Cisco has fared poorly in a new index ranking vendors of security products on sales performance, coming in seventh out of eight companies on recent quarterly growth.

Security sales rose just 3% in what Cisco Systems Inc. (Nasdaq: CSCO) refers to as its most recent fourth quarter (covering May to July), to $558 million, compared with the year-earlier period, according to the third edition of the HardenStance Network Security Spending Index (NSSI), which began monitoring security vendors in March this year.

That means Cisco grew at a slower rate than Symantec Corp. (Nasdaq: SYMC), Palo Alto Networks Inc. , Fortinet Inc. , Sophos plc , Check Point Software Technologies Ltd. (Nasdaq: CHKP) and Trend Micro Inc. in their equivalent March-to-June or April-to-July quarters.

Only Juniper Networks Inc. (NYSE: JNPR) did worse than Cisco, reporting a 12% year-on-year drop in quarterly security sales, to $69 million.

Perhaps even more importantly, Cisco also performed badly when measured on sales growth in a 12-month period, coming sixth in the eight-vendor ranking.

Revenues were up 9% in the year ending July, to about $2.15 billion, compared with the preceding 12-month period, putting Cisco behind Palo Alto Networks, Symantec, Fortinet, Trend Micro and Sophos, but ahead of Check Point and Juniper for the equivalent 12-month reporting period.

Despite its comparatively sluggish rate of growth, Cisco continues to rank as the second-biggest security vendor on total sales. But it falls a long way behind market leader Symantec, whose revenues were double Cisco's in the latest 12-month reporting period.

Known as the world's largest vendor of Internet Protocol network equipment, Cisco has made a push into the fast-growing security market as it tries to offset a slowdown at its mainstream hardware business.

But HardenStance founder and principal analyst Patrick Donegan flags concern about several aspects of Cisco's positioning in the security space, including its firewall products. "I continue to hear of customers not being happy with their firewall software," he tells Light Reading.

Donegan also calls into question some of the security claims that Cisco has made about Network Intuitive, its recently announced intent-based networking initiative.

"The ability to detect malware from a encrypted traffic stream with the whole Network Intuitive push may well have real value -- let's see what customers make of it," he says. "But certainly Cisco's initial pitching of it has had far too much of a marketing-driven 'silver bullet' ring to it -- and that's just not the real-world, incremental, risk-mitigating tone that a lot of enterprises expect from a leading security partner."

Want to know more about cloud services? Check out our dedicated cloud services content channel here on Light Reading.

Donegan broadly welcomes Cisco's focus on security but sees a risk that its bullish rhetoric will backfire.

"The core of the security strategy is fine, it makes good sense," he says. "They're just getting a bit ahead of themselves -- talking the talk quite a bit better than they walk the walk. I just don't think that's going to help them in this market space."

HardenStance's latest ranking comes shortly after Cisco was forced to defend the performance of its security business during an earnings call with analysts.

"I have zero concerns about the business -- this is a revenue-timing issue," said Chuck Robbins, Cisco's CEO, according to a Seeking Alpha transcript, after one analyst raised concern about the slow rate of growth in the security business. "We saw some of the strongest order growth in the quarter as we've seen in the last two years ... So the strength in the business I'm still comfortable with."

Along with some other vendors in this space, Cisco's security strategy has been fueled largely by takeover activity over the last few years, including the $293 million acquisition of CloudLock in June 2016 and a $452.5 million takeover of Lancope in late 2015.

Donegan says acquiring a security portfolio, including a number of leading-edge companies, doesn't automatically make for a leader in security. "Buying up a quarter of Bordeaux's vineyards doesn't make you a sommelier. It doesn't even mean you're a great wine merchant," he says. "It just means you own a load of real estate in the south-west of France."

— Iain Morris, , News Editor, Light Reading