Cisco beefs up SD-WAN with security in the cloud

Cisco announces new cloud-based security for SD-WAN at Cisco Live on Tuesday. (FierceTelecom)

SAN DIEGO, California—Cisco Live—Security is top of mind for enterprises as they move wide-area networking (WAN) from the edge to the cloud, but the industry needs to rethink how it does security in the cloud, according to Cisco's David Goeckeler.

During a Tuesday keynote address, Goeckeler, executive vice president of networking and security, said that his company has added security measures in the cloud for software-defined WAN (SD-WAN).

"You have the cloud and you start adopting SD-WAN," Goeckeler said. "When you start that adoption you start thinking 'Wait a minute all of my security technology is sitting at the edge of my network. That needs to be in the cloud as well.' We have to rethink how we deliver security in this cloud-first world."

FREE DAILY NEWSLETTER

Like this story? Subscribe to FierceTelecom!

The Telecom industry is an ever-changing world where big ideas come along daily. Our subscribers rely on FierceTelecom as their must-read source for the latest news, analysis and data on the intersection of telecom and media. Sign up today to get telecom news and updates delivered to your inbox and read on the go.

Last year, Cisco integrated an enterprise-class firewall into its on-premise SD-WAN appliances. At this year's Cisco Live, Gee Rittenhouse, senior vice president of Cisco’s security business, announced that his company has broadened its SD-WAN security approach into Umbrella, which is Cisco's secure internet gateway.

"We know that when you're considering your SD-WAN topography that security is top of mind. It's ours as well," said Rittenhouse, who was sharing the keynote stage with Goeckeler. "But we also know that you're choosing SD-WAN because you want to make the network more simple. The last think we want to do is force you to bolt on various security technologies that end of the day just complicate your network operations.

"Today we're very, very excited that we're extending this approach to Umbrella, the market leader in the cloud security space. So, whether you choose to secure SD-WAN in appliances or in the cloud, we've got you covered."

How it works

With the latest addition, Cisco is able to create one common policy for DNS for a firewall at a secure web gateway by using a dashboard. Brian Roddy, vice president and general manager of cloud security at Cisco, demonstrated how the intrusion system, which is powered by Cisco's Talos security, works.

Using Cisco's Viptela dashboard, a user can automatically send all of the DNS security policies to the cloud with a few clicks and then monitor them there.

RELATED: Cisco takes SD-WAN into colocation facilities

Cisco is able to create tunnels from the branch office to the cloud, and then provision the devices in that branch office with a few clicks. Once the system sees all of the traffic, it can look at cloud firewall polices across Layer 4 and Layer 7 to see what that traffic is doing. Cisco is in the process of adding its Sourcefire threat protection, which will be available in the coming month.

"Which means you'll be able to get application visibility and control as well as intrusion protection backed by Talos," Rittenhouse said.

Several months ago, Cisco added advanced malware protection from its security portfolio its SD-WAN solutions. Cisco sees a 90% drop in malware when it deploys its DNS security.

Suggested Articles

Ciena, Internet2 and Juniper Networks announced they have provisioned live traffic over a 1,367-mile circuit using a 400-gigabit Ethernet link.

Verizon Business is shielding its private IP networks by embedding a software-defined perimeter service to create a zero trust architecture.

Sprint teamed up with Ooma to deploy its new Omni phone business phone service that targets small-to-medium-sized businesses (SMBs).