS are beginning to stagnate.

So I’ll be looking for alternatives to CS-MARS, I can’t recommend it.

Comments

  2. Hi Greg

    what do you suggest instead of cisco mars? i’ll check the links above – but what would you choose for a network with mainly cisco devices but also with microsoft servers, isa fw, checkpoint/juniper fw and unix/linux systems?

    Thanks,

    Bogdan

  3. There was a discussion on this on the cisco-mars users group (google) and several options were suggested. companies like arcsight, accelops, trigeo etc are offering competitive products..

    also saw this blog which compares accelops solution with other competitive products.

    http://www.accelops.net/blog/?p=208

Network Break Podcast

Network Break is round table podcast on news, views and industry events. Join Ethan, Drew and myself as we talk about what happened this week in networking. In the time it takes to have a coffee.

Packet Pushers Weekly

A podcast on Data Networking where we talk nerdy about technology, recent events, conduct interviews and more. We look at technology, the industry and our daily work lives every week.

Our motto: Too Much Networking Would Never Be Enough!

Find Me on Social Media