The Firesheep firestorm

World wide web

Image via Wikipedia

The Firesheep firestorm
Ian Paul notes an emerging security specification, from the IETF, called HTTP Strict Transport Security (STS). Essentially, it’s a policy mechanism that Web

Related articles
Enhanced by Zemanta

The Firesheep firestorm was originally published on The Puchi Herald Magazine

End of life for CSA? That’s okay!

This is an intersting aticle from network world!

End of life for CSA? That’s okay!

New Cisco endpoint security strategy is a better fit for the cloud and the company

By joltsik on Wed, 06/16/10 – 1:20pm.


Earlier this week, Cisco announced its intentions to end-of-life the Cisco Security Agent (CSA) at the end of the year. Cisco will continue to support CSA for another 3 years but it won’t enhance the product any longer.

Moving forward, Cisco’s endpoint security efforts will center upon AnyConnect, an agent-based offering that unfies endpoint connectivity, TrustSec, DLP, threat defenses, and policy management. As far as pure AV protection, Cisco will recommend partner with vendors like Sophos and Trend Micro.

What’s going on here? Is Cisco walking away from an entire product and market? No. In fact, ESG believes this decision demonstrated guts and vision. Cisco has never had any luck with Windows client software and that’s really what CSA is. Cisco may be saying adios to Windows but this move is right down Broadway as it aligns with Cisco’s strengths and market direction. Why? Because:

1. Windows PCs are no longer the point. We all have PCs, smart phones, Macs, etc., and this list will only grow over time. I want to secure my stuff, not my Windows PC. How can you amalgamate this task? Through the network of course. This is exactly what Cisco wants to do.

2. Think cloud. Yes, the cloud will provide us all with infrastructure, applications, and services, but it can also by a big honking proxy services. As we virtualize our workloads, this has to happen. Cisco gets this and is already offering cloud-based security services via IronPort and Scansafe. This is the future, not CSA.

3. The definition of endpoint security has grown. When Cisco acquired Okena, endpoint security was really about malware protection. Now endpoint security extends to identity, access controls, usage policies, and data assurance. Again, most of these other functions can be managed via the network.

Cisco has a fair number of CSA customers so I’m sure some folks within the company wanted to continue to invest in the product. This would have been the easy, “let’s not rock the boat” decision.

Yes, this would have been the easy path but it also would have been the wrong decision. Cisco can now focus on endpoint security from a position of network/cloud strength rather than its Windows PC weakness.

The market is already headed in this direction. Cisco is simply shedding some legacy baggage and positioning the company at the nexus of endpoint, network, and cloud security. This is the absolute right decision.

End of life for CSA? That’s okay! was originally published on The Puchi Herald Magazine