Cisco Beefs Up Network Automation, Shifting Further Away from Hardware Focus

Slew of new software-defined products and services aimed at networks and security

Kris Blackmon

February 24, 2017

5 Min Read
Cisco Tetration
A bicyclist rides by a sign that is posted in front of the Cisco Systems headquarters in San Jose, California. (Photo by Justin Sullivan/Getty Images)

the-var-guy-logo.png

By The VAR Guy

Cisco is betting big on guiding networking customers and partners through the digital transformation. This week, it’s announced a new line of firewalls, as well as additional products and services to its Digital Network Architecture (DNA) program, expanding its scope to help the channel leverage new automation and security technology in a consultative approach.

DNA’s integrated networking software offerings cover virtualization, automation, cloud service management, security and analytics under one umbrella and is a big shift in strategy for Cisco, says Jason Gallo, Global Director of Partner Software Business Development at Cisco. “Our former view of the network was very hardware-centric; you would have to maintain the network in a very manual way,” he told The VAR Guy. Because it was closed environment, any changes that needed to be made were reactive. DNA was a response to customer demand for more flexibility and automation in a software-defined ecosystem.

“Customers wanted a network that was much more software-driven. It should be automated so that the processes that they have can neatly fit and take some of that operational burden off it being so manual,” Gallo said. “It has to be programmable.”

Partnership with IDC

The newest innovations to DNA stem from research that Cisco developed in conjunction with research firm IDC that attempts to help customers benchmark their network readiness. The resulting model outlines five steps of network intelligence: best effort, manual, semi-automated, automated and self-driving. And it turns out that the number of businesses who rank among the highest levels of the model are few and far between.

Out of the 2,000 customers Cisco and IDC surveyed, nearly half fell into the level two “manual” stage. And only one percent qualified for the top level “self-driving” gold medal.

“From a partner standpoint, that's quite a large opportunity to help just about half your customers,” said Gallo, “ Really more than half if you include even the best effort to move up to a more digital ready network.”

The research led to the development of a guided assessment called the DNA Readiness Advisor, which shows users how they measure up against peers and geographies and identifies ways in which they can improve performance and rise in the rankings. Partners can walk customers through a consultative, half-day assessment using the tools, templates and data available in the Advisor, leveraging the platform to sell their own professional services. If a broader engagement is needed, they also have the option of bringing in Cisco-delievered DNA Advisor services.

The new products announced essentially extend Cisco’s DNA Virtualization suite across more points in the network, with new hardware platforms for customers looking to virtualize all their network functions, as well as a new agile exchange solution for virtualizing the network parameter.

In addition, Cisco has upgraded its security solutions for DNA, building them into the platform instead of offering them only as add-ons. The company has revamped its identity services engine to make onboarding network guests faster and easier and introduced a new DEFCON capability that allows network administrators to set different levels of lockdown in case of an attack.

Next-gen Firewalls

The new DNA security features were announced side-by-side with Cisco’s newest line of firewalls, Firepower 2100 series. Mark Bagley, Director of Product Management at Cisco, said the expanded architecture was developed in reaction to partner customer demand for scalable network security programs, especially for administrators who might not be IT security practitioners by default.

“They're spending more than they'd like to, and it's harder to manage the security that they do have deployed,” he told The VAR Guy. “They're of course dealing with efficacy challenges as well as they try to defend these environments. In many cases, they significantly over-provision their offerings to avoid the performance problems that are common with solutions at the price points they can afford.”

Bagley says there are two points to the new announcements that should be most interesting to the channel. First is the release of a new set of capabilities inside Cisco’s management framework called Threat Intelligence Director that supports the operationalization of third-party cyber threat intelligence into the network defense management platform. There are also new enhancements to Firepower Device Manager, the on-the-box management technology, which supports simple low touch provisioning for small use cases.

Cisco says that giving partners the ability to scale the distributed deployments and distribution of configuration will be particularly useful for our users trying to scale proof of value programs for customers’ next generation firewalls.

“It requires much lower levels of effort than it took previously to scale this type of experience,” said Bagley. “Not only are we excited about it for sort of the opportunity that it represents for the go-to-market perspective, we think this is going to help the channel make more money faster with our offerings.”

Dave Gronner, senior manager of security-go-to-market, global partner organization at Cisco, says there’s never been a better time for security partners to be in business. “My conclusion is this platform 2100 it fits in perfectly with the fact of security as an consultative-lead business for partners. It's not a box business. It's not a commodity business. Customers need someone to come in and help them guide them through what tomorrow's problems look like.”

Joe Leonard, Chief Information Security Officer at Presidio, says the Firepower 2100 represents next-gen firewall technology that’s key to helping customers navigate the digital transformation. The number of new devices and network connection points that come with mobile, the Internet of Things (IoT), social media and a myriad of line of business (LOB) applications mean many of Presidio’s customers may not have visibility into what’s going on in their infrastructure as far as access to sensitive data. Being able to give them that visibility increases Presidio’s value.

“It'll lead a lot of times to going back to look at where this gets placed into the network. We have to look at whatever their existing firewall is and how they migrate to the new firewall, to the 2100.” And that, he says, increases customer stickiness. “What does that migration strategy look like? What do they need to think about? We help them with the whole migration so that they can get on to the new platform.”

This article originally appeared on The VAR Guy.

Subscribe to the Data Center Knowledge Newsletter
Get analysis and expert insight on the latest in data center business and technology delivered to your inbox daily.

You May Also Like