SearchNetworking.com had a thought-provoking article yesterday by Shamus McGillicuddy about Cisco’s network security strategy. The concern that the market has is that, “As Cisco Systems expands into selling servers and consumer electronics, the company is also abandoning key security products, leaving some customers questioning its overall network security strategy.”
Freelance blogger and network architect Greg Ferro, who was at our network blogger day events earlier this week, commented in the article, "I have people questioning Cisco's viability in the market. The other vendors are pouring on the FUD as Cisco pulls out. It seems like they are throwing away market share."
As an HP enthusiast, it would be easy to jump on the bashwagon, but that would be too easy. Instead I’ll focus on some important points customers are facing today and some important decisions the HP security team is making.
Notably, these moves by Cisco are an acknowledgement that the network security market is very challenging, and evolving rapidly. In Cisco’s defense, they probably made some very early bets on security technology that didn’t pan out the way they hoped, notably Security Information and Event Management (SIEM), which they acquired, and NAC, which they developed largely in-house. That’s not to say there aren’t important features here, but they aren’t big growth generators. As security solutions are becoming more complex and addressing a wider range of threats and policy enforcement capabilities, it’s going to be difficult for large vendors to maintain a lead in all areas.
Since you can’t lead in all areas, major vendors like HP and Cisco will have to do three things: 1) paint a strategic direction for customers so they can invest long term, 2) focus on differentiating technologies where they want to lead, and 3) partner well. HP Networking is becoming more successful in each of these areas, especially since the acquisition of 3Com and TippingPoint. For example, TippingPoint is still the perceived leader in the IPS space and we continue to grow our investment here accordingly, focusing on our differentiation, and deepening the integration with HP. HP is also partnering in a number of areas where we don’t have industry-leading solutions, such as branch office UTM appliances.
HP is also taking the lead in security for virtualized data centers, which is a strategic direction for us and our customers. In my last blog post, I went into some detail about our Secure Virtualization Framework (SVF) which was very well received during our blogger day festivities, and stood out as a strong strategic advantage for HP Network Security. We will continue to define the technology direction here for the market, particularly as it relates to the data center. We don’t expect to invest in “me too” products that we’ll have to abandon later as they lag best-of-breed solutions.
But the security market is changing rapidly, particularly as security services that could be applied at desktop endpoints now are migrating into the network infrastructure (Intel, are you listening?). Shared networks, all the way up to multi-tenant clouds are shifting the way we have to think about network security and apply security policies. More and more, the network is becoming the focus for security enterprise wide. Expect more changes to come, and more shifting landscape in the network security space from all vendors.