Cisco's IronPort email security appliance will be capable of data-loss prevention monitoring through integration with EMC's RSA DLP scanning technology, Cisco has announced.
By the third quarter, the Cisco IronPort S-Series appliances will be able to monitor and block content that violates DLP policies, including those expressed in policy templates which Cisco will include with the DLP-enabled email gateway, said Nick Edwards, group product manager at Cisco.
The IronPort appliance, which can also be used for anti-spam, anti-virus and encryption, will also gain the advanced capabilities of the RSA DLP technology, though it won't include data discovery for data at rest, Edwards says. The DLP management piece will be "slotted into the IronPort management tools," he said.
News of the IronPort S-Series upgrade marks the first fruit of the DLP partnership between Cisco and RSA that was announced with much fanfare more than a year ago. And it may be the last fruit for a while.
In announcing the partnership with RSA, Cisco envisioned widely integrating RSA's DLP filtering technology into its infrastructure equipment. But those plans don't seem to be panning out. To talk today about Cisco switches, routers and DLP would be "premature," Edwards conceded.
"In 2008, Cisco did have grand visions," says Gartner analyst Eric Ouellet. "They spent last year discussing it internally and finally came to a compromise. Yes, it is scaled back to IronPort because that's the first ‘easy' and ‘meaningful' deployment. The other points of integration will take longer to complete, and I wouldn't expect much else over the next year or so."
In a related announcement, Cisco today said it expects to offer a hosted email gateway service for DLP by year-end. In addition, the Cisco IronPort web security appliances now support the Internet Content Adaptation Protocol (ICAP) for traffic hand-off to third-party DLP systems.
The Cisco IronPort S-Series for Data Loss Prevention will cost $14.12 per (~£8.50) user per year for a 10,000-user company.