500-551 information - Cisco Networking: On-Premise and Cloud Solutions

Cisco Systems Inc. will hold its annual Cisco Live user event next week in Las Vegas as the networking giant is coming off an impressive quarter in which Chief Executive Chuck Robbins (pictured) set a more than positive outlook for the company.

Given that the secular trends of cloud, mobility and hybrid work act as long-term tailwinds, I’m expecting the company to load up this year’s Cisco Live with announcements that sets itself up for many years. Here are some of the key themes I’m expecting from Cisco Live 2023:

Security evolution

Of all the product areas, I’m most interested to see what Cisco announces in security. In my security platform post, I mentioned that security provides the biggest needle-moving opportunity, since the company currently has single-digit share in a massive market. For Cisco, security innovation is less about new products and more about integration across its broad range of existing products.

The company announced XDR at the RSA Conference recently, and now it needs to build on that to make using Cisco security operationally simpler. Also, the prevailing trend is now toward a security platform, so any coupling that Cisco can do to tie security to its massive network installed base will only help it gain on the likes of Palo Alto Networks Inc. and Fortinet Inc.

The new security leadership at Cisco, which includes Jeetu Patel and Tom Gillis, seems well aware of what’s at stake. I’m hopeful that when Cisco Live is over, security will dominate the product news.

Artificial intelligence

One can’t go to an event this year without hearing about AI. Although I’m not expecting Cisco to hit the audience over the head with AI, I do expect it will be a major theme of how it will use it to evolve its products.

In reality, Cisco has been using machine learning and AI for years to modernize its products. Its encrypted traffic analytics uses AI, as does its XDR offering. Cisco Webex uses AI for many core features, including noise block, transcription and translation. Also, its network automation and intent-based capabilities require AI to translate network telemetry into actionable tasks.

I’m sure most of the products announced at Cisco Live will include AI in some manner. The only question is how overt Cisco will be about it, given the current market hype.

The other aspect of AI that could be introduced is generative AI and how Cisco will use it to Boost its products. The tie-in to Webex is obvious, as a worker can use it to find information or create content. With networking and security, Cisco’s operational dashboards could feature a ChatGPT-like interface to identify and solve problems. Given the R&D time required with infrastructure, I’m not expecting a big dose of generative AI.

Continued simplification of networking

If there were a market tracker for “single panes of glass,” Cisco would be the runaway leader, as it seems to have a dashboard for everything. At Cisco Live 2022, the company took its first step in addressing this by integrating Catalyst and Meraki, where administrators could see Catalyst devices in the Meraki dashboard.

We are a year removed from that, and we should see product areas addressed, including Cisco Spaces (formerly DNA), Viptela SD-WAN and Wi-Fi. Like with security, product breadth isn’t Cisco’s problem because it has a broader portfolio than any other network vendor, but it has made it operationally very difficult for customers to use multiple Cisco products. The pace of change in information technology is faster than ever, and improved cross-platform operations will help Cisco network engineers align operations with business demands.

More ThousandEyes and AppDynamics

ThousandEyes and “AppD” enable Cisco customers to “see” where no network engineer has seen before. ThousandEyes provides visibility across the internet, which wasn’t necessary a decade ago, but the cloud and software-defined wide-area network changed that. IT pros are responsible for user and customer experience, and the internet is widely used for business traffic, making it critical for network professionals to have granular visibility.

AppD is an application performance product, and one might wonder why a network vendor would care about apps. An understanding of application behavior can help network and security pros prioritize tasks. For example, its business risk observability offering announced at Cisco Live EMEA earlier this year can map vulnerabilities and threat intelligence to business context, helping security engineers understand where to prioritize activities. AppD information should be the lens through which almost all Cisco information is viewed, as it can translate between telemetry and business performance.

Environmental, social and governance update

Cisco has had a strong focus on ESG long before it was in vogue. Its mission of making the world a better place dates back decades to when then-CEO John Chambers used to talk about how the internet could be used to democratize education, creating opportunities where none existed before. Under Robbins, Cisco has stepped up its ESG game with aggressive goals of the number of people it could positively affect.

There hasn’t been a Cisco Live under Robbins where ESG hasn’t been a key course area, and I have no reason to assume that will change. Of all the areas that fall under ESG, sustainability is the one many businesses struggle with today. At IBM Think, CEO Arvind Krishna highlighted that its data showed that there was a massive gap between their customer’s goals and their ability to execute on those goals.

Cisco has been designing its product with sustainability in mind, including power-saving and efficiency features. The exhibit hall at Cisco Live EMEA featured a sustainability zone, and I would expect the same in Las Vegas to help customers understand what’s possible today.

I’m sure there will be some new products announced at Cisco Live, but the theme of this year’s event should be cross-product innovation. At $60 billion in revenue, Cisco has a massive portfolio of products that address everything from data centers to telco networks to cloud to campus networks. Cisco leadership has continually touted the importance of making the products easier to use, which is not a trivial thing to do, but it is what I’m expecting at Cisco Live 2023 in Las Vegas.

