Cisco announced on Aug. 2 that it is acquiring identity services provider Duo Security in an all-cash deal valued at $2.35 billion. Cisco expects the deal to close in the first quarter of its fiscal 2019 year.
Duo Security has developed a number of technologies, including cloud-delivered identity, multifactor authentication and zero-trust access control technology and services. Cisco plans on integrating Duo Security technologies across its portfolio, including its intent-based networking strategy to help improve identity and access control.
“The Duo acquisition is another major step forward. It moves Cisco in a new direction—identity and access,” David Goeckeler, executive vice president and general manager of Cisco’s Networking and Security Business, said during a conference call with press and analysts. “With Duo, Cisco customers will be able to easily and securely connect users to any application, on any network device with Duo’s zero trust access and authentication products.”
Duo Security had raised a total of $119 million in funding, including a $70 million round that was announced in October 2017. While the company is perhaps best known for its multifactor authentication (MFA) access technologies, it has expanded its portfolio in recent years. Dug Song, co-founder and CEO of Duo Security, said that while his company’s MFA technologies do compete with other vendors including RSA, Duo now does a lot more than just MFA.
“We go well beyond just identity to provide other security capabilities … that are commonly associated with endpoint technologies as well,” Song said. “In a unique and agentless way, we can attest to the security posture of devices that are not even under corporate management.”
Cisco Integration
The addition of Duo Security will help Cisco integrate networking, security and identity capabilities delivered from a cloud-based platform.
Duo’s capabilities will complement and integrate with Cisco technologies such as the Umbrella cloud-delivered security service and the Stealthwatch visibility and Identity Service Engine (ISE) platforms, according to Goeckeler. He added that as users increasingly access applications from multicloud environments and mobile devices, the Duo capabilities will help Cisco extend its security architecture with identity.
Cisco’s existing ISE platform provides policy and access control within an enterprise network. Goeckeler said there will be a natural tie-in with Duo, which provides identity in a cloud-based software-as-a-service (SaaS) model. He added that Cisco’s Umbrella already provides security services from the cloud and Duo will be a fit to bring identity to that model as well.
Intent-Based Networking
While Duo has multiple integration points with Cisco’s existing security business, Goeckeler said it will also enhance Cisco’s intent-based networking technologies.
“Intent-based networking is about how you automate a network,” he said.
With intent-based networking, rather than thinking about the network as a collection of routers, switches and access points, it is considered a software-defined system, where an organization can define the intent of what software should do, Goeckeler said. As users access the network, he said it’s important to understand what capabilities can or should be provided to them based on identity and policy, which is where Duo will be able to help. Goeckeler added that bringing together Duo with Cisco’s intent-based networking is all about driving consistent policy across user identities, devices and applications across the network.
“You don’t just have someone access your network and they get free reign to go wherever they want,” he said.
For Duo Security, integrating with Cisco will bring the company’s technologies to more users than ever before. Song said that the identity market has evolved significantly in recent years, alongside the growth of cloud and mobile computing. He added that user identity access and policy are becoming the core components of enabling a modern workforce
“In the next generation of multicloud, identity becomes much more important as a control plane for how security is applied more broadly beyond the boundaries of the corporate network,” Song said.
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.