At the virtual RSA Conference this week, Cisco made a spate of announcements aimed at simplifying endpoint, network and cloud security.
In the area of network security, the new Cisco Secure Firewall Cloud Native is built specifically for Kubernetes environments. On the workload side, Cisco Secure Workload is designed to protect workloads across clouds, applications and workloads. Organizations can use it to automate and implement a secure zero-trust model for micro-segmentation based on application behavior and telemetry. It also proactively detects and remediates the lateral movement of threats to minimize impact to the organization, said Player Pate, the company’s director of security product marketing.
John Grady, a senior analyst at Enterprise Strategy Group focusing on network security, said the advancements streamline management and better integrate Secure Workload with Secure Firewall.
“Our research has found that 33% of organizations list simplified policy creation and management as the most important attribute for micro-segmentation solutions, and this seeks to deliver that by unifying policy across the products and dynamically updating as application flows change,” he said. In addition, the introduction of a Kubernetes-based firewall—although not the first—is an important move, as Kubernetes is becoming an increasingly important part of the environment.
Cisco also has upped its game with new functions for SecureX, its cloud-native endpoint security platform. In addition to adding dozens of prebuilt workflows, integrations and orchestration capabilities, Cisco has added SecureX Device Insights to its portfolio. The solution is designed to improve device inventory by including contextual awareness, which can help identify gaps in coverage and simplify security investigations. It also helps improve security configurations and asset visibility.
A third area of focus for Cisco during RSA is expanded Secure Access Service Edge (SASE) threat protection in the cloud, with advanced security capabilities in Umbrella, a cloud-delivered security solution that is a core component of Cisco’s SASE architecture. It has also integrated Umbrella with Meraki MX, Cisco’s SD-WAN appliance. This integration will allow users to automatically set up an encrypted tunnel between Meraki MX devices and Umbrella. It will also enable users to inspect traffic with Secure Sockets Layer (SSL) decryption at a scale not possible with on-premises hardware and protect sensitive data, Pate said.
In addition, Cisco has improved protection for Umbrella’s cloud-delivered firewall by adding real-time threat detection and prevention with Snort 3 IPS, backed by Cisco Talos, the company’s threat intelligence team.
While Umbrella has been a successful product for Cisco, it was missing key components that it is steadily adding over time, Grady said, such as data loss prevention (DLP) and remote browser isolation.
“They have worked to close those gaps, and this really pushes the Umbrella solution from a secure web gateway+ to a full SASE play,” he said. “And formalizing the integrations is critical. Cisco has a lot of pieces and, in some cases, multiple products addressing the same need (like Viptella and Meraki), so it took them some time to build out the integrations [and] port existing technology onto other platforms, such as pushing IPS into Umbrella. But I think they’re in a good position at this point. They’ve also begun to address some of the licensing confusion to make it easier to convert licenses as users become ready to migrate controls to the cloud.”
As for what’s next, Pate said Cisco is on a mission to simplify the security experience for security, network and IT operations, especially as organizations face new challenges with hybrid work, cloud-first environments.
“We will continue to build capabilities that deliver efficiencies through our built-in cloud-native SecureX platform and through new integration points: Meraki MX + Umbrella, Secure Firewall + Secure Workload, and the integration of vulnerability management capabilities within SecureX through Kenna Security, which Cisco announced its intent to acquire on May 14,” he said.