Zeus Kerravala is a principal analyst at ZK Research, a division of Kerravala Consulting. He wrote this article for SiliconANGLE.

Photo: Cisco/livestream

With a nearly $60 billion revenue run rate, growing at 14% and throwing off more than $5 billion in operating cash last quarter, Cisco Systems Inc. has an awesome business.

But customers are vocal about the complexity of Cisco’s portfolio and, if their concerns are not addressed head on, the company risks encountering friction beyond just economic headwinds. We believe Cisco’s challenges are most decidedly not product breadth and depth. Rather, the company’s mandate is to integrate the piece parts of its intricate offerings to create more facile and seamless experiences for customers.

In this Breaking Analysis and ahead of Cisco Live in Las Vegas June 4-8, we dig deeper into Cisco’s business and double-click on three key areas of its portfolio: 1) security; 2) networking; and 3) observability. We have spending data from Enterprise Technology Research and a guest appearance from SiliconANGLE contributor and market watcher Zeus Kerravala, principal at ZK Research.

Stocks of pure-play competitors outperforming Cisco year-to-date

Let’s start by doing some stock market comparisons.

The chart above shows year-to-date comparisons among Cisco, Palo Alto Networks Inc., Arista Networks Inc., Extreme Networks Inc. and the Nasdaq Composite. As you can see, the pure plays, as well as the NAS, are outperforming Cisco by a wide margin. That’s despite Cisco’s double-digit growth last quarter, 65% growth margins and a $200 billion market cap.

The reason is Chief Executive Chuck Robbins set modest expectations for 2024, which, when modeled out relative to Cisco’s longer-term outlook, suggest slowing momentum in the near- to mid-term. In addition, we believe the breadth of Cisco’s portfolio, while a key strength, also creates adoption challenges for the company’s customers.

What follows is a summary of how Kerravala interprets this data.

Kerravala sees this as a nuanced comparison between Cisco, a behemoth with an impressive cash generation capability, and smaller companies such as Arista and Extreme. Despite acknowledging the fair comparison, he suggests a lack of completeness, emphasizing that though smaller entities may capture the benefits of a market trend more swiftly, Cisco’s broad scope often hampers its ability to do so. But Cisco throws off more operating cash in a quarter than these companies generate in annual revenue.

He used the example of Zoom Video Communications Inc. and RingCentral Inc., noting how Cisco’s performance paled in comparison two years ago, but the tide has turned since then, with the unified communications sector waning, but Cisco thriving in relative terms.

Kerravala believes Cisco’s breadth and stability make it a safe investment bet, but its size prevents it from realizing the rapid growth that smaller, more specialized companies can. The broad spectrum of markets that Cisco operates in implies a reduced likelihood of success across all these fronts simultaneously.

Watch Zeus Kerravala comment on the comparisons between Cisco and the pure plays.

Cisco’s complex business remains anchored in core networking

The table below represents the contribution of Cisco’s lines of business as reported in its financials. As we said at the top, 14% revenue growth is pretty astounding for a company of Cisco’s size. With tough comps ahead, it’s unlikely Cisco can keep up this pace.

Networking makes up more than half of Cisco’s revenue, but the company is growing its software contribution, which is just under 30% today, and its annual recurring revenue accounts for more than 40% of revenue, which gives the company better visibility on the future. This all helps prop up Cisco’s alluring 65%-plus gross margin model, which unlike many of its large incumbent competitors has held up well over decades. Moreover, Cisco’s shift to a recurring revenue and subscription model has been executed quite well compared with many firms (some much smaller, such as Splunk Inc.), which have struggled with that transition.

To break this down further, examining Cisco’s 10-K provides the following added context:

Secure, Agile Networks comprise core networking, switching, routing, wireless and compute. This includes products such as Catalyst, Nexus, Meraki and Cisco’s software-defined wide-area network products.

Internet for the Future includes optical networking, 5G, in-house silicon and optics solutions. This includes products such as the Cisco 8000, NCS 5500 and ASR 9000 series.

Collaboration includes Webex and call center solutions.

End-to-End Security comprises network security, cloud security, endpoint, threat management and zero-trust solutions.

Optimized Application Experiences includes AppDynamics, ThousandEyes and Intersight.

Here are Kerravala’s thoughts on Cisco’s portfolio, the challenges they face and what’s needed going forward:

His analysis suggests that Cisco is challenged to create interoperability and cross-platform optimization despite its wide array of excellent products. He notes that even within Cisco’s own ecosystem, products such as Webex, Meraki and Catalyst do not necessarily provide a significantly better experience on Cisco’s network than competing products. Despite its ownership of Meraki for nine years, only last year did Cisco permit customers to view Catalyst devices on the Meraki dashboard, a development credited to the unification of the two lines under General Manager Todd Nightingale. Kerravala pinpoints political dynamics, internal friction and business unit structures as contributing factors to simpler execution.

