Re-Energized Cisco Security Strategy Wins Praise From Fast-Growing Partners

Cisco Systems Chairman and CEO Chuck Robbins realizes the company's approach to security hasn't always been complete or obvious to customers and partners, but since he took the top job at the networking giant in 2015, a clear, re-energized strategy has emerged, and solution providers have taken notice.

Partners say they're experiencing dramatic growth with a significantly revitalized, comprehensive Cisco security portfolio as the San Jose, Calif., company shifts toward a software-, automation- and subscription-focused strategy based on open, programmable systems with security throughout. Cisco's recent run of smart, well-timed acquisitions is at the heart of the company's re-energized security strategy, partners say.

"It's been hard for people, analysts, customers, partners, etc., to understand where we were going," with regard to security, Robbins told CRN. "The reality is that in this world our customers are facing, the old way of building security architectures doesn't work anymore. That was based on the premise that you had a single ingress-egress and just put a big firewall there. The reality is in this world where you have requests originating from the edge of the network, from the branch, from the mobile user, and those requests are accessing applications sitting in 150-200 different places. How do you put firewalls in the right place? You have to build a dynamic architecture that's completely integrated with the network, that has this cloud-state machine that we've built that allows us to ingest threats and then dynamically update signatures across every piece of security in the network."

Steve Benvenuto, Cisco senior director partner operations, global security sales, said Cisco's security efforts in recent years have resulted in a significantly expanded portfolio, larger deals and more opportunities for partners.

"Partners are seeing what Cisco has done over the last four years, and they're looking at Cisco as an extremely serious player in security like maybe they didn't six or seven years ago," Benvenuto said. "Where two years ago our partners were selling maybe two of our security products, now we have a group of about 500 partners that we really focus the most on and 80 percent of those partners sell more than five of our security solutions into their customer base. It's an expanded portfolio, it's bigger deal sizes, it's more services opportunities, and the ability to wrap their services and managed services around it and they're walking into customers that trust Cisco in the network and the data center and the collaboration portfolio. It's really compelling for partners to bring in security and sit it right alongside all the other architecture investments they've made in the past."

John Maynard, Cisco’s global security sales chief, said the company has redeveloped its security portfolio and strategy as customers increasingly emphasize integration and automation amid an ever-expanding threat landscape.

"Three or four years ago, what we heard from customers was I'm going to fill a security problem with a security technology," Maynard said. "It was bit by bit, and you had a landscape of 70-plus security vendors. The No. 1 thing our customers tell us now is they want integration. We saw that three years ago and built the strategy to be present on every single major threat vector that exists in our customers today, whether that's email, network, endpoint, identity. Our strategy is to be everywhere, but to be integrated so we can drive visibility for our customers. They don't have to knit together 70 security controls. We can drive threat efficacy and the ability to see more because of the breadth and scale of Cisco and apply that across all the threat vectors of our customers and do that in a very automated, orchestrated way so we can drive efficiency and cost savings in our customers. Customers are demanding consolidation and automation, but they don't want to do it at the expense of diluting their ability to detect threats. That's where Cisco's strategy has been spot-on."

Ron Temske, vice president of security and network solutions at Logicalis, a New York City-based solution provider that works with Cisco, said Cisco's drive to integrate security into every corner of its portfolio means dramatic growth for Logicalis's security business and signals a noticeable straightening of the San Jose, Calif., company's security posture.

"There's an energy, there's a drive," Temske said "They're going to push and push hard. We've seen a reenergizing around security, which candidly, if you go back four years or so, it was there, but you weren't seeing the investments like buying OpenDNS. You've seen an acquisitive focus there, as well as internal focus. You hear security mentioned a lot. We're seeing Cisco change."

Logicalis's security business with Cisco is growing at a triple-digit pace, Temske said, and it's driving growth in other high-profile Cisco product lines, like the Catalyst 9000 family of switches, the foundation of its intent-based networking strategy and the fastest-growing product in its history. Customers are keen to move to Cat9K switches because it allows them to upgrade to Cisco's Encrypted Traffic Analytics solution, Temske said.

Temske predicts that the burgeoning IoT market will also drive Logicalis's Cisco security business. "The No. 1 barrier to IoT in a customer's mind is how to make it secure," Temske said. "Our goal is to solve that problem for them, and now it can be done."

Cisco acquired cloud security firm OpenDNS in Aug. 2015, barely a month after Robbins was made CEO. By then, the company had begun developing its security portfolio with the acquisitions of SourceFire in mid-2013 and ThreatGrid in May 2014. The pace quickened after the OpenDNS acquisition, however. The company acquired Portcullis, a cybersecurity services firm, in September 2015 and followed up with the acquisition of threat visibility and security intelligence company Lancope Inc. the next month. The company bought cloud access security broker CloudLock in June 2016; network forensics security firm Observable Networks in July 2017 and two-factor authentication vendor Duo Security last August.

The entire Cisco security ecosystem is underpinned by its Talos threat intelligence organization, which the company says sees three times as many threats daily as Google sees searches.

"I think they have solidified their position tremendously," said Faisal Bhutto, executive vice president of enterprise networking, cloud and cybersecurity at Houston, Texas, solution provider Computex. "Three years ago, it was still like is Cisco serious or not? Ever since the OpenDNS acquisition, they've been gaining momentum with CloudLock, now Duo. That's real stuff. The message around Advanced Malware Protection got stronger. It's a tremendous improvement. Before it was a firewall play, and an endpoint play. Now you've got single sign-on Multi-Factor Authentication, Cloud Access Security Broker, all under Cisco Umbrella, Umbrella running on the SD-WAN platform. Those are all good moves. Even in the market, customer perception is tenfold better compared to three years ago."

Cisco in mid-November added even more emphasis to its security message when it announced it would embed its entire security portfolio in its fast-growing SD-WAN solutions, which are among the company's biggest priorities for the coming years.

The shift toward a more complete security architecture rather than an assemblage of point products is resonating strongly with customers, said Vinu Thomas, CTO of New York City-based solution provider giant Presidio.

"It's no longer just a point discussion," Thomas said. "They've got a really nice architecture and framework that's coming together and now you can position products before, during and after the attack continuum. That's really important to our customers."

Thomas said David Goeckeler, executive vice president and general manager of Cisco's networking and security business, has masterfully re-imagined how the company approaches the security market.

"Goeckeler and team have done an outstanding job by saying here is how we visualize the attack spectrum, now let's see what products we have in our portfolio that we can actually plug in there to through the attack continuum," Thomas said. "Then they can say let's see if there are acquisitions we need to make to plug the gaps. That's a really strategic way of doing this rather than saying let's buy all these products and then figure out what we need to do. That's a big difference." The shift means Cisco partners have a large, profitable portfolio to draw from, and Presidio itself is seeing strong growth. "There's confidence at the field level, confidence in the portfolio, confidence that they can actually execute," Thomas said. "That's why we've seen high double-digit growth with them in the security portfolio, and they've seen great growth, as well. They talk about plugging security into everything we're doing and selling, Cat9K, SD-WAN. Security is now becoming an integral part of all their conversations. That's a really powerful story and Presidio is growing really, really well with Cisco."