Five years ago, the Cisco Security Technology Alliance (CSTA) launched with 22 partners and 22 product integrations.

Fast-forward to today, and it now includes more than 160 partners representing more than 280 product platform integrations. Fifty-seven new technology integrations and 23 net-new vendor partners were unveiled this week.

Scott Pope, director of product management and business development for the Security Technical Alliances Ecosystem, tells Channel Partners this is the largest and broadest CSTA announcement to date.

Cisco’s Scott Pope

“Back when we started, it was one integration per partner, and now we’re getting up to an average of two integrations per partner,” he said. “All the things we use, APIs and integration frameworks, to integrate with our third-party partners we also use to integrate our own Cisco security products. So because of that integrated architecture, partners can integrate with one of our products and in a sense become part of that architecture. So I think what’s driven it is when you integrate to Cisco, you’re integrating to a security architecture, not to an individual product.”

These integrations span more than 15 technology areas from security orchestration, analytics and reporting (SOAR) systems, and deception technologies, to IoT visibility platforms that together bolster a customer’s cyber defenses, Pope said.

Cisco also unveiled a new version of its pxGrid security integration fabric, which is “how we integrate our own Cisco products to talk to each other, but also how we integrate our ecosystem partners to talk to Cisco products as well,”  he said. The new version makes integration easier, he said.

Among the pxGrid integrations are: Acalvio ShadowPlex for threat containment; Armis for visibility and control over any device including unmanaged devices like Bluetooth peripherals, IoT devices and rogue access points; and Blackridge Technology to extend software defined perimeters to private and public clouds, IoT and other network environments.

The strategy behind CSTA is open integrations, as opposed to being a one-stop, already integrated solution.

“I’ve been in network security for 20 years now and one thing that’s remained constant throughout is security is definitely a multi-vendor affair for our customers,” Pope said. “Cisco is probably as close as anyone to doing this, but not everybody makes everything. Even Cisco with our broad portfolio of network security, we don’t have all the technologies, we don’t do vulnerability management, we don’t do security information management. There are newer technologies that are sort of on the cusp of going mainstream like user behavior analysis, we don’t do that. So there’s no vendor that’s going to be all things to all people.”

There’s strength in working with other vendors, and not just from the perspective of working with vendors whose technologies aren’t represented in Cisco’s security portfolio, he said.

“But even in our ecosystem, we work with…

…a lot of competitors,” Pope said. “Check Point Software Technologies is a huge network security vendor and we compete on multiple fronts, and we partner to solve customer problems. There are a lot of customers out there that are Check Point shops for their firewalls, that’s how it is and that’s probably how its always going to be. And it’s incumbent upon us to work with Check Point to integrate with things like our network access policy platforms and what not to make sure that we can solve the customer problems. The better integrated we are, the more value and more problems we’re going to solve for customers, and therefore differentiating us when we are trying to sell other things to them.”

If a customer is using Splunk or IBM QRadar for its security information management system, “not only do we integrate with your Splunk or QRadar, we have very differentiated integrations,” he said.

“There’s kind of a common, pervasive problem in customers’ security environments,” Pope said. “Our customers are getting overwhelmed with security events, basically alarms coming from all these different platforms. You have alarms going off left and right, whether they should be or shouldn’t be, and some things are more important than others. Our security platforms … actually can enrich our partner platforms with appropriate pieces of information to help you turn those false alarms into a real alarm or just make them go away by providing information. A lot of our integrations are focused on that general problem … helping our customers figure out what events they care about and then helping them to actually take action on the events they do care about.”

Eric Parizo, senior analyst of enterprise security with GlobalData, said overall, Cisco is positioning its enterprise security product portfolio as the industry’s “most integration-friendly.”

“It’s a huge value proposition for Cisco partners, in that it makes multi-product integration easier, especially when Cisco products are at the center of a customer’s security architecture,” he said. “Partners that work with (Cisco) Identity Services Engine should strongly encourage their customers to research and, if appropriate, deploy pxGrid to foster easier, deeper best-of-breed security product integrations, ultimately supporting better security architecture efficacy.”