Cisco has advanced its efforts to seamlessly connect security and networking without forcing solution providers to stitch together products from different vendors. The networking giant debuted new capabilities and simplified procurement options Tuesday at Cisco Live Digital 2021 aimed at driving adoption of its authentication technology and Secure Access Service Edge (SASE) offering.
“Cisco is reflecting the messages we’re getting from the industry about what they need when it comes to SASE,” said Raviv Levi, vice president of cloud security. CRN discussed enhancements around Duo authentication, SASE and the SecureX cloud platform with Levi, Cisco Zero Trust General Manager Ash Devata and Cisco Secure Director Joakim Lialias.
Insight Enterprises has seen demand for SASE grow as customers look to put their network security technology in the cloud for more visibility, said Rob Parsons, practice director for network and integrated security at the Tempe, Ariz.-based company, No. 15 on the 2020 CRN Solution Provider 500. “This allows us to get to market quicker,” he said. “The requirement of proof is lessened by the evidence.”
From data loss prevention and automated SolarWinds attack workflows to passwordless authentication and a SASE subscription service, here’s a look at five groundbreaking cybersecurity tools and features debuting at Cisco Live Digital 2021.
5. New SecureX Workflow to address SolarWinds attack
Platform enhancements to Cisco SecureX are expected to reduce dwell time for security operations and automate tasks involved with detecting and remediating threats, the company said. New automated workflows include the SolarWinds supply chain attack, phishing investigations and threat investigations, which reduce the time to detect threats by 95 percent and the time to remediate them by 85 percent, Cisco said.
“This allows us to be able to react faster to events in clients’ environment and react in a faster, repeatable motion,” Insight’s Parsons told CRN. Automation can help Cisco partners like Insight boil down available data to what’s absolutely most critical and act more quickly on that, according to Parsons.
The SolarWinds supply chain attack workflow is a way for customers to ensure they’re not impacted and alleviates the extensive manual process many customers had to undertake months prior, Lialias said. More than 6,000 Cisco customers have deployed and are using SecureX since it was made generally available to the public in June 2020, according to Lialias.
Cisco Secure Client, meanwhile, is a newly integrated connector that simplifies the deployment and management of Cisco Secure Endpoint, AnyConnect VPN and Umbrella web and cloud security, with plans to add Duo access security as well, Lialias said. SecureX now provides turnkey configurations with more than 35 third-party technologies including Google, ServiceNow and Splunk, according to Cisco.
4. Better traffic routing via SD-WAN, cloud security integration
The Cisco Meraki team has extended its SD-WAN fabric into the cloud edge to simplify Internet Protocol Security (IPSec) tunnel connectivity and avoid maintenance and orchestration challenges, Levi said. IPsec isn’t the best mechanism for reliably connecting a physical location into the cloud due to concerns around IP address changes or failovers, according to Levi.
The SD-WAN and cloud security integration leverages analytics and performance monitoring to fully automate and orchestrate decision-making when it comes to traffic routing, ensuring traffic goes through the right tunnel and cloud entry point based on performance and latency metrics, according to Levi.
As a result, Levi said Cisco can take its SD-WAN technology with multiple tunnels, redundancy and reliability and extend it all the way into the cloud. Cisco plans to demo the integration between Meraki and Umbrella during Tuesday’s keynote, Levi said, and intends to create a similar fabric extension for Viptela in the future.
3. DLP, browser isolation, malware detection all on road map
Cisco throughout 2021 plans to roll out security capabilities that unlock new SASE use cases and allow security needs to be addressed without forcing customers to hire additional IT specialists, Levi said. Cisco Umbrella data loss prevention (DLP) is expected to be in limited availability in April and will be faster than competing DLP products while requiring less configuration to work in the cloud, Levi said.
Cisco Umbrella cloud malware detection is in limited availability and leverages intelligence on the endpoint as well as cloud traffic and out-of-band activity on Office 365 to provide total coverage, according to Levi. The malware detection leverages one security stack that infers information from a tight examination of traffic as well as a stack that assumes some connection with a service provider.
Meanwhile, Cisco Umbrella remote browser isolation is in limited availability and allows users to safely look at websites while protecting end-user devices and corporate networks from browser-based exploits, the company said. Offering more components through Cisco should stream deployment and minimize integration challenges for customers as they broaden their security stack, Levi said.
2. SASE delivered via a single dashboard and subscription
Cisco in May will begin allowing customers to order all the core SASE components in a single offer that can in the future transition into a subscription. Combining networking, remote access, cloud security, zero trust network access and observability into a single subscription service with a single dashboard will give customers key connectivity, security and analytics capabilities.
Most of the Cisco SASE components are generally available today and have already been used by customers in production environments, meaning the company should be able to deliver the service in short order, according to Levi. Cisco isn’t yet disclosing the price for its full SASE service, Levi said.
While Cisco will have all the building blocks for a SASE architecture in a single bundle, Levi said the company will ensure customers are able to go through the transition to the cloud at their own pace without harming their business from an operations or security standpoint. For instance, Levi said customers with complex campus networks can start by just moving their remote workers over to a SASE architecture.
1. Biometrics pave the way to passwordless authentication
Duo passwordless authentication will enable enterprise users to skip the password and securely log into cloud applications through security keys or biometrics built into modern laptops and smartphones, the company said. It leverages biometrics platforms such as Windows Hello and Apple FaceID and TouchID, allowing organizations to consolidate hundreds of passwords and authentications into one easy login.
“People are thinking about and yearning for passwordless,” said Jeremiah Salzberg, senior director and security technologist at San Antonio-based Sirius, No. 21 on the 2020 CRN Solution Provider 500. “Managing passwords is the bane of our existence.”
The product enables biometrics to be securely stored on and validated locally by the device as opposed to a centralized database and is designed to meet GDPR as well as standards like HIPAA and PCI, Devata said. Passwordless authentication will be a default feature in higher editions of Duo, Devata said, and the company hopes to have it publicly available in July.
More than 300 customers wanted to try out Duo passwordless authentication in beta even though there were just 50 slots available, and Devata said there’s been broad interest in the tool outside the federal contracting space regardless of vertical or size. Devata said the road to passwordless authentication has taken six years and required advances in biometric technology as well as more modern standards.
“This is something that every customer is interested in,” Devata said. “The only people who like passwords are attackers because they can easily compromise them.”