RSA: Cisco's Chambers urges systemwide security

IDG News Service - Cisco Systems Inc. President and CEO John Chambers yesterday told attendees at the RSA Conference in San Francisco that in security, point products just won't do the job.
Security requires a systemwide approach, especially as applications and computing resources are increasingly distributed across networks, Chambers said in a keynote address that highlighted hardware and software products Cisco announced at the show. Those products included five intrusion-protection appliances, software for Cisco's routers and switches, a VPN concentrator and updated software for the company's PIX firewall platform. The process of identifying and blocking network attacks will work the same way across the appliances, the software and the firewall, the company said Tuesday.
Attacks are affecting networks too quickly for IT staff or strictly reactive products to respond, and the nature of the threats is changing too rapidly for defenses based just on already identified threat profiles, Chambers said.
"It's going too fast and [getting] too complex, and it's getting harder and harder to get our arms around it," he said. "You can't approach this problem with pinpoint products" that IT professionals have to integrate. Systems have to be able to identify and adapt to new threats.
"It has to move to an adaptive threat defense, not a reactive threat defense," he said.
Cisco has long advocated an end-to-end systems approach to building networks, one that favors a giant such as Cisco that sells most elements of local- and wide-area IP networks. It's more important to build a complete, manageable system than to save money on individual products, because purchase price makes up only 25% to 35% of total cost of ownership, while support represents up to 50%, he said.
The company will continue to move aggressively into security, a big area of concern for users that took Cisco and other vendors by surprise around 2000, Chambers said. Cisco plans to rely on a three-pronged strategy to keep on the cutting edge of the field, he said.
"The old IBM 20-years-ago philosophy -- 'I'll come in late and become No. 1' -- we all know, doesn't work," said Chambers, who cut his teeth in the IT industry as an IBM mainframe salesman in the late 1970s.
"You will see us acquire very aggressively, you will see us partner very aggressively, and you will see us innovate probably two-thirds of the products ourselves," Chambers said.
Michael Mohn, a technology strategist at Sempra Energy, an electric utility in San Diego, agreed with Chambers' view that security systems have to be built into the network andbased on forward-thinking policies rather than reactive efforts. Mohn, a Cisco customer, said intrusion into power grid control systems and theft of customer information show up brightest on Sempra's security radar.
"Companies spend an inordinate amount of time doing damage control," needlessly racking up labor costs, Mohn said in an interview following the keynote. "We don't want to spend that money."