RealTime IT News

With 'Iron' Grip, Cisco Tightens Network Defense

Nearly seven months after it bought security firm Ironport for $830 million, Cisco is leveraging the investment into a new strategic direction.

Ironport's anti-spam, security software and appliance technologies are now part of the new Cisco Self Defending Network 3.0 platform, which integrates a wide range of security products from the networking vendor.

"What we're doing with Ironport is expanding out of network security into content security," Mick Scully, vice president of product management for Cisco's security business, told internetnews.com. "With our current solutions we think we have solved deep packet inspection and now we're looking at wide traffic inspection."

Ironport's technology will allow Cisco to be 'reputationally aware'. Scully explained that Ironport's technology takes into account hundreds of metrics to compute a reputation score, which then helps to make a policy decision about content and e-mail. The information for the reputation score comes from big networks like AOL; but Scully said it also gets information from Ironport customers that have opted-in a program to share information.

Scully claimed that the Ironport capabilities will enable Cisco and its customers to block malware and spam more effectively than before and that it has the capability to scale too many billions of queries. It's not just for enterprise deployments either; the solution could also fit in a large carrier environment as well.

In terms of integration with the full Self Defending Network strategy , the addition of reputation technology could impact policy management via Cisco's network access control (NAC) technologies.

Scully explained that reputation could play a role in the initial scan in an NAC scenario helping to determine network admission. Reputation also could play a role for Intrusion Prevention Systems (IPS) and firewall as well.

"That's where the Ironport stuff really bakes in, in terms of setting policy," Scully said. "I'm going to let people access 'X' but based on reputation score. It's sort of like a credit score."

So why did it take so long for the Ironport deal to close?

Cisco CEO John Chamber boasted earlier this year at Interop that Cisco is now more agile and can complete acquisitions like Scientific Atlanta and WebEx in a matter of weeks.

"It did take longer to close this time since Ironport was in the middle of an acquisition themselves," Scully said. "The deal also took time because in California we had to go though a fairness hearing and it took forever."

Scully expect that Cisco will keep the Ironport name as a sub-brand of Cisco and that the Ironport sales force will likely remain separate for the time being.

"The next big milestone is really to continue to keep Ironport focused and selectivity opening up to channel partners where Ironport didn’t have coverage before," Scully said. "We're going to be focused on market building."