Cisco’s Tom Gillis On Building The ‘Security Cloud’ And New Feature Updates
The former head of VMware’s security business, Gillis joined Cisco in January and tells CRN that the company has a unique opportunity to provide the security layer for the multi-cloud and hybrid cloud world.
What is the idea behind the Cisco Security Cloud? And if it’s a vision, then what stage is it at?
My job is to put teeth into that vision. Here’s the vision, and it’s actually quite simple. So if you kind of blur your eyes and say, the world is turning into four big computers: Amazon, Google, Azure and your own private data center. There are security controls that are embedded in each one of them. And it’s not that one is better or worse than the other, it’s that they’re different. And so, we think that there’s a desire for a security layer that sits up on top of those four separate pieces of infrastructure, provides consistent controls, integrated visibility and can look broadly across multiple different domains.
The same way that Kubernetes became this ubiquitous layer across all different forms of infrastructure, we think we can do something similar. So how does that manifest? We’re building a single place where you log in — one login, one common set of interfaces, one common management policy. And most importantly, one data lake on the backend. So when we gather telemetry from those email boxes, or from those endpoints, or from that network data, or from things like ThousandEyes, where we’re measuring network performance — we can pull all these things together. And then that gives us a fairly comprehensive view into that lateral movement of attackers. And that’s the Cisco Security Cloud.
How close do you feel like Cisco is at this point to making that a reality?
We’ll be showing really the first examples of this at RSA. So a lot of this stuff is code complete. And I see it and use it and touch it. When you’re building a system, there’s a bunch of work to do to build the infrastructure pieces, the plumbing to get it all to work. Once that’s done — which it is — our ability to rapidly introduce new features is very high because you don’t have to reinvent a login service, a logging service, the policy creation, the UX — all that stuff is already in place. So I think you’ll see from us a steady drumbeat. So at RSA, we’ve got some big news, and then at Cisco Live in Vegas, which is a month after RSA, [we’ll have] more big news. All this is going to be around the Cisco Security Cloud.