In terms of future improvements, the consolidation of mass scale, Internet for the Future, and Secure Agile Networks under John Davidson should lead to better interoperability between the telecom and enterprise sides. Although Cisco possesses a portfolio of impressive products, including Kenna, AnyConnect, Talos, Meraki and Catalyst, these do not coalesce to form a comprehensive Cisco platform story.

However, steps are being taken to address this gap, such as the announcement of the XDR solution at the recent RSA Conference, Cisco’s first cross-security solution. Kerravala posits that Cisco’s focus should be on creating a synergistic portfolio where the collective value exceeds the sum of the parts, as opposed to having to compete fiercely on a product-by-product basis.

Watch Zeus Kerravala unpack Cisco’s vast portfolio and how they can simplify.

Spending data underscores the macroeconomic impact on Cisco’s overall business

The ETR spending data for Cisco, at a high level, shows what virtually all tech companies are facing: a decrease in the percentage of customers that are spending more relative to last year.

The candlestick chart above shows the granularity of Net Score, ETR’s proprietary spending metric that measures customer spending patterns. Of the 1,700 information technology decision makers in the most recent ETR survey, more than 1,000 are Cisco customers – so we have a nice sample. The lime green is the percentage of those customers adding Cisco new, the forest green represents those spending 6% or more relative to last year, the gray is flat spend, the pink is spending down 6% or worse and the bright red is churn. Subtract red from green and you get Net Score, which is the blue line.

You can see the steadily declining trajectory because of the gray and the reds increasing. The brown line is the pervasiveness in the overall data set, which has actually held up well. Cisco has a massive installed base and it is stable, although more customers are leaving than are being added within this survey. Remember, this survey doesn’t measure spending amount, only the percentage of customers in each bucket.

We asked Kerravala if this accurately reflects his view of the market and is the deceleration a function of economic headwinds, complexity or both? What follows is a list of his key takeaways:

• The competitive dynamics in the networking industry have significantly shifted, with Cisco now facing more formidable rivals such as Arista, Fortinet Inc., VMware Inc. and Extreme Networks.
• The entry of cloud companies and Aruba into the networking market introduces additional competitive pressures.
• These industry changes necessitate sharper sales execution from Cisco, as it can no longer rely on competitors’ missteps to retain its advantage.
• In light of this more complex competitive landscape, Cisco’s strategy must evolve to distinguish itself effectively and maintain its leading position.

I do think a lot of what you’re looking at there is more credible vendors are in market and that requires much sharper sales execution than it did before. Because Cisco can’t just show up and compete on the fact that the other companies are going to mis-execute, which is what they had the luxury of doing for a long time.

Watch Zeus Kerravala comment on Cisco’s spending momentum data in the ETR survey and the changing nature of the competitive dynamics.

Cisco’s center of gravity starts with core networking

Let’s drill into the segment data, starting with networks.

The chart above shows Net Score or spending velocity on the vertical axis and pervasiveness in the data set on the horizontal axis. The red dotted line at 40% indicates a highly elevated Net Score. We’ve highlighted Cisco overall and Meraki, a company Cisco bought in 2012 to help better control network devices.

As is evident, Cisco stands out as the clear leader here in both presence (X axis) with very respectable customer spending velocity on its products (Y axis). In fact, we saw earlier a 29% year-on-year revenue growth figure from last quarter in networking. That is amazing for such a large business. As Cisco works through its backlog, it creates uncertainty in the forecasts, but underlying demand for Cisco’s networking products is sound.

As well, you can see a number of other companies here, including Hewlett Packard Enterprise Co.’s Aruba, Arista, VMware with NSX and a number of others, including Cloudflare Inc., which all are hovering near the elevated 40% line.

Kerravala laid out his thoughts as follows:

He is critical of Cisco’s approach to its Meraki and Catalyst product lines, not on the merit of their features and value but on the lines between them. He asserts that customers should not have to choose between them. He suggests a unified hardware line that offers customers the flexibility to manage it either through Meraki or the command-line interface, or CLI. Currently, a switch from Meraki to Catalyst necessitates a complete hardware overhaul, a problem that could be resolved by a common set of hardware compatible with both management methods.

Further, Kerravala notes that Cisco’s potential to integrate data center, campus and Wi-Fi certifications to Boost the user experience has yet to be fully realized. While some integration has occurred at the campus level, the data center side remains separate. He concludes that networks should deliver applications and experiences as a single, unified entity instead of being sold as separate silos, an approach that contributes to unnecessary complexity.

His key analysis points include:

• Cisco should offer a unified hardware line for customers, which could be managed either through Meraki or CLI, mitigating the need for a hardware overhaul when switching between the two.
• By integrating data center, campus, and Wi-Fi certifications, Cisco could enhance the overall user experience.
• The current siloed approach to network products adds unnecessary complexity, which could be addressed by treating the network as a single, unified entity focused on delivering applications and experiences.

