Partners: New Cisco Security Offerings Take Aim At Palo Alto Networks
Cisco Systems' new security offerings put the network market leader into a prime position to take on security superstar Palo Alto Networks, solution providers said.
San Jose, Calif.-based Cisco this week launched new models of its ASA (Adaptive Security Appliance) firewall line, dubbed ASA With FirePower Services, new malware protection and its own incident response services.
"The new threat-centric model that Cisco is leading with is absolutely giving current and potential Palo Alto customers pause," said Josh Jones, senior architect of network security at Insight Enterprises, the $5.3 billion solution provider behemoth that partners with both Cisco and Palo Alto Networks. "In the past four to six months, we have had a number of midsize and enterprise customers come to us wanting to know more information about how Cisco's new products, specifically how the ASA with FirePower compares against Palo Alto. … As an integrator of both solutions, we fully expect that the interest and excitement will continue and we believe that Cisco now has a very strong and compelling case to compete against Palo Alto."
Jones said Cisco has filled a much-needed gap with the midmarket offering that he sees simplifying the perennial security management problem. "The ability to look into a single pane of glass and see easy-to-read dashboards of security event information and being able to triage an attack outbreak in a matter of minutes is also quite compelling to our customers," he said. "The customers that we work with have been asking for solutions that reduce the complexity of the threat management process. Cisco is really the only solution in the market that is reducing that level of complexity and giving the customers a highly comprehensive package that covers the entire threat landscape end to end."
Cisco is one of Insight's top vendors. In 2014, sales of Cisco products accounted for 10 percent of Insight's consolidated net sales, according to the Insight 10-K.
Palo Alto Networks did not respond to requests for comment.
But Santa Clara, Calif.-based Palo Alto Networks has been a thorn in Cisco's side growing its security business at a breakneck pace. Palo Alto Networks reported a whopping 54 percent increase in sales for its fiscal second quarter ended Jan. 31 to $217.7 million. What’s more, the company saw a 40 percent increase in new customers over the past year.
In contrast, Cisco reported a mere 6 percent growth in security revenue to $416 million for its second fiscal quarter ended Jan. 24. Partners said Cisco, which weighs in at $41.7 billion in annual sales compared to Palo Alto Networks' $600 million in annual sales, is finally stepping up its security offensive.
"Cisco has the legacy ASA firewall market, but has been losing ground to Palo Alto and Fortinet. This should help them," said Bill Smeltzer, CTO of Focus Technology Solutions, a Seabrook, N.H.-based Cisco partner. "Cisco has a lot of incumbency. If these [security offerings] are priced right, they should be able to gain market share … Palo Alto is working on strong integration to VMware NSX, [so] I think Cisco will need to integrate that as well."
Kent MacDonald, vice president of converged infrastructure and network services at Long View Systems, a Calgary, Alberta-based solution provider and Cisco partner, No. 76 on the CRN SP500, said the new security offerings definitely make Cisco more competitive against Palo Alto Networks.
"The Palo Altos of the world have been taking market share away from Cisco because of the security gap in the Cisco portfolio, but I think [Cisco] will be more competitive now with the Palo Altos of the world," he said. "One thing I know about Cisco is, when they focus on something, they typically are very successful and get it right. … I'm very happy to see that they've upped their game and gotten back in the security game."
MacDonald said Cisco's end-to-end portfolio makes for a compelling story for customers looking to simplify their IT environments.
"Now that Cisco has the product set that addresses the end-to-end -- from the data center to security -- I think it's going to be a strong play to do a Cisco broad deployment extending into security," said MacDonald. "By having a single vendor, there's a simplicity in management, there's a simplicity in support and that will be an accelerator for Cisco."
Cisco touts its new ASA with FirePower Services as the industry's first threat-focused, next-generation firewall -- combining standard firewall support, application visibility and control, advanced malware protection and intrusion-prevention capabilities into a single device. Cisco is targeting midsize companies and branch offices with the new ASA firewall with prices starting at $995.
Cisco this week also unveiled AMP (Advanced Malware Protection) Threat Grid, providing the latest malware threat intelligence and malware-analysis capabilities available as a cloud service or through new UCS-based on-premise appliances.
Peter Burke, technical consultant at the network security company Force 3, a Crofton, Md.-based solution provider who partners with Palo Alto and Cisco, said the integration of Threat Grid, which Cisco acquired in May 2014, is unique in the market because of the number of customers and overall reach Cisco can provide that cannot be matched by competitors.
"This will help Cisco keep up with competitors like Palo Alto," said Burke. "With Cisco's recent [security] acquisitions and integrations, it is obvious that they are working to become a major player in the security community and are focused on continuing to be a segment and thought leader."
The AMP Threat Grid analytics engines provide security teams with breach detection against advanced malware, allowing them to quickly scope and recover from a breach by providing context-rich, actionable threat intelligence, said Paul Davis, director of advanced threats security solution architecture for Cisco.
In addition, Cisco launched a new incident response services group built to work with companies to locate the source of an attack, how it entered and what data was compromised.
Davis said Cisco aims to solve all the security needs of an organization no matter the size. "The rollout of these three things is a shout-out there to say that, 'We are here and we are looking at the whole picture,'" he said. "The breadth of our portfolio, our services, our threat intelligence are big differentiators for us compared to our competitors."
"You can look at point solutions, you can do that, but with Cisco [the breadth of our offering] just resonates so strongly for me that nobody has that spread of portfolio, that have that automation, that retrospection, the depth of analysis. ... We're looking at the whole problem of how you keep an environment secure, which is applicable to all sizes of organizations," said Davis.
Cisco said its AMP portfolio includes the most extensive built-in threat intelligence, advanced analytics and continuous monitoring capabilities, as well as the only retrospective security capabilities for rapid detection and remediation in the market.
"This is probably the best security story Cisco has had in maybe a couple of decades," said Zeus Kerravala, principal analyst at ZK Research. "The threat to competitors is certainly there from Cisco now."
The new AMP grid was created by integrating technologies through last year's acquisition of ThreatGrid, a New York-based provider of malware analysis and sandboxing technology. Partners said Cisco's $2.7 billion acquisition of cybersecurity specialists Sourcefire in 2013 and Chicago-based security company Neohapsis in 2014 are other shining examples of what lies ahead for Cisco's security portfolio.
Palo Alto Networks last month unveiled its AutoFocus cyberthreat intelligence service, which it said provides prioritized, actionable intelligence designed to give customers an advantage when battling cyberthreats, according to a company statement. The Santa Clara, Calif.-based company said the service is able to expose the latest threat tactics, techniques and procedures used by attackers, as well as to identify how specific threats fit into a larger campaign.
Cisco's networking reach gives the company some advantages as it steps up the attack against Palo Alto Networks, said Kerravala.
"The way Cisco can approach the market is unique, because they own so much of the network that they can secure an environment at a level that other organizations or traditional security vendors would struggle to do," he said. "If Cisco can take some of this threat intelligence they have, then eventually put it into every switch, every router, every device they have -- with Cisco you can wind up with a pervasiveness to security that it would be very difficult for other security vendors to replicate. For Palo Alto, FireEye and other security vendors, it is something to watch, because if Cisco is successful doing that, it makes it very hard to get anything into that ecosystem."
PUBLISHED APRIL 10, 2015