Cisco Full-Stack Observability draws on channel clout

Cisco's Full-Stack Observability app security tool supports cloud-native resources as of this week -- not an entirely new concept, even within Cisco. But the vendor is counting on its network security track record and fleet of channel partners to appeal to enterprise IT pros that have a plethora of similar tools from which to choose.

The latest version of Cisco's Secure Application software, released this week, is based on its Full-Stack Observability (FSO) platform, launched in June. FSO freshly integrated various Cisco products atop an OpenTelemetry back end, including ThousandEyes Internet Insights and cloud user experience monitoring; Talos threat intelligence data on common vulnerabilities and exposures with AppDynamics end-user experience and business-transaction monitoring; Panoptica data about API security; and Kenna's Risk Meter score distribution.

Cisco previously launched an FSO module called Business Risk Observability (BRO), which generated a business risk score to help DevSecOps teams and business managers prioritize security incident response. As of this week, the Secure Application update integrates BRO's business risk scoring with Cisco's Cloud Native Application Observability product to support resources such as containers, Kubernetes, API dependencies and serverless functions.

"This security model on top of the FSO platform [can] bring in the very same functionality now to full cloud-native [applications]," said Carlos Pereira, Cisco fellow and chief architect in the vendor's strategy, incubation and applications business. "We can [offer] consistency for people that have already been using Business Risk Observability for Java, .NET or Node.js [apps]."

The general notion of combining security and observability data and insights within one product isn't a novel one, including within Cisco's own product portfolio. Two years ago, it began to fold security vulnerability management into AppDynamics with its first release of Secure Application. Even at that time, the product was not first to market -- competitor Dynatrace had added application security features to its Software Intelligence Platform the previous December. Log analytics vendors Splunk, Elastic Inc. and Sumo Logic also already offered security management alongside observability and AIOps tools.

Andy Thurai

Still, the bidirectional integration between AppDynamics and ThousandEyes that underpins BRO and the updated version of Secure Application represents an improvement over previous versions, said Andy Thurai, an analyst at Constellation Research.

"Essentially, instead of ThousandEyes or Cisco users looking just at devices and network components, they will get to see the whole [application dependency] map and what components fit in where, [and] before they want to upgrade, replace or improve on devices they can check to see if any crucial applications will be affected," he said. "If a customer is looking for internet performance information to be embedded into their observability, [Cisco] can win [against competitors]."

The updated Cisco Secure Application can be purchased in three ways, according to a company spokesperson:

• As a module within Cloud Native Application Observability
• As part of Cisco FSO Essentials, Advantage and Premier bundles

• As part of Cisco Enterprise Agreement 3.0, which is included in FSO Suite

Cisco officials declined to specify pricing in response to a TechTarget Editorial inquiry, but "[FSO] pricing is not competitive against smaller cloud-native observability vendors," according to Thurai, who said Cisco should add "clear, somewhat cheaper, consumption-based pricing."

Cisco FSO draws on network giant's influence

Whether FSO, BRO and Secure Application blaze a technical trail in the market might not be the biggest factor in their appeal to enterprise IT pros, said Stephen Elliot, an analyst at IDC.

Stephen Elliot

"Cisco has a pretty large security footprint already. … People know them in the security world," Elliot said. "[It has] also been able to approach the world of security and observability through a group of channel partners that are willing and able to guide customers through this [cloud-native security] journey."

Ultimately, it isn't what Cisco builds atop FSO that will have the greatest effect, but what custom integrations channel partners create to solve specific problems for customers, Elliot said.

This also stands in contrast to the direct sales approach favored by Splunk, the rumored subject of acquisition talks with Cisco last year, which Cisco now faces as an observability and security monitoring competitor, he said.

FSO's launch also comes at a time when maintaining application performance and avoiding headline-making security breaches has become a priority for business leaders following pandemic-spurred digital transformation, according to Elliot.

"CEOs and business leaders realized, 'Hey, this stuff has to work -- if it doesn't, we're not going to make money, our customer experience is not going to be great and customers will go somewhere else,'" he said. "And performance is performance, whether it's a security attack, or a poorly performing network, infrastructure or application stack -- it doesn't matter."

Still, much of what the FSO platform can do has yet to be seen. FSO already underpins the AppDynamics cloud and BRO has been generally available for a few months, but channel partner customizations are still in progress as integrations such as this week's are added. Pereira said that, so far, 50 customers have moved to FSO; overall Cisco has more than 300,000 security customers, according to its website.

Thurai said he sees potential in Cisco's business risk scoring feature.

"It's a pretty cool feature to [take] proactive action [and] triage workflows across AIOps and NetOps that can also be used by incident responders, SecOps and DevOps teams," he said.

Beth Pariseau, senior news writer at TechTarget, is an award-winning veteran of IT journalism. She can be reached at [email protected] or on Twitter @PariseauTT.