Watch Zeus break down the Cisco’s networking challenges and thoughts on how it can simplify.

Security is perhaps Cisco’s best upside opportunity

Let’s shift gears and look into the all-important and exceedingly crowded security sector.

Above we show the ETR spending data in the security market – same dimensions – Net Score on Y and Pervasion on the X. Microsoft Corp. is in the upper right and skews the data, but you can see Cisco has a major presence. As do Palo Alto Networks and Splunk. All credible on the vertical axis.

The leaders in presence are below the 40% line, but that’s expected for such large companies. The squiggly line represents Cisco’s path over the past 10 quarters. There is no debate that the company is very strong in security, but we believe it needs to do a better job consolidating the piece parts and simplifying customer outcomes.

Note that Cisco doesn’t have the spending velocity of the pure plays such as CrowdStrike Holdings Inc., Okta Inc., Zscaler Inc., CyberArk Software Ltd. and SailPoint Technologies Inc. — or even Cloudflare – but its Net Score is respectable. Cisco also just purchased Armorblox Inc., which uses artificial intelligence to reduce email and other risks.

In many ways we think Cisco could be a leader in the security supercloud, bridging on-premises, multiple clouds and edge security experiences.

The following summarizes Keravala’s thoughts:

Kerravala claims Cisco has succeeded in cybersecurity despite itself but has a great opportunity if it can address some of the stovepipe challenges.

The emerging observability opportunity

Let’s now dig into observability, which is sort of the confluence of log analytics, application performance management, monitoring and related fields. Cisco has a major stake in this business through its acquisitions of AppDynamics and ThousandEyes.

Before we look at the spending data, here’s what one customer said in an ETR roundtable about this topic:

This is a head of engineering… a customer who says I’m sticking with AppD. This person references the value of the ThousandEyes acquisition along with AppD and security. The application-centricity is an attractive dynamic to this Cisco shop. SecureX is Cisco’s integrated security play, which admittedly needs more and better integration. But basically in the second quote this person calls out the attractiveness and value of a single platform. If you’re a Cisco shop. And if not it’s a “free game” – perhaps implying a free-for-all of complexity.

AppD has been maybe the biggest wasted opportunity for Cisco since they’ve acquired it. I really expected AppDynamics to become the tip-of-the-arrow sale for Cisco… and I would like to see AppD become a lead sales tool across Cisco’s portfolio. – Zeus Kerravala

Watch Kerravala’s commentary on Cisco’s observability play with ThousandEyes & AppD.

Comparing key observability players’ spending profiles

Let’s get into the ETR data. ETR doesn’t have a full-stack observability category, but through this next view below we’re able to bring in various companies that are hovering around the space to see their relative positions.

It’s a similar chart above where we show Net Score against pervasiveness in the data. And we’ve plotted Splunk, Datadog Inc., Elastic N.V., Grafana Labs, Dynatrace Inc. and New Relic Inc.. You can see AppDynamics, which Cisco bought in 2017 for almost $4 billion. And it introduced Intersight shortly thereafter as a visualization and orchestration tool. But there were still holes in the portfolio as the market moved to full-stack observability, so Cisco bought ThousandEyes during the COVID pandemic for about $1 billion. Then it sort of strung them together with an overlay, but the story is not over.

Cisco has an opportunity to really take these pieces and integrate them across the portfolio in a potentially game-changing way. At least in the manner that one customer described earlier – especially for Cisco shops.

Kerravala’s primary argument is that Cisco needs to deliver on the vision of full-stack observability and streamline its multitude of single-pane-of-glass solutions into a unified, intuitive dashboard. The diverse range of visibility tools it currently offers could be more effectively utilized if they were integrated into one comprehensive system, with AppD serving as the principal lens. Operational specifics could then be accessed through drill-down features, allowing for a more organized and efficient user experience.

Kerravala’s key takeaways on observability:

• Cisco must make good on its promise of full-stack observability.
• The current multitude of Cisco’s single-pane-of-glass solutions should be streamlined into a unified dashboard.
• AppD should be the main view, with the ability to drill down into the other specific tools.
• He recognizes that Cisco already has all the necessary components; the challenge lies in integrating them into a cohesive system.

Kerravala comments on Cisco’s many panes of glass.

What to watch at Cisco Live 2023

Kerravala just published a “Know before you go” post on SiliconANGLE, outlining his thoughts on what to expect at Cisco Live. Let’s review that and what we’ll be looking for next week.

Whither AI for Cisco?

A key question is how Cisco will handle AI. These days, brands run the risk AI washing, but if you bury the AI lede, you look less relevant. In our view, Cisco at the very least has to use AI to make Cisco infrastructure run better and more secure through automation and better management.

