N+I: Cisco takes aim at Web services security

LAS VEGAS – Web services are a key concern for Cisco Systems Inc. as the company plans initiatives over the next year to integrate security more deeply into network infrastructures, executives said Wednesday at NetWorld+Interop in a question-and-answer session that followed a keynote address by Cisco President and Chief Executive Officer John Chambers.

The rapid growth of Web services, designed to allow systems in different companies and departments to interact machine-to-machine to deliver business processes automatically, will raise both network congestion and security issues, said Mike Volpi, senior vice-president for Cisco’s Internet Switching and Services Group.

In some cases, those problems could cause tension within organizations, another executive pointed out.

“It’s unclear if these things are really going to be in the best interests of the enterprise,” when security concerns are taken into account, said Bob Gleichauf, chief technology officer of Cisco’s VPN and Security Business Unit. “You have the IT departments in conflict with the people who are running the business and new offerings in companies.”

For example, Web services could utilize Hypertext Transfer Protocol (HTTP) as an envelope and use Port 80, typically used for Web-page traffic, Gleichauf said.

“Clever people are starting to use that not only to send valid traffic but to effectively use it as a conduit for (malicious) misuse…and the firewall isn’t in its current form necessarily well-suited to deal with that,” he said.

What is needed is deep packet inspection, a computation-intensive technique that most network equipment today is not designed to do, because it is designed to make decisions based on certain kinds of packet header information, Gleichauf said.

Greater network intelligence also is needed to provide functions such as load-balancing of Web services traffic, based on Extensible Markup Language (XML), Volpi said.

Enterprises have balked at security by not budgeting it into their networks, Gleichauf said. Cisco aims to make it an integral part of a company’s IT services, he said.

If companies are to realize productivity gains from IT, chief information officers need to embrace technology that benefits the business while also maintaining security, Chambers said.

“They can’t just be the traffic cops or policemen or women, they have to say, ‘How do you do this in parallel?’ ” he said.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Empowering the hybrid workforce: how technology can build a better employee experience

Across the country, employees from organizations of all sizes expect flexibility...

What’s behind the best customer experience: How to make it real for your business

The best customer experience – the kind that builds businesses and...

Overcoming the obstacles to optimized operations

Network-driven optimization is a top priority for many Canadian business leaders...

Thriving amid Canada’s tech talent shortage

With today’s tight labour market, rising customer demands, fast-evolving cyber threats...

Staying protected and compliant in an evolving IT landscape

Canadian businesses have changed remarkably and quickly over the last few...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now