Cisco has closed the US$2.35 billion deal it made for network identity, authentication security company Duo.
According to the tech giant, Duo’s zero trust security model authorises secure connections to all applications based on the trustworthiness of users and devices.
Duo’s cloud-delivered technology lets IT professionals set and enforce risk-based, adaptive access policies and get enhanced visibility into users’ devices and activities. As more devices come onto the network remotely this issue takes on more importance.
“Outdated devices are particularly vulnerable to being compromised, which can easily spiral into a full-blown, major breach,” wrote Richard Archdeacon, Duo Advisory CISO about a recent Duo study on remote access security.
"Organisations don’t necessarily need to block individuals from using their personal devices, but they do need to re-shape their security models to fit these evolving working practices…If you don’t know what’s connecting to the network, how can you protect data from being compromised?"
Duo in combination with products in Cisco’s portfolio including Umbrella, Stealthwatch, ISE and Tetration will let Cisco to provide an end-to-end Zero Trust Architecture, wrote Gee Rittenhouse, senior vice president of engineering for Cisco’s Security Business Group in a blog about the Duo acquisition.
“Integrating our network, device and cloud security platforms with Duo’s zero trust authentication and access products, Cisco’s security architecture is equipped to address the complex challenges that stem from hybrid and multi-cloud environments in today’s work environment,” Rittenhouse wrote.
A few technical details of the deal include Cisco currently provides on-premises network access control via its Identity Services Engine (ISE) product.
Duo's software as a service-based (SaaS) model will be integrated with Cisco ISE to extend ISE to provide cloud-delivered application access control.
Furthermore, and by verifying user and device trust, Duo will add trusted identity awareness into Cisco's Secure Internet Gateway, Cloud Access Security Broker, Enterprise Mobility Management, and several other cloud-delivered products.
And finally, with Duo’s Unified Endpoint Visibility, customers can see, track and report on all end user devices from a single dashboard. Duo's user and device reports give admins actionable data on user behaviour and risky devices.
Cisco said that integration of its network, device and cloud security platforms with Duo Security’s zero-trust authentication and access products will let customers to quickly secure users to any application on any networked device.
The deal is Cisco’s biggest since its US$3.7-billion buy of performance monitoring software company AppDynamics in 2017, and its largest in the cyber security sector since its US$2.7-billion Sourcefire acquisition in 2013.
Duo, founded in 2009, has about 700 employees working from offices in Michigan, Texas, Detroit, California and London. Cisco said it expects the deal to close in the first quarter of the vendor's fiscal year 2019.
In a similar announcement in early 2018, Duo said it had surpassed US$100 million in recurring revenue. Duo Security was valued at about US$1.17 billion as of its last funding round.
Cisco Security topped US$2 billion in annual revenue for the first time in the 2017 fiscal year, reporting US$2.15 billion in sales out of Cisco’s total of US$48 billion.
Duo CEO and co-founder Dug Song and the Duo team are joining Cisco’s Networking and Security business led by executive vice president and general manager, David Goeckeler.