Chambers Sells Self-Defending Networks

SAN FRANCISCO -- Cisco Systems Inc. (Nasdaq: CSCO) CEO John Chambers described email "caller ID" and "self-defending" networks to the large crowd here at the RSA security conference on Wednesday. The significance of Chambers's remarks is that they reflect a change in the thinking about how network security is approached. It's not a one-device solution nor a software feature anymore. Rather, security has to be in the DNA of every network device and network service. Chambers addressed approximately 2,500 of CIOs and security professionals assembled here for what has become the largest cyber-security event in the world. He began by describing the world as Cisco sees it -- a collage of virtual networks through which users move unaware of the borders between them.

“You will see a virtualization of resources,” Chambers says. “You will have no idea whether the device in your hand contains the resources you are using or if they are stored in some other network.”

Then, after a quick safe harbor statement, he launched into his company’s unfolding plan to protect the enterprise from worms, germs, viruses, and other attackers.

“How do we add smartness to our routers and switches and processors to let them play to together to address these [security] issues? If you just provide the security software, and you don’t change the business processes underneath you're going to get no where,” Chambers says. “The place to do it is in the network.”

The security threats the enterprise faces today give very little warning of their approach. “What three years ago you may have had a week to prepare for, today you only have seconds,” Chambers says.

The answer to such a frightening situation, where malicious worms, viruses, and phishing expeditions are ever-present threats to the network, is what Chambers calls “a largely self-defending and self-adapting environment.”

Chambers says Cisco security systems are built deeply into the network and are present in every device. “You can’t approach this problem with pinpoint solutions,” Chambers says. “You have to use a systems approach versus a product-centric approach; it has to be an architectural play, a comprehensive approach.”

Cisco, Chambers says, achieves this in the network through a multi-layer approach. The first, he says, is applications security such as spyware. The second, “Anti-X defenses,” includes virus and worm mitigation, content defense, and anomaly detection. The third layer, “containment and control,” comprises traffic-admission control, prevention technology, and inline IPS.

The company has paid a hefty tuition for its security knowledge. Chambers says Cisco has acquired 12 companies and formed 30 major partnerships to build security expertise into the company’s products.

Then it was demo time. Chambers and an assistant demonstrated how Cisco’s newly announced IPS 5.0 security product provided first-line defense against Web-based attacks.

He also revealed that Cisco is in development with an email security program that registers legitimate email correspondents with the DNS. When malicious or spam email arrives, the systems looks for an identifier at the DNS, finds none, then rejects the email. “It’s kind of like caller ID,” Chambers explains.

Finally, Chambers and friend demonstrated Cisco’s Security Monitor application, which constantly monitors and audits the network based on a set of pre-ordained policy for every device type in the network.

Chambers repeated a theme from early in the presentation to the CIOs and CSOs in the audience: “If you didn’t start your plans for security five to seven years ago, it’s too late, and you’re headed for problems.”

“You can never eliminate all of the security issues,” Chambers says. “But you have to figure out how to eliminate most of them and minimize the damage.”

— Mark Sullivan, Reporter, Light Reading

lambdaguy 12/5/2012 | 3:26:22 AM
re: Chambers Sells Self-Defending Networks Oh Please///////////
I hear nothing new, here
Cisco with the 100+ CIOs in attendance, doing the "window dressing" of security

It may even be tied to IOS.

another vision, another acquisition,
same old stuff

blackstar 12/5/2012 | 3:26:19 AM
re: Chambers Sells Self-Defending Networks Worms, spyware, anomalies! Panic!
Who can save us now?
duh duh duh daaa!!!! ciscoman will save us with his worm mitigation headbutt and self-adapting-environment elbow drop. Not to mention he shoots 'anti-X' laser frisbees from his eyeballs. Flustered CIOs faint into ciscoman's arms.

New self defending software slowing your network to a crawl? Fear not; ciscoman will swoop down and sell you a faster line card....

I hope cisco has something here and this isn't just an excuse for an upgrade cycle. We'll see.

This is all just my own opinion and lame attempt at humor.
Dindon 12/5/2012 | 3:26:18 AM
re: Chambers Sells Self-Defending Networks Several years ago, Bay Networks launched an idea to promote what they called "Adaptive Networks", I still have one of these shirts that I sleep with.

I think Chambers has the same shirt and is using the same approch as Cisco's dream...
Sign In