Splunk CEO To Cisco Partners: ‘We Can Do A Lot Together’ In Security, Observability

Cisco and Splunk executives and partners alike are eagerly awaiting the close of the $28 billion megadeal, which will marry the two companies’ cybersecurity and observability strengths for the creation of a distinctive, AI-powered data platform. 

Cisco CEO Chuck Robbins was joined by Splunk’s CEO Gary Steele onstage at Cisco Partner Summit earlier this month to talk about the impending monster acquisition and what it means for the global channel community. Steele said that once the two companies are combined, there’s “tremendous value” that can be delivered on behalf of partners. 

Steele specifically singled out the opportunities around managed services, professional services, implementation services. 

“One of the things that we wake up and think about every single day is adoption. How do we get our customers to leverage Splunk more fully within their environment? More fully within security and then more broadly, driving digital resilience across [the customers’] broad digital footprint. And partners will play a critical role,” Steele said. “We believe that there’s no way we can deliver all those services, we absolutely need this partner community … All of the partner community represents a critical opportunity for us.”

The value of the Cisco-Splunk combination, said Steele, lies in the combination of Splunk’s cybersecurity and observability expertise coupled with Cisco’s newly released Extended Detection and Response (XDR) capabilities. 

Splunk’s platform already makes up the underpinnings of the security operations centers (SOCs) around the globe, Steele said. 

“That’s what really got me excited when we first started having discussions. I think this puts us in an amazing position in the market, and one where you can confidently win every single day, looking broadly at observability, bringing together the capabilities of AppDynamics with the Splunk observability cloud, helping customers manage this hybrid, multi-cloud environment that is super complicated,” he said. 

Steele, who is set to join Cisco’s executive leadership team after the close of the deal, said that even though the deal isn’t finalized, Cisco partners can begin exploring how Splunk can fit into their portfolios. 

“I have to say I couldn’t be more excited about the opportunity to be part of Cisco, working with [Robbins] and the team. I think there’s a lot we can do. And most importantly, I’m very excited about the opportunity to work with [partners] because one of the things that got me super excited about this opportunity was to leverage the amazing channel that Cisco has built in the broader partner community,” he said. “I think with the combination of our products from a security perspective, as well within the broad observability market, I think we can do a lot together.” 

The two companies expect the acquisition to close by Cisco’s fiscal Q3 2024, but Steele said he is “confident” the deal will close earlier than expected. The 30-day review period for the deal came and went last week without opposition from U.S. antitrust enforcers. 

“The sooner we can get them together as one company, the better for us,” said Steve Wylie, senior vice president and general manager, East Majors, for Trace3. 

Irvine, Calif.-based Trace3, which is both a Cisco and a Splunk partner, is excited about the pending acquisition because the MSP has done plenty of Splunk consulting and deployment work for its clients. Trace3 is a “big believer” in both Cisco and Splunk, Wylie said. 

“When you bring both of them together, it helps close some of that gap from an observability perspective where you’re able to have more visualization of what’s going on across the networks,” he said. “Bringing them together will be a good story.” 

An Improved Security Posture

Cisco and Splunk have been partners for a decade. In fact, Cisco CEO Robbins said that there are a lot of ex-Cisco employees at Splunk and vice versa. 

Robbins told CRN that the combination of Cisco and Splunk will help win over the hearts and minds of customers in the security arena, especially as Cisco pushes its platform approach to security, rather than its historic point product story. 

Cisco’s XDR platform is being injected with more AI and machine learning to help correlate threats more quickly for customers. The goal is to shift away from detection and response and move toward prediction and prevention, Robbins said. 

“And if you think about Splunk’s platform, it’s just massive data platform that has ingested lots of insights from different threat sources, logs [and] events. And I think when you put that together with the XDR platform, which is all utilizing AI, we should be able to give our customers the most rapid insights relative to what’s going on in their security and their infrastructure of anyone,” he told CRN. “I think that’s the big play there.” 

Splunk’s Security Information and Event Management (SIEM) system is complimentary to Cisco XDR offering, said Jeetu Patel, Cisco’s executive vice president and general manager of security and collaboration. 

“You can’t be a credible networking company if you’re not a great security company. You can’t be a great security company if you’re not a great AI company, and you can’t be a great AI company if you’re not a data company. Splunk allows us to be a great data company.” Patel said. 

Most of MSP Driven Technologies’ customers have a SIEM from the likes of Splunk or Microsoft Sentinel. But a SIEM alone isn’t good enough at 2 a.m. when there’s been a ransomware attack. That’s where the value of a Cisco-Splunk combination shines, said Vinu Thomas, CEO of Driven Technologies, a New York City-based MSP and Cisco partner. 

An XDR platform helps MSPs like Driven Technologies take the SIEM’s information to the next level by identifying where the attack started and what is happening. With Cisco XDR, it can also provide action items, Thomas said. 

“Now I can say to the Cisco network: ‘Write an [access control list] ACL preventing this particular thing from happening’ using AI. Then I can correlate it to say: ‘Tell all the endpoints to block this’ so you’re not only just saying that a threat is happening, you’re also effectively preventing the threat from propagating,” he said. “That’s a lot of downtime that saved, a lot of money that saved. We have customers who have said an hour of downtime is $10 million for us. You do the math and that’s what we are able to accomplish.”

Leave a Reply

Your email address will not be published. Required fields are marked *