It was a happy coincidence that Tom Nolle sent in his blog for today just as I was preparing to write up Cisco's latest announcement around cloud-based services. There's not a direct overlap, but there is a clear relationship, so if you haven't read Tom's piece, I highly recommend it to you (as I do all of Tom's writing wherever you find it).The Cisco announcement has drawn a lot of attention for its security aspects, which is not surprising considering that it came the week of the RSA show, which John Chambers is keynoting. But when I talked with Alex Hadden-Boyd, Director of Marketing in Cisco's Collaboration Software Group, our discussion included the other piece of yesterday's announcement as well, which was the release of a blade for Cisco ASR 1000 routers; this blade, called the WebEx Node, essentially serves to bring the WebEx cloud infrastructure onto the customer's premises, as a way of improving performance and saving money. Cisco also announced updates--Release 27--of its WebEx Meeting Applications.
The security announcement, as explained by Keith Stewart, product line manager, involved cloud-based security--more about that shortly. The overarching point, as Alex explained to me, was that, taken together, the two announcements show a blending of premises and cloud: A cloud-based service such as Cisco WebEx may perform best when it has an on-premises component; while security, which has traditionally been premises-based, may benefit from having a significant component based in the cloud: "We're really redefining what it means to talk about the network," she said. "The premises network and the cloud start to blur."
The new WebEx Node blade acts as a point of presence for the Cisco WebEx Collaboration Cloud, which is a re-branding of what had been known as the Cisco WebEx MediaTone Network. Alex explained that the network provides global load balancing and intelligent routing, so that customers' traffic will be directed to the datacenter (there are 8 globally) within the Collaboration Cloud that's best able to handle the traffic at that moment.
Cisco describes the effect of embedding the WebEx node on the router blade as follows:
This capability will allow much of the "heavy lifting," including voice, video, and desktop sharing, required for large-scale WebEx meeting application deployments to be moved to the internal side of the proxy server/firewall infrastructure. This will reduce the load on the proxy server/firewall infrastructure and will also substantially reduce the peak bandwidth requirements for a large enterprise.
Specifically, Alex told me, an enterprise can save 75% on its bandwidth costs by using the WebEx Node. The Node lists for $35,000.
The new release of the WebEx Meeting applications include upgrades to Meeting Center for Web, audio and video conferencing; Training Center for online training; Event Center for webinars and other online events; and Support Center for remote support and access.
Now to the security piece of the announcement. Keith Stewart said Cisco was attempting to take a "holistic view of how to solve the security problem" by adding cloud-based security to what customers have on the premises.
Cisco is doing this via Cisco Security Intelligence Operations, a three-pronged strategy for network-based security:
* SensorBase, which Cisco bills as a "comprehensive vulnerability and sender reputation database."
"We have got something to say about every public IP address on the Internet," Keith said--meaning this database can look at each IP address to determine whether it has a history of spamming, sending out attacks, etc.--or, conversely, if it has a history of being well-behaved.
* Threat Operations Center: The "people side," as Keith Stewart called it, this is where 500GB of Internet traffic data is pulled in per day and analyzed by Cisco security researchers, analysts and signature developers.
* Dynamic Updates: This is the means by which Cisco pushes the synthesized knowledge developed in the previous two steps out to end users for their protection.
All of this is put together into what Cisco calls Global Correlation, a capability that sits in the Cisco cloud and monitors Internet traffic. When sensors detect new malware, bots or other attacks, Cisco Security Services can push out protection to Cisco IPS customers within 15 minutes, Keith Stewart claimed.
According to Keith Stewart, the cloud-based view makes increasing sense because, as he put it, "Endpoint software has been having harder and harder time finding infestations" as attacks grow more sophisticated: "Trying to uniquely identify those bots is an increasing problem."
By watching the global Internet, Cisco's security services can get a sense of the command and control perspective of problems such as botnets, whose unsuspecting participant machines represent "the tasteless, odorless gas that are out there," as Keith put it.
Today's Cisco announcement takes me back to our discussion of Cloud Computing at VoiceCon Orlando 2009 (embedded below). The fundamental question there was whether Cloud Computing made economic sense at a time when end users are bringing audio conferencing in-house to save conferencing service provider costs. Essentially, that's what the WebEx Node does with the wider range of Web conferencing services: It brings the "heavy lifting," as Cisco calls it, onto the premises in order to save on WAN costs. In this case, you're still buying a SaaS service--WebEx--from Cisco, but you're basically deploying it on your premises so as to save on service providers' WAN bandwidth costs. The alternative approach would be to pony up for the fat WAN pipe, but forgo the cloud-based service cost, and instead run the service off a (Cisco or other) in-house UC platform.
So it looks like one way or another, a "pure" cloud computing environment, for at least some users, may be more expensive than a strategy that potentially incorporates a premises aspect, as exemplified by the WebEx Node. That tradeoff is something to factor into your decision-making.
