Cisco starts integrating Sourcefire for new approach to defeating malware

Cisco starts integrating Sourcefire for new approach to defeating malware

Summary: "We’ve got not only a proliferation of attack vectors but also an advanced set of adversaries willing to innovate themselves,” according to the SVP of Cisco Security.

SHARE:
fd-chambers-cisco

SAN FRANCISCO---You’re always being attacked in today’s world, argued Christopher Young, senior vice president of the Cisco Security Business Group.

That might come across as overly harsh -- even dramatic to some -- but it’s quite the reality (as far as the Internet is concerned) and could be the theme of the week going into the 2014 RSA Conference in San Francisco.

During a media presentation on Monday, Young admitted that is a big shift for the industry as well as Cisco.

"We’ve got not only a proliferation of attack vectors but also an advanced set of adversaries willing to innovate themselves,” Young reflected.

Putting a positive spin on increasingly bleak reality, Young posited that this is motivating the Cisco Security group by "adding to opportunities" as well as challenges.

"We’ve got not only a proliferation of attack vectors but also an advanced set of adversaries willing to innovate themselves,” Young reflected.

Young introduced some of the products that make up Cisco Security's roadmap for 2014, starting with briefly outlining the integration of some recent acquisitions being folded into Cisco’s security portfolio, such as security software firm Sourcefire last summer and Czech firm Cognitive Security earlier this year.

The first milestone for the Cisco/SourceFire integration is Advanced Malware Protection (AMP) Everywhere, which will bring SourceFire to all Cisco content gateways (IronPort email, cloud/web security, etc.).

The AMP package includes the new FirePOWER 8300 appliance series for enabling threat detection at higher network speeds, promising up to a 50 percent increase in inspected throughput and the ability to stop threats in real-time. Cisco executives defended that previous response periods were slowed down by countless levels of checks and requirements before taking reactive, not preventative, actions.

Supporting stackable configurations of up to four appliances, the FirePOWER 8300 series can deliver throughputs of up to 120 gigabytes per second when stacked.

Martin Roesch, Sourcefire's founder and now chief security architect of the Cisco Security Business Group, said simply, “It’s probably the coolest thing we’ve got right now."

The second debut stemming from the Sourcefire deal is OpenAppID, touted by Cisco to be the world’s first open source technology for cloud-based application detection and control.

Roesch described that OpenAppId provides a way to basically build next-generation open source firewalls.

There are already more than 1,000 Open AppID detectors are available in the Snort open source community.

Topics: Security, Cisco, Data Management, Networking, Enterprise 2.0

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

0 comments
Log in or register to start the discussion