Cisco unveils three DNA network security technologies

Cisco has announced three new technologies for its Digital Network Architecture (DNA) solution to enable network engineers, application developers, channel partners, and IT customers to embed improved and simplified security within their network infrastructure layer: Umbrella Branch, Stealthwatch Learning Network License, and Meraki MX Security Appliances with Advanced Malware Protection (AMP) and Threat Grid.

All three are designed to improve mobility and cloud security threats, according to the networking giant.

The first technology, Cisco's Umbrella Branch cloud-delivered security software, provides businesses with increased control over guest Wi-Fi usage via content filtering. It can be activated on the Cisco Integrated Services Routers (ISR) 4,000 series, and works to filter and block malware, command and control (C2) callbacks, and phishing threats before they reach the network.

The company's second new DNA security technology, the distributed machine-learning Cisco Stealthwatch Learning Network, was acquired as part of Cisco's $452 million Lancope purchase.

It utilises what Cisco labels "adaptive security anomaly detection" to allow its ISR 4,000 series to analyse and identify malicious traffic and data on the network device to provide protection against threats.

"Stealthwatch Learning Networks -- this is the ability to simply upgrade software through branch infrastructure," David Goeckeler, senior vice president and general manager of Cisco's Networking and Security Business, said during the keynote speech by CEO Chuck Robbins at Cisco Live Las Vegas on Monday morning.

"All of your branch routers then work with each other to understand where anomalies are in the network, and search things that shouldn't be there."

Lastly, Cisco Meraki MX Security Appliances with AMP and Threat Grid form an enterprise unified threat-management (UTM) system that enables network administrators to locate, manage, and remediate security threats by combining Meraki cloud management with Cisco's threat-protection software. The solution works through an automated cloud-based system for checking files against cloud databases to locate and block malicious content.

"Organisations need to address the expanding threat landscape across mobility and cloud, while facing increasingly sophisticated security attacks," Jeff Reed, senior vice president of Networking Infrastructure and Solutions at Cisco, said.

"With DNA, Cisco is reinventing how we secure networks for the digital era by embedding advanced security capabilities into a single network architecture. But technology alone isn't enough; we are also preparing IT professionals with new skills, training network-savvy developers, and helping customers navigate the journey to digital-ready networks."

In addition to these three Cisco security services, Nectar Services also announced a quality-of-service (QoS) application for DNA.

The network monitoring, management, and diagnostic software provider optimises voice, video, and collaboration across Cisco Unified Communications Manager and Microsoft Skype for Business, which both run on Cisco-based networks.

"One of the fundamental challenges we consistently see in UC [unified communications] environments is the inconsistent deployment of QoS across the enterprise network that can negatively impact the end-user experience," said Nectar CTO Joseph Fuccillo.

"Nectar Evolution brings simplicity, automation, and repeatability that can ensure consistent end-to-end QoS in Cisco and Microsoft UC environments."

Nectar said it provides UC device agnostic configuration, reduced the total cost of ownership, and improves the overall UC and end-user experience by using its policy engine with a pre-determined QoS policy deployed by DNA.

DNA, first unveiled in March, allows engineers, developers, partners, and customers to build and manage what Cisco calls "digital-ready networks".

Cisco said the DNA announcement is the "most significant change" to its enterprise networking model ever, and flagged its intentions to build out a portfolio of security applications for the network-management solution.

Part of the Cisco One suite, DNA was designed to complement its Application Centric Infrastructure (ACI) for datacentre and connected clouds management. Along with the original announcement, Cisco outlined a new APIC-EM Automation Platform; the Cisco Plug and Play cloud automation service; intelligent WAN; network settings management labelled Easy Quality of Service; an upgraded version of its network operating system, named Cisco IOS XE, including network function virtualistion (NFV) for carriers to offer services; and analytics-as-a-service product CMX Cloud.

During his keynote, Robbins labelled security as being critical to Cisco's overarching strategy, with the company also announcing three other security products -- Cisco Umbrella Roaming, Defense Orchestrator, and Security for Digital Transformation -- also announced on Monday.

Disclosure: Corinne Reichert travelled to Cisco Live in Las Vegas as a guest of Cisco.