Cisco Systems' announcement Monday that it will acquire privately held startup Protego Networks for $65 million adds a critical piece to Cisco's strategy for becoming a security vendor.
Over the course of the past year, Cisco has acquired other companies to build its self-defending network and its Network Admission Control technology. With Protego, those capabilities can be managed.
Protego Networks' technology brings Cisco the ability to manage the security aspects of an enterprise network, to detect security events and to consolidate those events so they can be presented to managers in an understandable form.
Protego's technology also includes the ability to close off portions of a network undergoing an attack, and to remediate the results of an attack.
This is a critical capability for Cisco because up until now, the process of managing the company's security features depended on products from third parties.
This has meant that Cisco has had relatively little control over the functionality of the product, and for customers it only contributes to the maze of point solutions already on their networks.
"Cisco is backing up its claims that it wants to be a serious security vendor," said Robert Whiteley, an associate analyst at Forrester Research who said Cisco's self-defending network strategy is ambitious.
To read about AT&T's advancements in network-based security, click here.
Adding to the acquisition's importance is the fact that incorporating Protego's technology into the Cisco product line gets away from point solutions. "We're looking at a more holistic approach," Whiteley said.
"To truly make the self-defending network real, you can't just have capabilities—you have to tie those capabilities together," he said. "What is going to exist is this management tier that sits above and can enforce these policies."
Whiteley said that while a number of products are available with basically the same capabilities that Protego brings to the table, this one is critical. "They need to have a tool like Protego," he said, adding that just having the ability to do something isn't enough. "They can do a lot, but it has to be more than just an element management system," he said.
Once Cisco acquires Protego, the company will have the ability to incorporate it into its switches and routers. While that won't happen immediately, Whiteley said it will clearly have a place on Cisco's five-year roadmap.
Click here to read about Cisco's enhancements to its Gigabit Ethernet switches.
In the meantime, Protego and its staff will be subsumed into Cisco. The company is planning to retain the entire Protego staff so that development on Protego appliances and eventually the incorporation into Cisco can proceed.
Given Cisco's acquisition history, adding Protego to the mix is hardly surprising. It fills a niche that needed filling. In addition, because Protego has been an AVVID (Architecture for Voice, Video and Integrated Data) partner, and because it was created by former Cisco employees, the deal fits a pattern seen before.
Notably, adding Protego doesn't fill all possible security niches at Cisco. Some areas such as vulnerability and patch management remain. Whiteley said he doesn't think those acquisitions are likely to happen in the near future.
"They don't need to go down the patch-management road yet," he said. Instead, he said, Cisco is trying to define the security management standard and then open it to the community. That way, he said, the community can help decide what should be part of the community and what should not.
He also said Cisco aims to demonstrate that security cannot be an afterthought, rather that it should be designed into the network from the beginning.
Check out eWEEK.com's for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzer's Weblog.
Channel News and Analysis 
