What’s Next For Cisco: Security As A Service?

by Preeti S    Apr 01, 2015


At a time when enterprises are constantly facing sophisticated attacks unleashed by cyber criminals, implementing robust and scalable security practices is a fundamental part of a business strategy.

The increasing need for such services lays the foundation for Gartner’s prediction that cloud-based security services market reaching $4.13 bn by 2017.

As the market matures, there is a need for innovative ways to engage with customers. Cisco, which has a large range of cloud-based security solutions, is already building capabilities in the space of security-as-a-service (SECaaS).

Talking about the future trends in security, Pravin Srinivasan, Lead, Security Sales, Cisco India and SAARC, told CXOToday that SECaaS is already being adopted in the US and Europe, but is still catching up in India.

He says, “with the changing threat landscape, a customer can’t just build a firewall and be content with it. He can’t keep buying solutions to deal with every new threat.”

        Also read: Data-centric approach to security

The best way to deal with this that a customer builds the basic needs of security and in case of advanced threats, he seeks the intervention of outsourcers, says Pravin.

In Security as a service (SECaaS), a service provider will deliver security as a service from the cloud on a subscription basis and from the customer point, it doesn’t require any on-premise hardware. The services primarily involve identification of threats, authetntication, attack detection and quarantining.

That apart, Pravin says Bring your own device (BYOD) and cloud are business critical phenomena, and they will change the way security is considered, as it is not a one-time challenge an enterprise faces.

“Customers would want to know how to automate their infrastructure. For smaller customers, it would be to know how much of their infrastructure can actually go on public/hybrid cloud,” he says.

Scope vs scale

The Internet of Things is changing the way enterprises are offering their solutions in a connected world.  Cisco estimates that 50 billion devices and objects will be connected to the Internet by 2020.

While scope for security is huge, it comes with its own set of challenges.

     Also read: Application security trends for 2015

As Pravin says, “One is pure scale. A lot of technologies developed are enterprise class, service provide class and for smart connected communities. We do a lot of testing, but when we deploy, we realize the issue of scale and how we are not able to give the same level of security. Last time, we provided additional security, but there were still bumps in the wires. So, it is a trade-off.”According to him, a lot of learning happens on the ground, during the project, during R&D. “So the  two major challenges are gearing up to the scale and getting it right,” he adds.

Dealing with legacy issues

While every customer wants a next-gen firewall, the service providers are faced with a challenge of having a system to address the needs of customers, who have not migrated to the new technology platforms.

Pravin says, Cisco has been effectively dealing with such issues. “The basic thing like the firewall should not be neglected. Because it has traditional apps built into it and a next-gen firewall will not be able to recognize them. Hence one needs to build upon the legacy apps and put in place policies based on protocols. Basically, it has to be a combination of both,” he says.