Here’s a summary of key points from our conversation with Zeus on what to expect from Cisco Live in terms of AI:

• We don’t expect Cisco to brand itself as an AI company like Nvidia Corp. or even IBM Corp.’s attempts to do so. Instead, AI will remain an integral part of their overall toolkit used to build their products.
• AI has been part of Cisco’s portfolio for a while. It underpins products such as intent-based networking and Encrypted Traffic Analytics, which uses AI to detect malware in encrypted traffic.
• The company’s collaboration portfolio is also AI-rich, but it is considered more of an operational tool rather than a product that’s sold separately.
• AI might be highlighted more during keynotes due to current hype, but it’s not the company’s primary focus.
• The use of AI, such as a ChatGPT-like interface, could be beneficial for Cisco’s operations, like using Webex to find information or for network operations to identify areas in need of upgrades. This would essentially make their portfolio more user-friendly.
• Natural language processing can simplify interfaces, relieving the load from high-level engineers and delegating tasks to tier one or two support.

The security opportunity calls for Cisco

We’ll be watching the security space closely. We believe it’s a mandate that Cisco integrate its vast portfolio across on-prem, all the major clouds and out to the edge. Palo Alto Networks has the leg up on consolidation in our opinion, but Cisco has such a major presence that it can do very well in this area, coming at the problem its strength in networking.

Here’s a summary of what we think Cisco needs to do in security and what we’ll hear at Cisco Live:

• Security is important because it offers the most substantial growth potential for Cisco, as it is a single-digit player in a market projected to be worth $75 billion-plus.
• Even a slight increase in market share, such as reaching 10%, would greatly boost Cisco’s revenue.
• The long-term vision is to have Cisco’s security share match its network share, and to have Cisco network and Cisco security working together for improved risk identification and resolution.
• We hope to see more integration of Cisco’s cloud security products to create a more unified and user-friendly experience.
• The security industry often makes the user the integration point, which can lead to confusion and inefficiency. This needs to be addressed by the industry at large and Cisco has an opportunity to attack this problem.
• Cisco is in a unique position to make security more user-friendly and seamless because it owns the network and can embed a lot of security features into it.
• We anticipate hearing more about Cisco’s progress on its vision for security and expect to see more of the product roadmap at the upcoming event.

Can Cisco be the supercloud network?

Core networking is always a the forefront of Cisco Live. I keep coming back to the supercloud concept – a singular experience across clouds in a cloud-native fashion. Can Cisco bridge the legacy world of apps and infrastructure with cloud-native?

• Cisco is not going to become a cloud provider like Amazon Web Services Inc., but it has the potential to be an abstraction layer that enables the concept of a “supercloud.”
• A network supercloud would allow customers to use multiple cloud providers, edge locations, and private data centers seamlessly as one logical cloud.
• Traditional cloud providers will not enable this, as their tools are specific to their platforms. Cisco, however, can provide network transport, security and optimization that transcend individual cloud platforms.
• Cisco can become the bridge between physical clouds and create a logical supercloud thanks to its work with cloud providers, telcos and tools such as ThousandEyes and AppDynamics.
• This process begins with networking, hoping to see more progress with the Meraki/Catalyst integration at the upcoming show. We are also looking for advancements in consolidating different versions of Wi-Fi and other disparate parts of Cisco’s networking story.

Collaboration: Hybrid work is still a big thing

What about collaboration? That business went from rocket ship to rapid deceleration post-pandemic, but hybrid work isn’t going away and it brings real challenges. Is this a game of integrating with your security portfolio to reduce risk? Or creating better and more simplified user experiences? We know that Jeetu Patel wants to make Webex 10 times better than any other platform.

• We believe Cisco’s primary challenge in the collaboration market is Microsoft Teams. Despite having a poorer user experience compared with competitors, Teams is widely adopted thanks to its inclusion in Microsoft licensing plans.
• Teams, however, can prove costly when additional features such as voice and security are added.
• Cisco has accepted the coexistence with Teams, allowing its devices to run Teams natively. This could be beneficial as companies are likely to use more than one collaboration vendor.
• We believe Cisco’s WebEx, loaded with extensive features, can offer a better experience for specific departments and expand its presence within organizations gradually.
• A suggested strategy for Cisco is to manage other collaboration platforms through the WebEx console, offering better management for those platforms and then gradually introducing their own solutions.
• In the context of observability, the application-centric view is crucial. Prioritizing network upgrades and security deployments based on their impact on application performance can provide quantifiable business metrics.
• Cisco’s AppDynamics offers a unique perspective into application performance that other infrastructure vendors may lack. This tool could be instrumental in making such decisions.

Application centricity is the opportunity in full-stack observability

Cisco we think has an opportunity to make some moves in full-stack observability, but the linchpin as Kerravala wrote on SiliconANGLE is the application-centric view of the world. The two main takeaways from our conversation on observability include:

• The application-centric view is crucial. Prioritizing network upgrades and security deployments based on their impact on application performance can provide quantifiable business metrics.
• Cisco’s AppDynamics offers a unique perspective into application performance that other infrastructure vendors may lack. This tool could be instrumental in making such decisions.

