RSA: Cisco launches SASE, offers roadmap for other cloud-based services

Cisco made a variety of security upgrades at the RSA Conference designed to move security operation to the cloud, improve its Secure Access Service Edge offering and offer new simplified security end point control.

The biggest piece of the Cisco roll out was a new overarching security platform called the Cisco Security Cloud will include unified management and policies, and offer open APIs to help grow a multivendor security ecosystem. 

Cisco defines the  Security Cloud as a “multi-year strategic vision for the future of security.” It is an ongoing journey that began several years ago and Cisco will continue delivering upon the key tenets of this vision with a consistent roadmap. The cloud will be made up of existing products like Umbrella and offerings from Duo, other features will be developed in the future.

While the specifics of that roadmap are a little vague, the design goal of the Security Cloud is to sit horizontally as a layer on top of the infrastructure across a customer’s cloud services—the major ones being Azure, AWS and GCP and then they probably have some level of private data center—to protect all of the core applications, said TK Keanini, CTO of Cisco Secure. “The goal of the Security Cloud is so that there is no lock-in to a specific environment – meaning it will avoid being native and exclusive to any one cloud service or private data center. Instead, the security function is abstracted above what it protects and can function as horizontal as their hybrid-multi cloud environment.”

The other goal is to simplify the security experience for end users by including Cisco authentication, threat prevention, detection, response, and remediation all in one place, Keanini said. The goal is to ultimately have networking, policy and other services delivered from the cloud.

“The Cisco Security Cloud will deliver security  every time you connect, every time you authenticate, every time you want to use a security service,” Keanini said. “The idea is that we’re trying to simplify that experience at scale and not just simplify a product, Keanini said.  

A new SASE bundle

Cisco also rolled out a turnkey SASE subscription service called Cisco+ Secure Connect Now. The package, availabe now, features Cisco Meraki SD-WAN technology which includes integrated branch connectivity, security, management, orchestration, and automation support manageable via a single dashboard.

Cisco has been talking about the SASE service since it introduced its overarching network-as-a-service plan, Cisco Plus, a year ago. The idea is to offer customers a cloud operating model that makes its simple to buy and consume the necessary components to improve and grow their businesses, Cisco said. 

The company’s first NaaS offering Cisco Plus Hybrid Cloud, includes the company’s data-center compute, networking, and storage portfolio in addition to third-party software and storage components all controlled by the company’s Intersight cloud management package.  Customers can choose the level of services they want for planning, design and installation.

“SASE is extremely high interest for clients, as it is the ideal technology to suit a distributed workforce using distributed cloud/SaaS applications. There is rampant client interest in SASE and we forecast the market to grow massively over the next few years. Thus, a lot of competitors are heavily investing in SASE including Cato, Versa, and Palo Alto Networks, just to name a few,” said Andrew Lerner Gartner Research vice president.

“The first thing that jumps out is that the UI is based on Meraki. This is surprising but in a good way as it indicates a focus on simplicity and cloud-based management which are hallmarks of the Meraki brand. With the UI, you now get configuration, management and visibility from the same console,” Lerner said.

 “Overall this is a move in the right direction for Cisco, as it less moving pieces/parts overall compared to what was available prior — which would’ve required multiple consoles. However, there’s still work to be done, as must customers would like a unified policy engine, SDWAN traffic steering, and a common data lake associated with a SASE offering as well, and those aren’t available yet,” Lerner said.

A single endpoint security agent

Cisco said that early in July it will launch a single endpoint agent to support itsAnyConnect, Secure Endpoint, and Umbrella security platforms. Each has its own agent now. “We are looking to simplify the administrative and operational costs of managing the endpoint footprint which can include thousands of devices and products,” Keanini said.

As part of its RSA rollout, Cisco also debuted:

• The Talos Intelligence On-Demand service that lets customers sign up to get custom security research from the vendor’s security group. The service is available now. 
• A new security feature called session Trust Analysis that uses the open Shared Signals and Events authentication standard to share information between vendors to evaluate risk after the user logs in by continuously verifying user and device identity. The goal is that by continuously assessing user risk both before and after login, organizations can respond more dynamically—expediting access in trusted scenarios and stepping up security requirements in risky ones, Cisco stated. Cisco said it will demo an implementation the feature with its Cisco Secure Access by Duo and Box at the conference.
• A patent-pending Wi-Fi Fingerprint technology that acts as a location proxy to track users without compromising privacy, Cisco stated. The Trust Analysis and Wi-Fi features will preview in the second half of calendar 2022.