Cisco Systems Adds Security Appliances, Expands Sourcefire Integration

Cisco Systems is extending its Advanced Malware Protection (AMP) software with two new appliances. It also is expanding its line of ASA firewalls with a new virtual offering and high- performance devices that support capabilities for data center and cloud deployments.

The San Jose, Calif.-based networking giant said its AMP capabilities are designed to detect custom malware and other advanced threats on endpoint devices.

The company began by integrating the Sourcefire file analysis and behavior capabilities into its email and web security gateways. It announced support for Mac OSX systems at the endpoint on Tuesday and said it also is rolling out a private cloud appliance and an on-premises platform designed to provide continuous threat analysis on corporate networks.

The Cisco security announcements were made at the Cisco Live event today in San Francisco, where the firm is deeply integrating the threat detection capabilities it acquired through its recent Sourcefire acquisition.

[Related: Cisco's Chambers: 'Nobody Eats Our Lunch' ]

The firm unveiled the new on-premises AMP Private Cloud for malware protection using analytics, analysis and threat intelligence feeds. The AMP system uses an agent to monitor file behaviors on endpoint devices. It also combines custom signatures, application blocking lists and white-listing to provide protection against advanced threats.The company also added a cloud-based sandbox to evaluate suspicious files. Incident responders, networking security pros and malware analysts now have the ability to capture and store suspicious files for further analysis and create custom detection signatures to block files, the firm said.

The company said two new AMP FirePOWER Appliances bolster network protection for firms that Cisco says may require a higher level of performance. The AMP8150 provides up to 2 Gbps of performance and the AMP7150 delivers up to 500 Mbps of performance.

Meanwhile, the company launched its new ASAv, a virtual appliance and ASA 5585-X high-performance firewall with increased scalability and easier deployment processes for data centers. The company said the ASA 5585-X is one of the fastest physical firewalls on the market, delivering up to 640 Gbps in a 16-node clustered configuration.

Cisco partners told CRN that the continued rollout of new security features and capabilities prove the company's renewed commitment to data protection and threat detection. Cisco has continued to build out its security capabilities following its $2.7 billion acquisition of Sourcefire.

Cisco's security portfolio had suffered during a lengthy period of inactivity, said partners and industry analysts. The inactivity may also have helped give attention to other networking vendors, including Palo Alto Networks, FireEye and Check Point Software Technologies to gain wins among large enterprises.

NEXT: Partners Praise Cisco's Renewed Security Push

Cisco needed to inject some innovation into its security initiatives, said Michael Goldstein, president and CEO of LAN Infotech, a Fort Lauderdale, Fla.-based Cisco partner. Advanced malware protection capabilities, targeted attack prevention and other features will eventually trickle down to small and midsize businesses, Goldstein said.

"I think Cisco used to be the big name in security, but there are a lot of vendors who have caught up with them," Goldstein said. "If they can sustain this, they'll attract some new eyes to their product line."

Targeted attacks designed to gain access to systems and steal intellectual property use custom malware that requires additional security capabilities to address the issue, said William Payne, president and CEO of East Point, Ga.-based ICP Systems, a Cisco partner in the federal market.

Payne said organizations are increasingly combining endpoint and network security information to get a more accurate picture of the threats penetrating the network. When combined with security best practices, businesses can spot potential weaknesses and are in a better position to guard against ongoing attacks against themselves or their partners, he said.

"Cisco is innovating on a lot of viable products to meet the frequently changing threat landscape," Payne said. "The goal is to spot and contain serious infections faster than the bad guys can gain system access and steal confidential data."

Other partners say Cisco's security initiatives are increasingly trending to deployments at large enterprises, enabling partners to provide steeper discounts than competitors to small and midsize businesses.

Smaller businesses typically don't ask about security beyond standard antivirus and a firewall, said Marvin Korves, president of Chicago-based The SMB Help Desk. The tide is changing following high-profile data breaches at Target and other businesses, he said. Business owners and executives are increasingly concerned about data protection and security, especially if they partner with larger firms, Korves said.

"We're very cloud-centric and try to convince business owners that an investment in a hosted web solution is typically better than trying to acquire security to protect on-premise solutions," Korves said. "More advanced security features often tend to be prohibitive to the open culture that many organizations have so we tend to advise clients about protection that doesn't negatively impact user productivity."

PUBLISHED MAY 21, 2014