Every large tech company has to address ESG

And finally we asked Kerravala if he has ever been to a Cisco Live where Chuck Robbins hasn’t done his part to address environmental, social and governance issues? Here’s a summary of what we discussed:

• Cisco has a corporate goal to positively impact a billion lives by 2025. It’s making significant progress toward this goal through a variety of programs. It’s part of the Global Citizen group, and it conducts contests and provide financial support to entrepreneurs aiming to make the world a better place.
• Cisco’s products also help with sustainability. They are embedded with features such as EnergyWise, which shuts off the network when it is not in use and turns it back on when it is needed.
• Cisco’s custom application-specific integrated circuits are optimized for specific network functions, leading to lower power consumption.
• The company offers Power over Ethernet features to further support sustainability.
• At events such as Cisco Live, it has highlighted these sustainability features, and we expect to see more of this in the future.

We didn’t talk much about edge, but it’s a significant part of the future and we anticipate hearing more about it in the future.

Here’s the full conversation about what to expect at Cisco Live

Finally, theCUBE will be at Cisco Live in Las Vegas at the Mandalay Bay. We’re on the expo floor across from the Net Vet Lounge, which is Booth 1427. We have a small space so we’re doing the pop-up CUBE and we’d love to see you. By all means please stop by and say hello.

Keep in touch

Many thanks to Zeus Kerravala for stopping by the studio to share his knowledge. Thanks to Alex Myerson and Ken Shifman on production, podcasts and media workflows for Breaking Analysis. Special thanks to Kristen Martin and Cheryl Knight, who help us keep our community informed and get the word out, and to Rob Hof, our editor in chief at SiliconANGLE.

Remember we publish each week on Wikibon and SiliconANGLE. These episodes are all available as podcasts wherever you listen.

Email david.vellante@siliconangle.com, DM @dvellante on Twitter and comment on our LinkedIn posts.

Also, check out this ETR Tutorial we created, which explains the spending methodology in more detail. Note: ETR is a separate company from Wikibon and SiliconANGLE. If you would like to cite or republish any of the company’s data, or inquire about its services, please contact ETR at legal@etr.ai.

Here’s the full video analysis:

All statements made regarding companies or securities are strictly beliefs, points of view and opinions held by SiliconANGLE Media, Enterprise Technology Research, other guests on theCUBE and guest writers. Such statements are not recommendations by these individuals to buy, sell or hold any security. The content presented does not constitute investment advice and should not be used as the basis for any investment decision. You and only you are responsible for your investment decisions.

Disclosure: Many of the companies cited in Breaking Analysis are sponsors of theCUBE and/or clients of Wikibon. None of these firms or other companies have any editorial control over or advanced viewing of what’s published in Breaking Analysis.

Image: mehaniq41/Adobe Stock

The deal will give Cisco a wide range of tools to deliver AI-powered cybersecurity for the enterprise.

This week US networking giant Cisco announced that it will acquire the cybersecurity startup Armorblox. The acquisition will give Cisco a new palette of products and services to provide email security. In addition, it aims to protect cloud and office applications and enterprise communication systems.

Founded in 2017, Armorblox has more than 100 employees. It has raised $46.5 million in funding, with its most recent round led by SentinelOne Ventures in September 2022.. The company got its start in securing enterprise email systems and has since branched out into other cybersecurity areas.

Raj Chopra is SVP, Chief Product Officer for Cisco Security, explained the acquisition in a blog post. Managing the modern landscape of threat actors is a highly complex challenge, Chopra says. In order to manage this complexity, “you have to reframe the way you think about it. Complexity equals data. Lots of data. You just have to know how to use it. That’s where generative AI comes in”.

Chopra explains that cybersecurity professionals need to fully utilise the “vast trove” of native telemetry at their disposal. They can do this, he says, by training Large Language Models (LLMs) “to deliver intelligent, adaptive, and automated security capabilities”.

Cisco is “taking an exciting step forward in executing our plans for an AI-first Security Cloud”, by acquiring Armorblox, Chopra says, describing the startup as “a company that has pioneered the use of LLMs and natural language understanding in cybersecurity”.

By leveraging Armorblox’s use of Predictive and Generative AI across the Cisco portfolio, the company plans to change the way their customers understand and interact with their security control points, according to Chopra. “From enhanced attack prediction, to rapid threat detection, to efficient policy enforcement – there are near-limitless ways to Boost today’s security experience”, he adds.

The financial terms of the acquisition were not disclosed, but Cisco said it expects the deal to close by the end of its fiscal fourth quarter in July.

© 2023 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.

These out-of-the-box automations deliver complete Level 1 and Level 2 CIS Benchmark compliance for Cisco network and security devices

DALLAS, May 30, 2023 /PRNewswire/ -- BackBox, the world's most trusted network automation company, has released 178 new CIS Benchmark Compliance Automation Templates for Cisco firewalls, routers, and other network devices. These templates enable CIS compliance and their release coincides with Cisco Live!, taking place from Sunday, June 4 through Thursday, June 8 in Las Vegas.

