RSA: Cisco’s Chambers urges system-wide security

SAN FRANCISCO – Cisco Systems President and Chief Executive Officer John Chambers on Wednesday told attendees at the RSA Conference here that for security, point products just won’t do the job.

Security requires a system-wide approach, especially as applications and computing resources are increasingly distributed across networks, Chambers said in a keynote address that highlighted hardware and software products Cisco announced Tuesday at the show. They included five intrusion protection appliances, software for Cisco’s routers and switches, a VPN (virtual private network) concentrator and updated software for the company’s PIX firewall platform. The process of identifying and blocking network attacks will work the same way across the appliances, the software and the firewall, the company said Tuesday.

Attacks are affecting networks too quickly for IT staff or strictly reactive products to respond, and the nature of the threats is changing too rapidly for defenses based just on already identified threat profiles, Chambers said.

“It’s going too fast and (getting) too complex, and it’s getting harder and harder to get our arms around it,” he said. “You can’t approach this problem with pinpoint products” that IT professionals have to integrate, Chambers said. The system has to be able to identify and adapt to new threats.

“It has to move to an adaptive threat defense, not a reactive threat defense,” he said.

Cisco has long advocated an end-to-end systems approach to building networks, one that favors a giant such as Cisco that sells most elements of local and wide-area IP (Internet Protocol) networks. It’s more important to build a complete, manageable system than to save money on individual products, because purchase price makes up only 25 percent to 35 percent of total cost of ownership, while support represents up to 50 percent, Chambers said Wednesday.

The San Jose, California, company will continue to move aggressively into security, a big concern for users that took Cisco and other vendors by surprise around 2000, Chambers said. Cisco will use a three-pronged strategy to keep on the cutting edge of the field, he said.

“The old IBM 20-years-ago philosophy — ‘I’ll come in late and become number one’ — we all know, doesn’t work,” said Chambers, who cut his teeth in the IT industry as an IBM  mainframe salesman in the late 1970s.

“You will see us acquire very aggressively, you will see us partner very aggressively and you will see us innovate probably two-thirds of the products ourselves,” Chambers said.

Michael Mohn, a technology strategist at Sempra Energy, an electric utility company in San Diego, agreed with Chambers’ view that security systems have to be built into the network and be based on forward-thinking policies rather than reaction. Mohn, a Cisco customer, said intrusion into power grid control systems and theft of customer information show up brightest on Sempra’s security radar.

“Companies spend an inordinate amount of time doing damage control,” needlessly racking up labor costs, Mohn said in an interview following the keynote. “We don’t want to spend that money.”