Cisco beefs up SD-WAN with security in the cloud

Cisco announces new cloud-based security for SD-WAN at Cisco Live on Tuesday. (FierceTelecom)

SAN DIEGO, California—Cisco Live—Security is top of mind for enterprises as they move wide-area networking (WAN) from the edge to the cloud, but the industry needs to rethink how it does security in the cloud, according to Cisco's David Goeckeler.

During a Tuesday keynote address, Goeckeler, executive vice president of networking and security, said that his company has added security measures in the cloud for software-defined WAN (SD-WAN).

"You have the cloud and you start adopting SD-WAN," Goeckeler said. "When you start that adoption you start thinking 'Wait a minute all of my security technology is sitting at the edge of my network. That needs to be in the cloud as well.' We have to rethink how we deliver security in this cloud-first world."

Sponsored by Anritsu Company

Free eBook: Efficient Testing Will Contribute to Long-Term Success in the 5G Marketplace

As companies worldwide race to launch 5G successfully and avoid post-deployment setbacks, we see a massive rise in the demand for 5G test and measurement equipment. We will discuss how efficient testing can contribute to long term success in 5G marketplace.

Last year, Cisco integrated an enterprise-class firewall into its on-premise SD-WAN appliances. At this year's Cisco Live, Gee Rittenhouse, senior vice president of Cisco’s security business, announced that his company has broadened its SD-WAN security approach into Umbrella, which is Cisco's secure internet gateway.

"We know that when you're considering your SD-WAN topography that security is top of mind. It's ours as well," said Rittenhouse, who was sharing the keynote stage with Goeckeler. "But we also know that you're choosing SD-WAN because you want to make the network more simple. The last think we want to do is force you to bolt on various security technologies that end of the day just complicate your network operations.

"Today we're very, very excited that we're extending this approach to Umbrella, the market leader in the cloud security space. So, whether you choose to secure SD-WAN in appliances or in the cloud, we've got you covered."

How it works

With the latest addition, Cisco is able to create one common policy for DNS for a firewall at a secure web gateway by using a dashboard. Brian Roddy, vice president and general manager of cloud security at Cisco, demonstrated how the intrusion system, which is powered by Cisco's Talos security, works.

Using Cisco's Viptela dashboard, a user can automatically send all of the DNS security policies to the cloud with a few clicks and then monitor them there.

RELATED: Cisco takes SD-WAN into colocation facilities

Cisco is able to create tunnels from the branch office to the cloud, and then provision the devices in that branch office with a few clicks. Once the system sees all of the traffic, it can look at cloud firewall polices across Layer 4 and Layer 7 to see what that traffic is doing. Cisco is in the process of adding its Sourcefire threat protection, which will be available in the coming month.

"Which means you'll be able to get application visibility and control as well as intrusion protection backed by Talos," Rittenhouse said.

Several months ago, Cisco added advanced malware protection from its security portfolio its SD-WAN solutions. Cisco sees a 90% drop in malware when it deploys its DNS security.

Suggested Articles

Rogers Communications really, really wants to get its hands on Cogeco, despite being told there's no interest to sell from Cogeco.

With a one-time infusion of $80 billion from Congress, and roughly $10 billion every year, every American citizen can be connected to broadband.

DriveNets put its Network Cloud software router through its paces during performance testing with a Tier 1 European service provider.