"We hope attendees will visit us at booth 421-H in the Cisco Live! Security Village to see our new CIS Benchmark compliance automations written specifically for Cisco," said Andrew Kahl, CEO of BackBox. "These automations quickly identify non-compliance, help networks become compliant, and automatically report on and remediate configuration drift out of compliance."

Device backups with 1-click restore, simplified OS updates and vulnerability patching, and compliance remediation to prevent configuration drift are critical areas of integration between BackBox and Cisco. The BackBox Network Automation Platform complements Cisco with a full suite of automation capabilities that enable pre- and post-checks on the update process, as well as simplified backups and restores should an update fail. Similarly, the BackBox API allows easy enterprise integration for streamlined processes like device discovery, inventory, and compliance. The BackBox Network Automation Platform includes a library of over 2,000 pre-built automations for network and security devices.

BackBox adds new pre-built automations every month, many specifically oriented around mitigating the increased cybercrime activity the company has seen related to network infrastructure vulnerabilities and breaches. These templates are available to all BackBox customers through the Automation Library. Users can load them via API or file import from the UI, without updating to a new version of BackBox.

Story continues

"In addition to providing broad CIS benchmark compliance for all Cisco devices, BackBox provides automated disaster recovery for Cisco network and security devices, including backup verification and comparison-based change alerts," said Josh Stephens, Chief Technology Officer of BackBox. "BackBox also dynamically collects inventory data and captures device information details for capacity planning."

BackBox has also released updated CIS Compliance Automation Templates for Check Point and Fortinet. These templates are available in the free trial version of the software, available on the company website.

Stephens will be presenting in the Security Village Theater on Tuesday, June 5 at 2:00 p.m. and Wednesday, June 6 at 3:30 p.m. Stephens will demonstrate how to leverage network automation to strengthen network security and implement continuous improvement of network security hygiene. Stephens will also present at Tech Field Day Extra on Thursday, June 7 at 11:00 a.m. PT. The presentation will be streamed live on https://techfieldday.com/event/clus23/.

Attendees can learn more about BackBox and schedule time with BackBox representatives to learn more about how BackBox can automate Cisco implementations here: https://backbox.com/cisco-live-2023.

Related:

About BackBox

BackBox is a Network and Security Device Automation Platform that supports over 180 vendors, with thousands of pre-built automations and a scripting-free way to build new ones. Enterprises and managed service providers worldwide trust BackBox to automate and audit anything an admin could do manually, with reliable automations that are flexible, scalable, and contextually aware. From backups and OS updates to configuration compliance, BackBox gives you confidence that your automations will deliver the expected outcome every time. To learn more, visit www.backbox.com/product.

View original content to obtain multimedia:https://www.prnewswire.com/news-releases/backbox-releases-cisco-cis-benchmark-automation-templates-301837552.html

SOURCE BackBox

Network Detection & Response , Open XDR , Security Operations

A double-blind survey of 300 Cisco security customers pinpointed an under-addressed problem in the market: remediating threats with telemetry from multiple domains and sources.

See Also: Live Webinar | Breaking Down Security Challenges so Your Day Doesn’t Start at 3pm

Cisco Security Executive Vice President and General Manager Jeetu Patel said the industry has struggled to address multifaceted attacks that originate in email and include bad links, malware downloads to a device, the use of PowerShell and lateral movement of malicious packets on the network. To date, the approach has been very isolated as email, endpoint and network experts work in silos to comprehend what happened.

"What you don't have is a holistic view that says: Can I have telemetry that's being looked at and correlated across domains?" Patel told Information Security Media Group. "If I could do that, I'd be able to be much better at finding breaches."

Correlating native telemetry allows organizations to get much better at distinguishing a malicious attack from a regular course of activity on a normal day, according to Patel. Customers also want a platform that ranks vulnerabilities based on risk, automatically remediates as much as possible and provides SOC analysts with a completely fresh user interface and experience, he said (see: Jeetu Patel on Having a Consistent Design at Cisco Security).

Cisco has doubled down on correlating data from different telemetry points to assess the severity of a security incident, better understand how the incident originated and get details on what was happening on a particular node such as email when the incident was taking place, according to Patel. He sees this as the biggest benefit of Cisco XDR, which was announced at RSA Conference 2023 and will be generally available in July.

Catching the Competition

Forrester in October 2021 ranked Cisco's XDR offering 13th out of the 14 vendors evaluated, beating only FireEye. The market research firm said at the time that Cisco's offering lacked cross-telemetry detection and investigation capabilities and was more of a SOAR solution than a true XDR. Forrester said Cisco's product architecture and vision, investigation, threat hunting and commercial model all needed improvement.

