Cisco Lays Out Plan for Sourcefire Acquisition

    Slide Show

    Five Questions to Ask When Choosing a Vulnerability Management System

    Security today requires a multi-layer approach, where all the elements of defense actually share intelligence about attacks and potential threats.

    With that in mind, Cisco has plugged a gap in its security framework by completing its acquisition of Sourcefire, a provider of intrusion prevention systems (IPS). Bret Hartman, Cisco CTO of security, says Sourcefire will play a major role in an emerging layered approach to security that will be tightly integrated with Cisco networking equipment.

    Hartman says this will be critical because networking is the only part of the IT environment that is both pervasive and relatively stable enough to provide a platform through which security polices can be consistently applied. In contrast, Hartman notes that endpoint environments are constantly evolving and changing, while many cloud service providers have given the security requirement short shrift.

    Hartman says Cisco will integrate Sourcefire via application programming interfaces while continuing to make sure that contributions are made to the open source Snort codebase upon which Sourcefire IPS offerings depend.

    Security at the network level, says Hartman, doesn’t preclude adding additional security elsewhere in the enterprise. It just means that any approach to threat management is going to require integrated security at the network level. That approach, says Hartman, is not only going to be more effective, it will also be less costly because the number of security products and vendors that need to be managed will be reduced. In fact, Hartman says it’s the seams between all those different security technologies that hackers are exploiting most, which is why Cisco felt compelled to add stronger IPS capabilities to its portfolio.

    Sourcefire, says Hartman, will be part of an ongoing effort to identify threats, and also remediate the vulnerabilities those threats target. As part of a growing field of security intelligence offerings, the idea is to not only identify threats, but also substantially limit the amount of time an enterprise is exposed to them.

    Ultimately, the goal isn’t to eliminate all security threats, which would be almost impossible to achieve. Instead, as the cost of launching successful attacks continues to rise, the economics of launching such attacks becomes a lot less attractive. Then, the number of individuals and organizations that can afford to launch such attacks should fall, which theoretically should result in a drop in the number of overall attacks.

    Given the nature of the IT security arms race and all the automation tools that hackers have at their disposal, whether that actually occurs remains to be seen. But the one thing that is for certain is that the vast majority of those attacks would be a lot less troublesome than they are today.

    Mike Vizard
    Mike Vizard
    Michael Vizard is a seasoned IT journalist, with nearly 30 years of experience writing and editing about enterprise IT issues. He is a contributor to publications including Programmableweb, IT Business Edge, CIOinsight and UBM Tech. He formerly was editorial director for Ziff-Davis Enterprise, where he launched the company’s custom content division, and has also served as editor in chief for CRN and InfoWorld. He also has held editorial positions at PC Week, Computerworld and Digital Review.

    Latest Articles