Cisco held an invitation-only media event at the 2010 RSA Security Conference, revealing its new Secure Borderless Networks architecture enabling anyone to connect from anywhere using any device while remaining secure.
The first component of the Secure Borderless Networks initiative is Cisco AnyConnect Secure Mobility. With it, Cisco is moving beyond the traditional security models of device and platform-specific policy enforcement to deliver seamless, always-on, secure connectivity, and application access for both managed, and unmanaged devices.
Tom Gillis, vice president and general manager of Cisco's security technology business, lamented "For many of us in the enterprise, the mobile Internet experience leaves something to be desired." He added "I'm not suggesting that the mobile Internet doesn't work, I'm just suggesting that it doesn't work well."
The transition from the traditional network to the roaming, wandering, wireless network without walls is happening faster than many businesses or network technologies can keep up with. As more employees spend more time out of the office--accessing company resources and applications remotely--it impacts the network and security needs of the organization.
Gillis explains, "AnyConnect Secure Mobility is the solution that our customers have been demanding, enabling them to strike that balance between providing consistent security and supporting access from individuals using any device to connect to the network anywhere in the world."
At the heart of Cisco's vision is an enterprise and device agnostic approach. The panel of Cisco executives at the RSA media event were unanimous in believing that the time had come to give up on defining enterprise vs. consumer devices, or in expecting any enterprise to function from a homogenous perspective when it comes to operating system platforms.
Cisco chief security officer John Stewart told the audience, "I actually think that the traditional definition of what we call consumer and enterprise are not going to be anything like we've defined them for the past two decades."
Stewart went on to explain that devices--regardless of the traditional sense of consumer vs. enterprise labels--will all be treated simply as another IP device from an IT administration perspective. Rather than worrying about labels, or drawing arbitrary lines in the sand, IT departments will take the approach of addressing the capabilities of the device and who should have access to those capabilities and make it happen.
Microsoft has already introduced the always-on, clientless VPN, but companies interested in taking advantage of the DirectAccess technology must have Windows Server 2008 R2, and be using Windows 7 for the desktop platform.
Cisco AnyConnect Secure Mobility is sort of like Microsoft DirectAccess on steroids, and without the platform-dependence. AnyConnect Secure Mobility is designed to work across all major operating systems--Windows, Mac OS X, and Linux--as well as with any smartphone handset to provide seamless, always-on network access. Cisco is still working on developing the hooks for some of the platforms, but a vendor and platform agnostic solution is the goal.
Gillis walked the audience through a mock-up scenario of being able to access Salesforce.com reports from the iPhone on the way to work without needing to go through any manual VPN connection, then being able to transfer that session state to the desktop--again without any additional logins--to continue once he arrived at the office.
The demonstration was impressive. It remains to be seen if AnyConnect Secure Mobility can truly deliver the smooth, seamless, cross-platform experience in the real world that Cisco was able to convey with the scripted presentation for the RSA media event.
The question did come up regarding whether or not an organization must be Cisco-centric, or have an entirely Cisco infrastructure in order to put AnyConnect Secure Mobility to use. Cisco's response was that the entire infrastructure does not need to be Cisco, but key elements--the components that drive and control the AnyConnect Secure Mobility functionality--must be from Cisco.
Cisco AnyConnect Secure Mobility is scheduled to be available in the second quarter of calendar year 2010.