Cisco pushes IronPort smarts to firewalls

Cisco will begin offering IronPort's security filtering tools after June 25

Cisco Systems will begin offering IronPort's security filtering tools to its firewall customers after the networking giant's acquisition of the company closes on June 25.

On tour to evangelize the benefits of the buyout to media, analysts and customers, top Cisco security executives and IronPort Chief Executive Scott Weiss said that the combined company will move quickly to create a software upgrade package that will provide content filtering functionality and behavioral reputation intelligence into the networking market leader's 2.5 million existing firewall systems.

Once the deal closes on Monday, Weiss will assume a role as a senior security marketing executive with Cisco, he said.

The for-pay security add-on derived from IronPort, which has maintained a San Bruno, Calif. headquarters, will allow customers to employ what the company has dubbed as "wide traffic inspection" at the firewall, arming users with more comprehensive network traffic analysis tools, the executives said.

The content filtering package represents only the first of many opportunities borne of San Jose, Calif.-based Cisco's US$830 million buyout of the firm, said Weiss and Mick Scully, vice president of product management at Cisco's Security Technology Group.

"The e-mail and Web filtering capabilities we bring into Cisco's self defending network vision will allow customers to do more granular filtering of traffic traveling across ports that have traditionally been left open by firewalls," Weiss said. "Today, most threats are coming into the network as links embedded in e-mail messages; putting this type of intelligence at the firewall will increase its efficacy in stopping those attacks."

Through blending the malware-distribution data gathered by IronPort's SenderBase IP address reputation service into Cisco's Adaptive Security Appliance (ASA) firewalls, the devices will become more dynamic security filtering gateways that can detect a far greater number of potential attacks before they enter the network, the companies claim.

"As Cisco takes what it has been doing at the network layer and adds content awareness, customers will be provided with a whole new set of traffic monitoring abilities," said Scully. "This is a new business model for us, but we believe we can take advantage of the fact that content filtering has traditionally been a highly-fragmented market."

Scully estimates that the firewall market currently represents a roughly US$5 billion annual sales opportunity. By integrating content filtering, which Cisco projects as a US$2 billion per-year market that is growing at 30 percent per year, the executive said that the massive networking and security firm expects its products to serve a US$10 billion per-annum segment sometime around 2011.

For its part, Weiss said that IronPort is expecting to report growth of 70 percent for its current fiscal year, pushing its revenues over US$200 million.

After moving to integrate the filtering specialists' tools into its firewall business, Scully said that Cisco would begin adding IronPort's technologies into its Integrated Services Router (ISR) products.

"We'll be integrating IronPort's content and e-mail filtering technologies into our switching and routing products over the next several years," said the colorful Cisco security executive. "This is a strategy that reaches beyond the current wave of Web 2.0 technologies and services oriented architecture technologies into the next decade and beyond as customers demand more integrated security features."

Weiss said that another immediate benefit of the merger will be an opportunity for Cisco to expand its abilities to provide data leakage prevention (DLP) protection at the network gateway.

"We'll be looking to leverage the footprint of firewall and switches to better inform customers about many different aspects of security," he said. "Anything we can add to what Cisco is already doing has a network effect, and there will be a lot of opportunities for us to help companies monitor for malware and even look into issues such as data leakage prevention."

At least one industry analyst said that the IronPort acquisition dovetails nicely with emerging customer demands to look at patterns in IP traffic to eliminate malware attacks such as botnet programs -- without having a negative impact on their overall network performance.

"When you look at reputation services, if you know who the people are who are sending out spam or malware, there's a big opportunity to filter-out a lot of unwanted content at the gateway," said Andrew Jaquith, analyst with Boston-based research firm Yankee Group. "To do that you must have visibility into the actual flow of data, and that's what Cisco and IronPort should be able to provide."

Selling additional features and services to existing customers is a sensible place for the two companies to begin their joint efforts, but their new products will need to prove their efficacy at stopping threats such as botnets which remain problematic for many large enterprises today, to gain wide acceptance quickly, the analyst said.

"If you know that certain IP ranges are harboring botnets, or see something within the company network trying to communicate with those addresses, you have a pretty good clue that you've got a problem," he said. "That's one of the best potential uses for tying-in visibility into external reputations and correlating that with things going on inside the network."

Jaquith believes that IronPort's technology will find its way into many of Cisco's routing and switching products over the next several years, and he cited the ability to leverage reputation-oriented information about what types of Web sites endpoint devices have visited in Cisco's network access control (NAC) technologies as another potential benefit of the merger.

"Cisco really wants to be thought of as a security player, and for them to do that, it means they needed to move up the stack a couple of layers and start looking at e-mail and layer seven type-applications, they really needed to play in that space," the analyst said. "It's a mature market, and Cisco picked a strong company to help plant its security flag a little deeper."

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Matt Hines

InfoWorld
Show Comments

Father’s Day Gift Guide

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Laura Johnston

MSI GS65 Stealth Thin

If you can afford the price tag, it is well worth the money. It out performs any other laptop I have tried for gaming, and the transportable design and incredible display also make it ideal for work.

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?