Cisco Wants to Blanket Enterprises in Multi-Cloud Security

Cisco has been gobbling up cloud security startups over the past couple years. And now, in tandem with its homegrown security technologies, it has repackaged them as a shiny, new, and expanded multi-cloud security portfolio.

“Customers have an excess of security solutions,” said Ron Zalkind, CTO of Cisco’s cloud security division. “We polled some last week in an advisory meeting and they have over 50 security solutions that they have to figure out how to put together — and that’s part of the problem.”

The multi-cloud security portfolio aims to better integrate enterprise security and make it easier for customers to consume as a cloud-based service, rather than self-managed, on-premises security software, Zalkind said.

Specifically, the products aim to protect software-as-a-service [SaaS] applications, public cloud environments, and access to the cloud.

The Cisco Umbrella product line helps create a secure Internet gateway, thus securing access to the cloud, Zalkind said. “This provides threat-prevention capabilities for a user wherever they are: in the network, off the network, and on any device.”

Cisco acquired this cloud security technology from its $625 million OpenDNS purchase in 2015. It protects against malware, botnets, and phishing at the Domain Name Server (DNS) layer.

The company formally launched the product at the RSA Conference in February 2017. Umbrella now processes more than 120 billion DNS requests per day with more than 85 million daily active users, according to Cisco.

“The second piece is protecting your infrastructure and workloads in the cloud,” Zalkind said.

To this end, in July, Cisco acquired Observable Networks to extend its Stealthwatch network visibility tool to Amazon Web Services (AWS), Google Cloud Platform, and Microsoft Azure public cloud infrastructures. It’s now rebranded as Cisco Stealthwatch Cloud.

And finally, the multi-cloud security portfolio protects SaaS applications. Cisco will integrate its cloud email security with Cisco Advanced Malware Protection (AMP) in the December release. This will give companies a single dashboard to monitor malware activity across laptops, mobile devices, firewalls, routers, web email, and Internet gateways.

Cisco acquired cloud access security broker (CASB) Cloudlock in August 2016 for $293 million. Zalkind was CTO and co-founder of the company. Cloudlock’s technology focused on securing identities, data, and applications in the cloud. “It helps monitor the third-party apps that are connecting to all these cloud vendors,” Zalkind said. “We’ve discovered over 300,000 of these third-party apps.”

This new feature is in beta and will be available early next year.

“All these products are protecting your access and usage of cloud, but they are also delivered from the cloud,” Zalkind said. “Delivering from the cloud has to do with how you can provide simpler security because the product doesn’t have to incur the complexity of running and managing it. It’s security delivered as a service.”

Plus, security as a cloud-based service brings other cloud benefits, such as elastic compute resources, which makes it quicker and easier to roll out new capabilities, Zalkind added. “Whether it’s behavior profiling or advanced detection capabilities, it’s a lot more feasible to do it at cloud scale.”