Cisco Security: That Old Familiar FaceBy Baselinemag | Posted 2004-10-01 Email Print
Modernizing Authentication — What It Takes to Transform Secure Access
Cisco Systems has the lion's share of the market in part because the company is a large, familiar presence in enterprise networks.
Cisco is a billion-dollar-a-year champ in the security market, pumped up by an oxygen-like pervasiveness in corporate networksdespite what some consider mediocre management tools.
Stephen C. Smith, network manager with Keystone Mercy Health Plan in Philadelphia, chose PIX firewalls and other Cisco security offerings because his four-member team has 60 years of combined experience with its products. "We've got a comfort level with Cisco," he says. "It was kind of a no-brainer to put in what we know works and know how to manage."
Familiarity, however, isn't always desirable in the security world. Radianz, a financial services provider based in New York, runs a global network of about 25,000 Cisco routers and more than 100 of Juniper's NetScreen firewall appliances. Lloyd Hession, the company's chief security officer, specifically ruled out using PIX devices because their code base is "very similar" to that of the Internet Operating System (IOS), which powers nearly all of Cisco's network equipment.
"When you're betting your business on many thousands of Cisco routers," Hession says, "it's a good idea to not use technology from the same vendor to protect them."
On the other hand, when Cisco's products don't work together, it can't deflect the blame. Peter Simonsen, vice president of information systems with Arizona State Savings & Credit Union, says in the past Cisco's divisions were "isolated into silos" but that it now usually works quickly to resolve interoperability issues. "We've never had Cisco say, 'It's not our problem,'" he says.
But one area where Cisco has fallen short is its ability to manage multiple security devices. Even longtime Cisco shops complain about its management tools, which traditionally have had text-only, command-line interfaces. Mainly, they're too hard to use and prone to operator error, says John D. Halamka, CIO of CareGroup Healthcare System. "It's easy to do a 'fat-finger' command that does very bad things," he says.
That's old news, says Richard Palmer, head of Cisco's security products group. Such impressions are based on older Cisco management features, he says, noting that the latest version of the CiscoWorks VPN/Security Management Solution (VMS) software, released in mid-2003, lets administrators apply policies to groups of devices using a graphical interface. Says Palmer, "Sometimes customers will base opinions on data points that are outdated."
Cisco Operating Results*
* Fiscal year ends in late July
Source: company reports
Total assets: $35.59B
Stockholders' equity: $25.83B
Cash and equivalents:$3.72B
Long-term debt: None
Shares outstanding: 6.94B
Market value as of 9/24: $125.69B
**As of July 31, 2004, except as noted