"Microsoft might be good on the endpoint, but we're going to be better on the network."
– Jeetu Patel, Cisco

Despite having a lot of catching up to do, Patel said Cisco XDR will benefit from the breadth and scale of the company's telemetry. Cisco today secures 200 million endpoints. It is one of the only XDR vendors - aside from Microsoft and Sophos - with native visibility into email, and it can analyze network flow data better than anyone else, Patel said. Forrester in 2021 named Trend Micro and Microsoft as XDR leaders.

"Microsoft might be good on the endpoint, but we're going to be better on the network," Patel said. "We've got a very broad implementation on the endpoint, but we've got network and they don't even have that. It's nonexistent on their side."

To do XDR effectively, Patel said, providers need native telemetry that can get correlated rather than summary data obtained through a partnership with another technology supplier. Patel said Cisco benefits from having visibility into every customer email and email forward, every web request, every process that gets spawned on the endpoint and every packet that traverses the network (see: Panel: Threat Response Needs New Thinking).

At the same time, Patel said, the company pulls telemetry from 13 competitors - including SentinelOne, CrowdStrike, Proofpoint and Palo Alto Networks - to get visibility into IT environments where Cisco isn't present. Cisco will both pursue integrations with market leaders in security technology categories, such as CrowdStrike, and offer open APIs for security products where Cisco hasn't done an integration itself.

Maximizing the Market Opportunity

The company doesn't plan to make its XDR offering available at the onset for direct purchase by small businesses via online transactions or e-commerce, but Patel said Cisco XDR fits any organization with at least 2,000 employees. Businesses today will get the most value from Cisco XDR if they have a SOC analyst and some level of sophistication in their internal security functions, he said.

The company plans to track the number of breaches detected, the number of remediations carried out and the number of SOC analysts using Cisco XDR on a daily or regular basis to assess the effectiveness of the new product, Patel said. The total addressable market for Cisco XDR is "massive" since any organization with at least one Cisco control point and an EDR product would benefit from it, he said.

"I've never seen in my career a greater number of customers come to us and say, 'We really want Cisco to be one of our key security vendors,'" Patel said. "We've completely revamped our leadership. The innovation velocity has accelerated quite a bit. I expect that there's going to be displacement revenue that comes from this."

Cisco and the National Information Technology Development Agency (NITDA) in Nigeria have signed a memorandum of understanding (MoU) with the aim to support Nigeria’s digital transformation agenda and contribute towards digital skills training and development.

This was disclosed in a statement made available to THISDAY, yesterday.

As part of the collaboration, Cisco’s Incubation and Innovation Centre in Lagos called Cisco EDGE, would be used to stimulate innovation and support digitisation initiatives, providing a space where local partners could showcase technologies and host client events.

Within the Cisco EDGE program, the Innovate pillar provides resources and tools to local innovators and entrepreneurs to help them develop more secure, intelligent, and connected solutions. The second pillar, called Cisco EDGE Educate, was aimed at transforming the lives of learners, educators, and communities through technology and by offering education and career opportunities.

The MoU forms part of the Cisco Country Digital Acceleration (CDA) program where Cisco and NITDA plan to work together to promote and further expand Cisco Networking Academy in Nigeria.

The CDA was founded in 2015 and has since evolved into programs in 50 countries, with over 1500 active or completed projects—encompassing over two-thirds of the world’s population and 75 percent of global Gross Domestic Product (GDP).

The Vice President for Middle East & Africa at Cisco, Reem Asaad, was quoted to have said: “Cisco has a responsibility to both its customers and the greater global community to help solve challenges that impact our daily lives.

“We accomplish this by providing intelligent and innovative solutions, offering training and education opportunities, empowering communities through digital transformation, and enabling them to participate in the global digital economy.

“We are looking forward to working with NITDA to help accelerate digitisation in Nigeria.”

For her part, NITDA’s Acting Director, Digital Literacy and Capacity Development Department, Dr. Amina Sambo said: “As the agency responsible for regulating and developing Nigeria’s use of information technology, NITDA looks forward to the impact of this engagement.

“By collaborating with industry leaders like Cisco, we can empower and equip Nigerians with the knowledge and resources they need to participate in the national and global digital economies.”

Established in 1997, Cisco’s Networking Academy offers high-quality IT training and hands-on learning opportunities in 190 countries.

Over 17.5 million learners worldwide have participated in Cisco Networking Academy courses, and in Nigeria, over 411,000 students have been enrolled, 44 per cent of whom are women.

“Cisco Networking Academy is a powerful force for change. This initiative will unlock equitable opportunities for education and career connections to diverse communities.

“The focus on networking and cybersecurity will place learners at the forefront of innovation, equipping them with in-demand skills to develop ideas that will power the future,” Asaad added.

The MoU was acknowledged by Asaad, DG NITDA, Kashifu Inuwa and Sambo, during the Cisco Networking Academy EMEA Partner Conference in Paris, in the presence of industry stakeholders and senior officials from Cisco and NITDA.

© 2023 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.