Cisco Systems Inc. and EMC Corp. announced a broad partnership Monday that includes collaboration on data loss protection (DLP) products and services.
The companies made the announcement before Tuesday's opening of the RSA Conference 2008, where DLP was expected to be a hot topic.
The two companies plan to integrate data-classification technology from EMC's RSA Security division with the Cisco Security Agent (CSA), an endpoint security product that includes host intrusion prevention, policy control and firewall protection. RSA's technology will identify sensitive corporate data and pass that information along to CSA. RSA acquired DLP technology with its acquisition of Tablus last year.
"It's a good partnership. [Cisco] needed to do this. They haven't had a DLP strategy," said Charlotte Dunlap, senior analyst at Current Analysis.
The integration will strengthen Cisco's position in the endpoint security market, she said. However, Cisco neither detailed when the integrated product would be available, nor provided a roadmap for integrating RSA's DLP technology into its IronPort secure messaging product, which Dunlap said "will be a big question mark for customers."
Cisco and RSA also plan to collaborate on data center security and key management. Plans call for integrating Cisco MDS 9000 Storage Media Encryption (SME) with RSA Key Manager. The integrated product, scheduled to be available from EMC in May, will provide key management for customers encrypting sensitive data at rest.
The two companies also intend to work together to integrate additional security capabilities into Cisco TrustSec for data-in-motion encryption with the Cisco Nexus 7000 platform. RSA intends to add email security by interoperating with Cisco's Registered Envelope Service technology, encrypting email discovered by RSA's DLP technology.PCI architecture announced
The companies said they also plan to work together on a PCI reference architecture to help customers discover and track sensitive information and ensure PCI compliance.
The architecture will enable companies to audit and run reports on their systems as part of a PCI compliance program. The architecture also enables companies to discover and monitor sensitive information and provide the appropriate enforcement controls, Cisco said.
The plan involves adding features to Cisco's Lean Retail suite, which integrates RSA's PCI software. The features will be added with the release of the Cisco Application Control Engine (ACE) Web Application Firewall. Cisco said the software will help companies control credit card data within Web-based applications.
By combining Cisco technology and RSA's PCI software, customers could gain visibility into where data resides, said Dennis Hoffman, vice president and general manager for data security at RSA, the Security Division of EMC.
"The answer lies in coordinated product innovation, strategic partnership and professional services," Hoffman said in a statement.