Cisco Advances SourceFire and ASA Security Technology
At the Cisco Live conference this week, the networking giant has been aggressively promoting its Application Centric Infrastructure (ACI) vision and roadmap. Cisco has already announced ACI extensions for the data center and the cloud. Today the focus is on security.
The Cisco Advanced Malware Protection (AMP) platform is security technology Cisco gained as part of its $2.7 billion acquisition of SourceFire. Today Cisco announced the 5.3 release of AMP as well as a new private cloud appliance and endpoint security components.
Raja Patel, senior director for cloud security product management at Cisco, explained that for endpoints, a new AMP connector is required which will communicate with the Cisco analytics engine. In terms of hardware, Patel noted that AMP for FirePOWER is Cisco's network-based advanced malware protection appliance.
"It uses a cloud-based infrastructure for malware analysis, which is shared by all of the AMP products in our portfolio," Patel said. "The Private Cloud Appliance is for customers with strict data privacy requirements and concerns about using any cloud-based infrastructure to store and analyze data."
Patel explained that the Private Cloud Appliance is deployed on-premises and serves as an anonymized proxy between Cisco's AMP products and the cloud-based infrastructure to address the privacy concerns that some customers might have.
The SourceFire FirePOWER portfolio isn't the only Cisco Firewall technology that is getting an update. So too is Cisco's ASA firewall portfolio, which predates the SourceFire acquisition. One of the software updates is for the ASA 5585 appliance. The ASA 5585 first debuted back in 2008 as the top end of Cisco's firewall product lineup. The ASA 5585-X update came out in 2010, providing users with up to 35 Gbps of large-packet throughput for firewall performance and up to 350,000 connections per second.
Cisco is also announcing a new ASAv virtual firewall. Patel noted that it provides the ability to be deployed both as a traditional security gateway and as a security resource for SDN and ACI environments that can be dynamically stitched into application service chains. The ASAv will be able to run on a variety of hypervisors, including the Nexus 1000V, VMware, Xen, Microsoft Hyper-V, and KVM.
Cisco now has essentially two very different firewall technologies with the ASA and FirePOWER.
"There is no intersection between FireAMP and ASA, but there’s a longer-term roadmap about the two platforms that will be shared in the future," Patel said.
Another piece of the longer-term security roadmap that Cisco will need to also address is integration of FireAMP as well ASA appliances with the Application Centric Infrastructure (ACI) and Application Policy Infrastructure Controller (APIC), which is not part of the solution today.
Sean Michael Kerner is a senior editor at Enterprise Networking Planet and InternetNews.com. Follow him on Twitter @TechJournalist.