When it comes to information security, networking giant Cisco seems like it’s at a crossroads. In 2009, Cisco acquired cloud security provider ScanSafe for $183 million and announced security products and services for the iPhone earlier this year. That said, 2009 seems to be highlighted by noteworthy security issues. For example:

1. Cisco hinted that it will end-of-life both CSA and MARS. A few short years ago, these products seemed like they would anchor Cisco’s security strategy.
2. Cisco’s main message throughout 2009 was around cloud security. Fine for vision, but since cloud computing is a confusing category in its infancy, these messages probably didn’t help move any products.
3. In several discussions with Cisco sales reps and channel partners, security products have become a low priority. To paraphrase one sales person, “I have no time to work on a $100k sale when my quota is in the $10s of millions range.” I also noticed a lot of network security deal bake-offs between folks like Check Point, Crossbeam Systems, Juniper, McAfee, Sourcefire, and TippingPoint, but not Cisco.
4. Instead of buying a DLP player (a growing software category), Cisco chose to partner with RSA. Fine, but not typical Cisco behavior.
5. Cisco walked away from Guardium, a database security company it invested in, and then let IBM acquire the company unchallenged.

Cisco has a huge install base and an unbelievable halo effect. Given these assets, I’m sure a “bad” year for Cisco security still produced plenty of revenue. Nevertheless, Cisco seems much more passive and confused about its security play than it did a few years ago when it seemed intent on owning all-things security — from the network (firewall, NAC, IDS/IPS), to clients and servers (CSA), to network applications (e-mail, XML), to identity (entitlement management).

Cisco’s 2009 rhetoric about cloud security, collaboration, and reputation were pretty weak — not what you’d expect of a leader. In 2010, Cisco must establish itself in the server market, press forward on Telepresence and Tanberg, and fight on all fronts without the help of HP or IBM. Can it do all this and re-establish itself in information security? Maybe, but I believe this is a tall order. Moving forward, information security seems like a tactical market for Cisco at best.

Related posts:

1. Note to Cisco: Pick Your Security Battle
2. Cisco Quarterly Results Impress Wall St., but Not This Security Analyst
3. The Cisco Squeeze
4. Approximately Half Of All Organizations Will Increase Security and Networking Spending in 2010
5. Cisco Announcement: More than the CRS-3

Tags: Check Point, Cisco Systems, Crossbeam, Guardium, IBM, Juniper Networks