Cisco Systems Inc. is now at the center of a massive number of changes in the workplace from hybrid work, geopolitical issues and a continued acceleration to the cloud. I was curious as to see what Cisco had in store for its European customers — especially as the European version of Cisco Live gets underway this week in Amsterdam.
Cisco’s product line is very broad, but most announcements at Cisco Live revolved around security and networking. In my discussions with information technology leaders, these are key investment areas. Security should be obvious as the number and variety of breaches continue to grow. Also, hybrid work has created new security risks as workers no longer sit behind corporate firewalls. The network has become the foundation for digital experiences as all the digital building blocks, such as cloud, mobility and the “internet of things” are connected meaning the network has a direct impact on user and employee experience.
Below are the key announcements by Cisco:
Cisco/Twitter
Cisco cyber security index. Security is the most difficult area in corporate IT to get right. Companies spend millions on the most advanced threat protection, but it’s difficult to know if that money is being directed to the right areas and what gaps remain. To help with this, Cisco surveyed 6,700 respondents across 27 markets in companies of all sizes to understand their perceived security readiness in the areas of identity, devices, network, applications and data. The results highlighted how big the security problem is today, since only 15% of companies feel they are mature from a cyber perspective.
The data showed the areas of biggest concern are identity verification and zero trust. This is consistent with my research as users remain the single biggest attack vector for threat actors. Companies rely heavily on training and hope the worker practices good hygiene, but the reality is phishing and other attacks are so good today that even the most savvy user can be fooled. The index gives Cisco and its customers a benchmark to measure to and a focal point for investment.
Zero-trust enhancements. At the show, Cisco announced risk-based authentication, where authentication was dynamically adjusted based on several factors, such as location and type of device Wi-Fi fingerprinting. As an example, workers might be granted access to certain systems when at home, but if they walk across the street to a coffee shop, access is denied. That automates many of the decision points that users would have had to do in the past. In turn, that removes the burden from the users having to evaluate how and when to connect to corporate resources depending on their situation.
Business risk observability. This solution combines information from many Cisco products and generates an application-based business risk score to mitigate vulnerabilities. Data from business transactions (AppDynamics), vulnerability scores (Kenna), API security (Panoptica) and threat intelligence (Talos) are combined to create the risk score. It’s important to note this isn’t just classifying apps as critical, high or low but measures the impact of external entities and the relation to the business. I have long believed that Cisco has wasted its opportunity in security because it has never managed to leverage its massive portfolio. This is an excellent example of what Cisco is capable of in creating a “1+1 = 3” value proposition for customers that deploy Cisco everywhere.
Networking
ThousandEyes open telemetry. Cisco is making the massive data set in ThousandEyes available to be integrated into other systems. As an example, ThousandEyes and AppDynamics are now integrated so when an app is performing poorly, as identified by AppDynamics, ThousandEyes can be used to quickly identify if there is a network issue causing it.
The open telemetry does three things for customers. First, the data can be retained for as long as the customer wants it. This allows for baselines to compared over months or even years. Second, visualizations and correlations can be built across diverse data sets. Lastly, customers can perform deeper analytics by combining ThousandEyes data with their own data sets. Some examples of integrations that might useful are Splunk and Grafana.
Updates to Cisco+ Secure Connect. This was launched six months ago and is Cisco’s secure access service edge solution. Powered by the popular Meraki dashboard, it delivers an end-to-end view of the environment that spans from the premises out to the cloud. The update at Cisco Live is Cisco+ Secure Connect now supports Viptela-based software-defined wide-area networks in addition to Meraki. This allows customers to set policies once and push them out across Meraki and Viptela. It’s not full configuration support yet, but policy administration is a big headache for companies that Cisco has now made simpler.
New multi-access edge network products for industrial networks. After a decade of talking about the coming together of IT and operational technology or OT, it appears that businesses are finally bringing these environments together, and this creates some interesting requirements for network equipment. The products need to be built for the rigors of industrial use cases, such as being weatherproof and fan-less but built with enterprise manageability.
At the show, Cisco announced its new Catalyst IE3100 compact, ruggedized switch series. These are Layer Two switches that can be used in space-constrained areas. They run IOS-XE giving them the same feature set as the company network allowing polices and performance to be consistent across OT and IT environments. Cisco also announced two wireless devices. The IW9165E is a wireless client that provides resilient connectivity for moving vehicles. Cisco also announced its IE9165D, which provides wireless backhaul capabilities.
The network announcements show continued investment in an area in which Cisco has been a market leader for decades. The industrial market is unique to Cisco because none of its traditional competitors has made investments in OT connectivity. As IT-OT integration goes mainstream, this should help Cisco keep its large market share lead.
The security updates play a different role for Cisco. Cyber has been red-hot over the past few years and many of Cisco’s competitors have seen higher growth rates than Cisco. Trying to compete on products and features, which it has in the past, is a mistake for Cisco because it doesn’t bring the “palette” advantage. Business risk observability is a great start, since it combines data from several Cisco products, but this must now kickstart further integrations with the network, collaboration and all parts of its portfolio.
