Cisco's new network promises to protect against attacks hidden in encrypted data

But it's still signature-based

Cisco's new network, which it refers to as ‘intent-based', can detect threats through encryption, it claims. The company says that this is ‘one of the most significant breakthroughs in enterprise networking', and that the new network can anticipate actions, stop security threats and continues to evolve and learn.

Rather than manually entering lines of code, Cisco says that IT managers can automate policy to translate their business intent. "By building a more intuitive network, we are creating an intelligent platform with unmatched security for today and for the future that propels businesses forward," said Cisco CEO Chuck Robbins at a launch event this week.

AI, in the form of Encrypted Traffic Analytics (ETA), uses Cisco's Talos threat intelligence to detect known attack signatures in all traffic, including encrypted data. The firm says that ‘almost half' of all cyber-attacks today are hidden in encrypted data - Cisco claims to be able to identify these without decryption.

"ETA uses Cisco's Talos cyber intelligence to detect known attack signatures even in encrypted traffic, helping to ensure security while maintaining privacy," said Cisco SVP David Goeckeler.

Cisco is using the big data it gathers from its existing networks - which carry a large amount of global internet traffic - to collect information on cyber threats. It then provides IT teams with the insights to spot anomalies and anticipate issues ‘in real time', using machine learning.

Despite the statement that ‘traditional IT processes…are not sustainable in this new age,' Cisco has, ironically, opted to use signature-based detection to identify threats. Signature-based systems have been criticised for their slow response times and falling detection rates versus polymorphic malware. Speaking in a Computing web seminar this week, Ali Zeb of MS Amlin said, "We need new and old school AV. The new stuff is based on execution of malware, rather than being signature-based. An analogy that I use is if someone threw a brick at your window: old-style [anti-virus] would write a signature for a brick and block the next one, but if someone throws a bottle the window would still break. New-style AV just protects the window."

Cisco's Digital Network Architecture (DNA) is a bundle of hardware and software that powers the new network. These include the DNA Centre - a centralised management dashboard - and Software-Defined Access. SD-Access is designed to simplify network access for users, devices and things, by automating tasks such as configuration and troubleshooting.

On the hardware side, Cisco also announced a new family of switches known as the 9000 series. These focus on the demands of mobility, cloud, the IoT and security. When buying these switches, customers will also be able to access the DNA software capabilities by subscription.

75 global organisations are conducting early field trials with the new solutions now, including NASA, Royal Caribbean Solutions and DB Systel GmbH.