Cisco's new security target: consumers

The multibillion-dollar player in security tools for businesses plans to move into the lucrative consumer market later this year.

Cisco Systems, a multibillion-dollar player in security tools for businesses, is planning to move into the consumer market.

The San Jose, Calif.-based networking giant plans to release products later this year that translate its enterprise-scale technologies to the home, keeping consumers safe as they increasingly get networked and go online, Cisco executives told CNET

"If you think about what's required in the home, it is a 'mini' version of the enterprise," said Richard Palmer, general manager of Cisco's security technology group. "You have to replicate the broad portfolio of technology solutions that we have in an easy to deploy, easy to buy way that consumers find interesting and are willing to spend money on."

The move positions Cisco to grab a bigger chunk of the security market, which, according to research firm IDC, hit $32 billion in 2005 and is poised for double-digit growth through 2010. It also puts Cisco in competition with security specialists such as Symantec and McAfee, but not in the traditional way. Cisco won't sell software that people install on their PC. Instead, it will add security features and services to its Linksys home-networking gear and Scientific Atlanta set-top boxes.

"We think security is going to be a fundamental requirement for the networked home," Palmer said. Buying security software and loading it onto a PC isn't the way people will be securing their systems in the near future. "That market is being transformed," he said.

In Cisco's portfolio
Here are some examples of security products from Cisco that could be applied to home networks.
IOS Intrusion Prevention System
PIX Firewall software
Traffic Anomaly Detectors
NAC Appliance (endpoint clean access)
SSL VPN Remote Access

Linksys has plans for routers and other gateway devices with a variety of security features, said Mani Dhillon, director of product marketing at the company, which was bought by Cisco in 2003. "We're working very hard to have something we can bring to market this year," he said.

The top of the line would be a device--possibly connected to a service--that scans all Internet traffic as it enters a home network and automatically filters out all malicious traffic, he said.

Somewhat less advanced is the idea of filtering access to Web sites at the router--which allows multiple devices to use the same Internet connection--rather than on the PC itself. Linksys is working with IronPort Systems, a recent Cisco acquisition, to build a service for its routers that would shield people from known malicious sites. At the moment, people who want similar surfing protection have to install tools such as McAfee's SiteAdvisor or Exploit Prevention Labs' LinkScanner.

"By putting some of the functionality typically seen in security applications onto your network, you don't have to go off and individually manage every PC to make sure is up to date," Dhillon said.

The Linksys team is also thinking of ways to use Cisco's network access control features, or NAC, in its consumer routers. This would automatically run a health check every time a device connects to the home network. It would verify whether security patches and other safety settings on the PC are up-to-date.

"Security is very high on our list," Dhillon said. "We think this could hit the sweet spot for a good percentage of our customers, if we position it correctly." One of the challenges for Linksys is making sure its products don't become overly expensive, since additional features will require more powerful hardware, he said. A bottom-of-the-range

Linksys rival D-Link already sells a $99 security device. However, the D-Link "SecureSpot" is not a router or gateway, instead it sits in-between a router and a cable modem. D-Link partnered with McAfee for many of the features, which include antivirus and spyware blocking. "Security is top of mind for consumers and it does make sense for us as networking vendors to offer solutions," said Daniel Kelley, D-Link's director of marketing.

A real challenge?
Cisco's plans make sense and stand to bring the company additional business, but industry analysts disagree on whether its move is a threat to security incumbents.

"Built-in security is exactly what consumers need, and security in the router absolutely makes sense for Cisco," said Forrester Research analyst Natalie Lambert. "However, it is not the be-all-and-end-all for security."

In focusing its security efforts on the hardware, the company is essentially creating a new market, Lambert said. "By not providing software, Cisco is staying out of the way of the traditional security players," she said. "Installing security software on a PC is a necessity. Consumers are not sitting behind their Linksys box at all times--they travel."

However, security software incumbents such as McAfee and Symantec could still lose out, said John Pescatore, an analyst at Gartner. "The amount of money households will spend on security is not infinite, and Cisco will be competing for the same security dollar," he said. "Cisco has a great shot here."

Featured Video