Security Strategies

BT Taps Cisco for New Security Architecture

BT and Cisco are kicking off the new year by highlighting the new managed security services they are cooperating to deliver, based on an integrated approach to network security that Cisco is powering within BT.

On BT Group plc (NYSE: BT; London: BTA)'s part, the carrier reinforces something AT&T Inc. (NYSE: T)'s Chief Security Officer Ed Amoroso said in December -- that the current threat landscape requires a new security architecture. And clearly, the British giant has turned to Cisco Systems Inc. (Nasdaq: CSCO) to provide that architecture.

BT's viewpoint is explained in this video, released yesterday, and Cisco's in this blog, released this morning and in an interview with Light Reading. Interestingly, BT focuses heavily on the integration angle and the need for a consolidated security architecture, while mentioning the move to virtualization, and Cisco focuses first on the broader security threat landscape posed by programmable network architectures and the rise of new services such as the Internet of Things and the cloud.

Read the latest on issues around network security in our security section
here on Light Reading.

But the partners are in clear agreement on the key aspects of their joint strategy: to create a unified and comprehensive approach to addressing the growing and more complex threat landscape which BT then can use to not only protect its own networks but as the basis for managed security services it sells to its enterprise customers.

BT is facing a 1,000% increase in cyberattacks in the last 13 months, says Les Anderson, VP of Cyber at BT, in the video. These are more often transport-level attacks that target BT's network and network elements, according to Mark Hughes, CEO of BT Security. The carrier is now using Cisco's ASA FirePOWER firewalls, its Next-Generation IPS (NGIPS) and its Advanced Malware Protection (AMP) capabilities in its integrated approach to building a more secure network.

Cisco calls this a threat-centric security architecture, by which it means that point solutions or security silos are replaced by an integrated multi-layer approach that is context-specific and not only tries to prevent attacks but to quickly identify and mitigate them when they occur. Every threat has its own lifecycle and must be addressed at every step as part of a broader strategy.

"It provides a much better way to quickly pinpoint problems and provide protection within [a specific carrier's] environment, because every service provider's network is unique," says Sam Rastogi, senior security product marketing manager at Cisco. Using analysis of network traffic and its behavior to identify threats before they compromise a network or enterprise IT operation, NGIPS also tailors protection to the type of asset being protected, focusing the greatest level of protection on the most valuable assets.

This approach targets "day zero" attacks, not just known threats, in recognition of the fact that attacks are always evolving. It is also aimed at identifying threats from within -- i.e., those that have penetrated a network and need to be contained and mitigated. That's important because many of today's attacks are polymorphic -- they that evolve over time -- and some of the greatest damage is being done by malware or other threats that live within a network over a long period of time, creating the potential for massive data breaches.

Cisco has built its strategy on its network knowledge but also on key acquisitions including SourceFire, which developed the NGIPS, and also ThreatGrid and, most recently, OpenDNS. (See Cisco Banks on Sourcefire & Snort for Security, Why Cisco Is Acquiring ThreatGrid and Cisco to Buy Security Expert for $635M.)

But it's the integration that holds the greatest appeal for BT, says Hughes. He credits Cisco's "smart" acquisition strategy for giving it a significant differentiator in the marketplace.

Other security vendors are also heeding the carrier's cry for new approaches, and some traditional security vendors are virtualizing their products and looking to be part of this transition as well.

Rastogi says that as Cisco addresses the service provider security need, it will be working with some of these other players and is committed to maintaining an open security architecture. But it's also clear Cisco has put a major notch in its security belt with the BT deal, and that this success is built on being a trusted partner in creating this new kind of response to the growing security threat.

— Carol Wilson, Editor-at-Large, Light Reading

cjaggi 1/5/2016 | 3:49:05 PM
Re: Cisco taps new product strategy Cisco's security track record:


These are just the published and widely known vulnerabilities. 

In a joint press release Cisco even admitted that their integrated IP network protection is not state-of-the-art: 


While Cisco makes some good products, in terms of security the track record isn't really stellar and many products are way behind state-of-the-art. One prime example is Cisco MACSec for WAN.

pdonegan67 1/5/2016 | 6:57:07 AM
Cisco taps new product strategy Go back three years or so and Cisco was a trusted security partner in terms of what it could deliver from its router platforms. Where its dedicated security product portfolio was concerned, though, Cisco was barely at the races where the service provider sector was concerned.

There then followed a couple of years during which security featured very prominently in John Chambers' high level messaging to customers and investors. It took a while for a new portfolio to start to filter through into the market - and then the first beneficiares were primarily enterprises.

It would be fair to say that it's taken a while - probably longer than Cisco would have liked - for its investment in security to yield a new portfolio that is aligned with new service provider requirements. But this BT reference is a very compelling one. 

It's noteable that Mark Hughes mentions Cognitive Security among the key acquisitions in the evolution of the Cisco portfolio. It is among the least high profile of Cisco's many security acquisitions over the last three years but is nevertheless widely recognized as a little Czech gem among the security cognoscenti.

With Ericsson all set to resell this new Cisco portfolio as well, this is most definitely a major security gauntlet thrown down to Nokia and Huawei among other end to end telecom vendors. What is their response going to be in this space? It's also an important marker for the likes of Palo Alto and Fortinet, both of whom have made significant gains in the service provider space while the Cisco tanker was undertaking its mid-ocean turn-around in this key market segment.

This phase of Cisco's security stratgey has been built on acquisition and internal product integration. Subsequent phases will rely much more on how well the company can integrate independent third parties in the security space through virtualization - and much less on buying them.

Sign In