Cisco Continues Sourcefire Integration With New Next-Gen Firewall

Cisco Systems Tuesday continued to bear the fruit of its $2.7 billion Sourcefire buy, rolling out a next-generation firewall that leverages Sourcefire's advanced malware and intrusion prevention capabilities.

Called Cisco ASA with FirePower Services, the new offering marries Cisco's existing ASA 5500 series firewalls with Sourcefire's next-generation intrusion prevention systems and advanced malware protection, creating what Cisco billed the industry's first next-generation firewall to be truly "threat-focused."

Legacy next-generation firewalls have succeeded in areas like policy and application control, but they tend to fall short when it comes to addressing advanced or zero-day attacks, according to Jason Brvenik, principal engineer of Cisco's Security Business Group.

[Related: Cisco Integrates Sourecefire Advanced Malware Protection Into Web, Email, Gateways]

id
unit-1659132512259
type
Sponsored post

"The challenge here is that while [next-generation firewalls] offered a great operational advantage for policy definition, because they matched more the intent [of the user], it still didn't solve the real problem or the root of why firewalls existed in the workplace and that's to stop attacks," Brvenik said.

Cisco ASA with FirePower Services, Brvenik said, changes all that through the use of the Sourcefire technology. The integrated firewalls also provide visibility into users, mobile devices and client side apps, which can be tracked through a management dashboard.

Brvenik said there is no need for existing Cisco ASA customers to replace their existing appliances in order to deploy the new Sourcefire FirePower services. Depending on the specific ASA device, they can either layer the Sourcefire software on top, or they can add another blade into their chassis to access the functionality, he said.

Mario Balakgie, director of cyber security at World Wide Technology (WWT), a St. Louis-based solution provider and Cisco Gold partner, said one of the biggest advantages of Cisco's ASA with FirePower Services is that it allows customers to leverage their existing Cisco gear.

"Typically, when you have a next-generation firewall capability, it requires you to replace your existing products or capabilities, meaning you need to make a new investment. This is an additive capability, which is extremely different," Balakgie said. "It's a much more palatable and a much more inviting approach for people than to say, 'You have to make a replacement.'"

To coincide with the launch of its next-generation firewalls, Cisco also rolled out Tuesday a new set of security-focused partner specializations and promotions. The new specializations include Express IPS, targeted at Cisco partners selling Cisco intrusion prevention systems, but not necessarily other products within its security line. Cisco in February introduced other Express security specializations, including one focused on its email security solutions and one on its next-generation firewalls.

Also new is the Cisco Advanced Security Architecture Specialization, which is aimed at partners who are selling the end-to-end Cisco security portfolio.

To nudge partners to go to market with Cisco security products, the networking giant also launched Tuesday its Security Ignite Program. Specific rewards vary by country, but the program offers solution providers roughly a 6 percent discount on select Cisco security products, said Al Jacobellis, director of Global Partner Strategy, Security Solutions at Cisco.

"This rewards partners for going out there and driving new opportunities with our strategic security products, like next-generation firewall and IPS," Jacobellis said.

The discounts earned through the Security Ignite Program can be combined with additional discounts or incentives from other Cisco partner rewards programs like VIP or OIP, Jacobellis said.

Jacobellis noted that Cisco is continuing to drive integration between the legacy Cisco and Sourcefire channels, and said, those efforts so far have been going "extremely well." He said channel conflict between the two partner bases has been minimal, if any.

"With any acquisition and that [kind of] integration, you are going to have partners make decisions based on their business models and what's best for them but, right now, the feedback has been positive," Jacobellis said.

Balakgie, for his part, said Cisco's acquisition of Sourcefire has given a major boost to WWT's Cisco security business over the past year.

"We have already seen a major increase in our sales and revenue with Cisco as a result of this," Balakgie told CRN. "It's gone up significantly this year compared to last year."

Balakgie also said the acquisition, which closed last October, has armed Cisco with the kind of high-end solutions it needs to compete more effectively against security players like Check Point and Palo Alto Networks.

"Prior to the Sourcefire acquisition, Cisco was not a dominant player in security. Their products were sufficient, but they were not exceptional," Balakgie said. "It's been a major difference in the way Cisco and we play in this market."

PUBLISHED SEPT. 16, 2014