Cisco is aiming to bridge its datacenters and its on-site enterprise solutions with a new initiative that will see it delivering its IronPort unit's e-mail security as both a Software-as-a-Service (SaaS) offering and a hybrid model that merges cloud computing with an on-site presence.
The new initiative points to efforts by Cisco (NASDAQ: CSCO) to add hosted services to its repertoire, with e-mail looking like a natural fit, considering that the threats facing enterprise e-mail continue to mount.
"Cisco is investing heavily in Software as a Service (SaaS)," Keith Valory, director of product management for Cisco's security technology unit, told InternetNews.com. "When [CEO] John Chambers talks about the future of Cisco, he talks about enabling Web 2.0 and SaaS applications as a key driver."
The company's also been signaling a readiness to extend IronPort, which it acquired in 2007 for $830 million. Since then, it's been updating the platform for broader deployment scenarios. Earlier this year Cisco added a small- to midsized business solution that brings the large enterprise e-mail security features of the IronPort platform to smaller companies.
This week's launch of Cisco's IronPort Hosted E-mail Security marks the first time that IronPort will be offering a fully hosted service, so an enterprise can tap into Cisco's cloud to get its e-mail security without the need for an on-premises IronPort security equipment.
Not all enterprises are willing to entirely shift their e-mail security to the cloud, however, but many also recognize that they can't do it all internally, either. According to Valory, that's where a second, hybrid approach comes into play, combining both on-premises and the cloud.
"It's really about offering a broad continuum of deployment options, so customers can look at their own requirements and whatever deployment option they want without compromising on threat prevention," Valory said.
The hybrid approach will enable enterprises to divide the control of their e-mail security between an on-site device and the cloud. Valory noted that many large customers like the idea of benefiting from the cloud's capacity and scalability when it comes to scanning all inbound traffic.
"With inbound e-mail scanning in the cloud, anything coming into the enterprise is nice and clean," Valory said. "But they also want to have outbound controls on-premise for things like data-loss prevention before it leaves the enterprise network to interface with the cloud."
Valory added that for compliance reasons, some companies aren't comfortable hosting their outbound e-mail security. But, he said, IronPort's on-site, cloud-based and hybrid solutions all offer the same reporting and tracking features. In addition, he said choosing one approach over another doesn't entail different levels of performance.
Though Cisco is a big proponent of virtualization, Cisco Hosted E-mail Security at least at the outset will not rely on a virtualized infrastructure. Instead, each customer will initially get their physical hardware provisioned within a Cisco datacenter, Valory said.
A complete solution?
The new Cisco cloud e-mail security initiative isn't a complete e-mail solution, however. Cisco does not currently offer e-mail hosting itself, which would enable an enterprise to entirely offload its mail to the Cisco cloud.
That's something that could be changing soon, though, following Cisco's purchase of Linux-based e-mail vendor PostPath, which Cisco acquired in August 2008.
"Our new release is just on the e-mail security side," Valory said. But he added that PostPath has "been working closely with [Cisco hosted Web conferencing unit] WebEx on a hosted e-mail offering."
"I don't want to talk too much about that, but I can say we're working very closely and the security solutions will be a part of that when it comes out," he said. "I will say that through the PostPath acquisition, Cisco has invested heavily in that space."
This article was first published on InternetNews.com.