"We're making security part of the fundamental services in routing, wireless and switches," says Bob Gleichauf, CTO of Cisco's Security Technology Group. "Customers should be pushing the envelope with us."
Cisco's prominence as a network provider has contributed to its success in the security market, say several analysts, a statement with which Cisco agrees. "We're an end-to-end vendor," Gleichauf says. "If customers have a problem, we'll show up."
Strategic vendor vs. best-of-breed
Cisco's prominence in security reached a turning point this year, according to an annual survey by Nemertes Research of security professionals at about 80 companies who were asked if they preferred to have a "strategic security vendor" or "best-of-breed."
For the first time the majority indicated that they were looking to have a strategic vendor in security, and Cisco was the first choice -- the second being Microsoft.
"In 2007 and 2008, a shift occurred here," says Andreas Antonopoulos, senior vice president at Nemertes, noting the annual survey includes in-depth interviews with respondents. "Up to 2008, the answer to the security vendor question was 'best of breed.' "
With best-of-breed, though, you may end up with 15 different "point solution" vendors for IPS, antivirus and so forth, says Antonopoulos. "Security is one of the most fragmented industries."
Security managers today don't appear to be as inclined to go through the laborious process of evaluating best-of-breed security products, Antonopoulos says. In greater numbers they're opting for Cisco largely because of the perception that they gain operational efficiencies.
"Operationalizing security is as good as having best-of-breed," says Antonopoulos. "Why Cisco? Because they integrate security features on top of the network, QoS and switching."
Though not all observers view Cisco as both best-of-breed and strategic in security.
"Cisco does not have a best-of-breed security product," says Richard Stiennon, analyst with consultancy IT-Harvest. "Cisco's weak underbelly is their lack of good security products. Best-of-breed would be Fortinet in UTM or TippingPoint in IPS."