Security Pie

Cisco is #1 in appliance sales

Network World published an interesting story about Cisco’s attempts to keep the number 1 spot in sales of network security gear. (note that I emphasise the words sales).

The article includes several security pies, the kind I like. it also include an analysis of best of breed versus good enough sales.

In my opinion the article is missing one important factors: The departure of Nokia from the network security appliance market.

Cisco is indeed the undisputed leader in sales for the security appliances market. It’s retired PIX firewall was all times best seller. People simply liked the way it worked. The more recent acquisition of IronPort gave it a powerful weapon in the e-mail security market and it also allows Cisco to claim some DLP capabilities. Cisco is also #1 in sales of IPS gear. Take a look at the left pie. While there’s a huge market share belongs to the “other” vendors, Cisco’s slice is bigger than the combined slices of Juniper, Check Point, Nokia and Microsoft!

The other pies show how Cisco rules the network security market (again, in sales).  While the article does not mention emerging market it focus on the main.

The Security Pie

Read the rest of this entry »

 

 

Cisco is promoting Diego Rivas

Dave, a developer from Melbourne, Australia brings an interesting story . He was installing a newly purchased VPN product. When he loaded the VPN client software, he discovered that in the place of the usual boring software was an audio disk with 12 tracks of Spanish music (see Cisco\’s Hit). A lively discussion on Dave’s blog tried and successfully managed to identify the musician.  You can watch the video below.

Beyond the anecdotal story there are few things that we can learn from this incident. I’m not picking on Cisco specifically: In the past, one of the products that I was managing was built by very large OEM partner that was responsible for building the appliance, packaging, forwarding etc. Though it was very rare, we had few incidents when customer X received parts of a printer with his order (inside the appliance package), while another customer received the wrong CDs etc. Errors do occur and I believe that Cisco will do everything it can to learn from this manufacturing snafu and improve its quality assurance process. However from a security risk management point of view , this incident is a reminder to trust no one:

Every CD should be considered suspicious, even if it arrived inside a box that has the Cisco logo. Due to the popularity of Cisco’s gear there’s a second hand market and also some fake devices. Softpedia tells that even the United States government is reportedly using some 3500 fake Cisco-branded network devices, including routers, network switches and hubs. “According to the investigation results, the fake devices are worth up to $3.5 million.” 

Trust no one is the moral of this story.  On a side note, this story also explains why the DOD is investing so much money looking for the kill switch. 

Enjoy the music!

(Arik, What’s going on down there in Australia?, we’re getting a steady stream of weird reports recently  

My bikes

There are things that we just can’t forget: like riding a bicycle or even driving a car. I was accompanying one of our sales engineers the other day at a customer sites and felt the urge to configure a layer 4-7 switch. If my memory serves me right, the last time that I was doing something similar was in 2000. Yet, one stare at the Access User Verification prompt and my memory was loaded.

I’m sure that somewhere, someone is studying why there are things that we can not forget. I am more interested in the opposite question. Why did I remember how to configure this switch? No, it was not a Cisco switch. However since Cisco’s IOS, style has been widely copied by other networking products (including the one I was configuring), it was very similar.  ? show run conf t ena always work somehow in a networking environment. Like seeing a friendly face in a “networking” cocktail party before the conference is a bout to begin…

Read the rest of this entry »