Cisco beefs up SD-WAN with security in the cloud

Cisco announces new cloud-based security for SD-WAN at Cisco Live on Tuesday. (FierceTelecom)

SAN DIEGO, California—Cisco Live—Security is top of mind for enterprises as they move wide-area networking (WAN) from the edge to the cloud, but the industry needs to rethink how it does security in the cloud, according to Cisco's David Goeckeler.

During a Tuesday keynote address, Goeckeler, executive vice president of networking and security, said that his company has added security measures in the cloud for software-defined WAN (SD-WAN).

"You have the cloud and you start adopting SD-WAN," Goeckeler said. "When you start that adoption you start thinking 'Wait a minute all of my security technology is sitting at the edge of my network. That needs to be in the cloud as well.' We have to rethink how we deliver security in this cloud-first world."

Sponsored by Ribbon

Webinar: Identity Assurance – Restoring Your Customer’s Trust in the Phone

Learn about Ribbon Call TrustTM, an identity assurance solution that encompasses STIR/SHAKEN and on a per-call, real-time basis will: determine caller intent and identify bad actors from network and call data analytics; provide multi-dimensional reputation scoring using Machine Learning algorithms; and recommend optimal call validation treatment. And will do this for both IP and TDM phone calls. With Ribbon Call Trust™ you can defeat robocalls and fraud attacks, truly restoring your customer’s trust in the phone.

Last year, Cisco integrated an enterprise-class firewall into its on-premise SD-WAN appliances. At this year's Cisco Live, Gee Rittenhouse, senior vice president of Cisco’s security business, announced that his company has broadened its SD-WAN security approach into Umbrella, which is Cisco's secure internet gateway.

"We know that when you're considering your SD-WAN topography that security is top of mind. It's ours as well," said Rittenhouse, who was sharing the keynote stage with Goeckeler. "But we also know that you're choosing SD-WAN because you want to make the network more simple. The last think we want to do is force you to bolt on various security technologies that end of the day just complicate your network operations.

"Today we're very, very excited that we're extending this approach to Umbrella, the market leader in the cloud security space. So, whether you choose to secure SD-WAN in appliances or in the cloud, we've got you covered."

How it works

With the latest addition, Cisco is able to create one common policy for DNS for a firewall at a secure web gateway by using a dashboard. Brian Roddy, vice president and general manager of cloud security at Cisco, demonstrated how the intrusion system, which is powered by Cisco's Talos security, works.

Using Cisco's Viptela dashboard, a user can automatically send all of the DNS security policies to the cloud with a few clicks and then monitor them there.

RELATED: Cisco takes SD-WAN into colocation facilities

Cisco is able to create tunnels from the branch office to the cloud, and then provision the devices in that branch office with a few clicks. Once the system sees all of the traffic, it can look at cloud firewall polices across Layer 4 and Layer 7 to see what that traffic is doing. Cisco is in the process of adding its Sourcefire threat protection, which will be available in the coming month.

"Which means you'll be able to get application visibility and control as well as intrusion protection backed by Talos," Rittenhouse said.

Several months ago, Cisco added advanced malware protection from its security portfolio its SD-WAN solutions. Cisco sees a 90% drop in malware when it deploys its DNS security.

Suggested Articles

Vodafone Business announced this week that it has launched a new resource hub to help businesses bounce back from the impact of the COVID-19 pandemic.

CenturyLink's Shaun Andrews has a contrarian view in regards to how much the pandemic fueled digital transformations.

Data center provider Stream Data Centers is leaning on Cox Business' fiber network for its new data center campus in Goodyear, Arizona.