Cisco beefs up SD-WAN with security in the cloud

Cisco announces new cloud-based security for SD-WAN at Cisco Live on Tuesday. (FierceTelecom)

SAN DIEGO, California—Cisco Live—Security is top of mind for enterprises as they move wide-area networking (WAN) from the edge to the cloud, but the industry needs to rethink how it does security in the cloud, according to Cisco's David Goeckeler.

During a Tuesday keynote address, Goeckeler, executive vice president of networking and security, said that his company has added security measures in the cloud for software-defined WAN (SD-WAN).

"You have the cloud and you start adopting SD-WAN," Goeckeler said. "When you start that adoption you start thinking 'Wait a minute all of my security technology is sitting at the edge of my network. That needs to be in the cloud as well.' We have to rethink how we deliver security in this cloud-first world."

FREE DAILY NEWSLETTER

Like this story? Subscribe to FierceTelecom!

The Telecom industry is an ever-changing world where big ideas come along daily. Our subscribers rely on FierceTelecom as their must-read source for the latest news, analysis and data on the intersection of telecom and media. Sign up today to get telecom news and updates delivered to your inbox and read on the go.

Last year, Cisco integrated an enterprise-class firewall into its on-premise SD-WAN appliances. At this year's Cisco Live, Gee Rittenhouse, senior vice president of Cisco’s security business, announced that his company has broadened its SD-WAN security approach into Umbrella, which is Cisco's secure internet gateway.

"We know that when you're considering your SD-WAN topography that security is top of mind. It's ours as well," said Rittenhouse, who was sharing the keynote stage with Goeckeler. "But we also know that you're choosing SD-WAN because you want to make the network more simple. The last think we want to do is force you to bolt on various security technologies that end of the day just complicate your network operations.

"Today we're very, very excited that we're extending this approach to Umbrella, the market leader in the cloud security space. So, whether you choose to secure SD-WAN in appliances or in the cloud, we've got you covered."

How it works

With the latest addition, Cisco is able to create one common policy for DNS for a firewall at a secure web gateway by using a dashboard. Brian Roddy, vice president and general manager of cloud security at Cisco, demonstrated how the intrusion system, which is powered by Cisco's Talos security, works.

Using Cisco's Viptela dashboard, a user can automatically send all of the DNS security policies to the cloud with a few clicks and then monitor them there.

RELATED: Cisco takes SD-WAN into colocation facilities

Cisco is able to create tunnels from the branch office to the cloud, and then provision the devices in that branch office with a few clicks. Once the system sees all of the traffic, it can look at cloud firewall polices across Layer 4 and Layer 7 to see what that traffic is doing. Cisco is in the process of adding its Sourcefire threat protection, which will be available in the coming month.

"Which means you'll be able to get application visibility and control as well as intrusion protection backed by Talos," Rittenhouse said.

Several months ago, Cisco added advanced malware protection from its security portfolio its SD-WAN solutions. Cisco sees a 90% drop in malware when it deploys its DNS security.

Suggested Articles

FierceWireless announced the 2019 Innovation Award Winners last week.

Cumulus Networks has released Cumulus Linux 4.0, which is its network OS, and version 2.4 of its NetQ network operations toolset.

Aryaka has expanded its suite of managed SD-WAN offerings and announced its SD-WAN will be available for regional deployments starting early next year