Lately, analysis agency Forrester launched its XDR Wave, which ranks many of the main safety distributors based mostly on their capabilities on this market. Whereas I usually agree with the location of many of the distributors within the Wave, I did assume Cisco appeared grossly misplaced. Because of this I’ve determined to problem this placement, based mostly on my expertise working carefully with Cisco, its clients, and companions on XDR deployments, and my perception that the answer is effectively aligned with what clients are on the lookout for.
I’ve appeared on the Wave and analyzed the place Cisco scored poorly, and I wish to provide my evaluation. Under are the highest 5 key factors that, for my part, Forrester didn’t precisely rating Cisco.
Further detection surfaces – Cisco Rating: 1
A part of the problem right here is the definition of XDR. I used to be the primary analyst to make use of the time period in 2018, lengthy earlier than the Wave existed. In my submit, I wrote that the “X” in XDR means “all the things,” the place telemetry must be gathered from as many sources as potential, with cloud, endpoint, and community being the core knowledge sources. Since then, different corporations have embraced the time period “X,” that means eXtended from the endpoint.
When one appears on the Wave, many endpoint distributors, together with Microsoft, CrowdStrike, and TrendMicro, are close to the highest proper. Distributors I contemplate to be extra network-centric, corresponding to Cisco and Fortinet, scored decrease. I additionally assume Fortinet must be increased within the Wave, however I will go away that for an additional submit.
Of all of the XDR distributors, Cisco has one of many richest knowledge units from merchandise corresponding to Cisco NVM, ISE, Umbrella, Talos, and its firewall and community gadgets. Moreover, it gathers knowledge natively from Safe Endpoint, in addition to from a number of third events corresponding to AWS, Azure, and GCP.
Giving Cisco a “1” on this class defies the straightforward eyeball check of the place the corporate has merchandise feeding telemetry to XDR.
Innovation – Cisco Rating: 1
This rating is calculated based mostly on the corporate’s funding in R&D at an organization degree. Cisco is a large firm with R&D spend throughout its portfolio, together with networking, safety, collaboration, and different areas. Forrester likes to see an R&D spend of 20% of firm income to award a 5, and Cisco spends about 13%. Nevertheless, this quantity is deceptive. For an organization of Cisco’s dimension, 13% of its income is greater than most of its opponents mixed.
Additionally, in my dialogue with Cisco management, they indicated that the extent of R&D throughout Cisco shouldn’t be uniform. Extra mature areas require much less spending, whereas rising applied sciences, corresponding to safety, are effectively above the 20% threshold. Scoring a broad, various firm like Cisco on the identical scale as a small startup is deceptive and admittedly irresponsible.
The scoring standards for “neighborhood” is holding a security-specific convention. That is one other case the place the variety of Cisco’s portfolio shouldn’t be thought-about. The corporate’s consumer occasion, Cisco Reside, is without doubt one of the largest expertise exhibits held in lots of areas. So long as I’ve been attending Cisco Reside, which has been occurring for over 20 years, safety has been a major a part of the occasion.
Particularly, concerning XDR, I appeared again on the agenda for Cisco Reside 2024 EMEA, and there have been dozens of safety classes, a lot of which had been devoted to XDR. The corporate additionally holds threat-hunting workshops for its clients, as do a lot of its world companions.
Cisco was additionally a key sponsor on the RSA Convention, held a keynote and lots of academic classes, and had a large total presence. When one appears on the dimension of Cisco’s buyer base, companion neighborhood, licensed engineers, sponsorships, and different associated elements, it’s quantifiability one of many largest safety communities.
Product Safety – Cisco Rating: 3
I discovered the quantification of this a bit complicated. Forrester states, “5 = The seller offers transparency on the way it secures its providing.” From my expertise, which dates to being a Cisco Safety buyer, the corporate has a well-established course of round safety belief and insurance policies. I’ve talked with Cisco management, and the corporate as a complete takes vulnerability scanning, pen-testing, and red-teaming very severely whereas pushing this mentality all the way down to its channel companions to make sure its total ecosystem is clear.
Forrester might not discover what Cisco does sufficient, and that’s its opinion, however Cisco Safety scored a 5 within the community evaluation and visibility (NAV) wave. The method and standards are the identical for each, as must be the rating.
Coaching – Cisco Rating: 1
From the Wave’s scoring standards, a rating of 5 is achieved when “the seller presents free, complete on-line coaching on the product and presents reside on-line coaching for a payment. In-person coaching is out there for a payment in a number of languages.” As one of many extra lively Cisco trade watchers, I’m up to date on their coaching exercise from clients, companions, and the corporate. I do know Cisco has a wealth of free info within the space of XDR.
For instance, Cisco XDR clients obtain proactive onboarding and configuration steerage from a Buyer Success consultant. The corporate additionally presents in-product assist and product documentation to assist customers perceive the device, in addition to in-product video coaching and step-by-step directions.
Cisco additionally holds a variety of skilled and academic webinars, throughout which clients can work together with Cisco to resolve points, perceive finest practices, and develop methods for menace detection and response. The corporate additionally has its Studying Middle, which accommodates walkthroughs, demos, on-demand labs, and threat-hunting workshops.
Certainly one of Cisco’s historic differentiators, for the previous 30 years, has been the quantity of free coaching it presents throughout its product line. A rating of 1 right here signifies Forrester isn’t conscious of Cisco’s vary of coaching choices.
Abstract
Usually, I’m not one to criticize one other analyst agency’s evaluation as a lot of it’s opinion. Nevertheless, instruments like Waves and Magic Quadrants are worthwhile as they’re formulaic and supply a quantifiable “rating.” On this case, Forrester’s placement of Cisco appears manner off base from my information. As I discussed, Forrester’s definition might differ from mine, the place they view XDR because the evolution of EDR. I have a look at it extra holistically, however that doesn’t clarify among the different inconsistencies.
My recommendation to clients is at all times to make use of these as a information nevertheless it’s at all times clever to do your personal proof of ideas as each setting is completely different.
Zeus Kerravala is the founder and principal analyst with ZK Analysis.
Learn his different Community Computing articles right here.
Associated articles: