Cisco: “AI is changing everything” – including security

Cisco has announced a number of updates across its security portfolio, saying that security has to be reimagined for the age of AI.

“AI is changing everything,” said Jeetu Patel, executive vice president and general manager for security and collaboration at Cisco. Patel noted that Cisco’s security division has delivered more innovation in the past year than in the previous decade combined – and that this year will see multiples of what was delivered in the previous 12 months.

He said that, as adversaries are weaponizing AI, enterprises need to rethink security which has to be done at the machine level rather than by humans.

For example, while vulnerabilities are exploited rapidly by attackers, those flaws are often not patches for somewhere between 22 and 49 days, he said. Natively building AI into core defenses is part of the fix, as well as end-to-end visibility across networks.

In April 2024, Cisco announced Cisco Hypershield, a new security architecture designed to defend modern, AI-scale data centers. Hypershield embeds security enforcement in virtual machines or Kubernetes clusters in public clouds.

It can also insert security enforcement into advanced silicon in servers and networking devices such as switches. Autonomous segregation, distributed exploit protection, and self-qualified updates, all enabled by Hypershield, is the key to fixing the challenges enterprises face, he said.

“It’s the first version of something completely new,” Patel said.

At the Cisco Live in Las Vegas, the networking giant announced Hypershield support for AMD Pensando DPUs. Cisco also said support for Intel infrastructure processing units (IPUs) will be coming, too. Hypershield will be available in August, the company confirmed.

The networking giant also introduced the Cisco Firewall 1200 series, a new family of SD-WAN enabled, high-performing, compact firewall security appliances. This eliminates the need to have multiple appliances for switches, routers, and firewalls at enterprise branch locations, Cisco said.

The first models are expected to be available in October.

Cisco also introduced Cisco Security Cloud Control to unify management for the Cisco Security Cloud, beginning with its network security fabric, including Cisco Secure Firewall. This allows companies to define policies and apply them across a range of devices.

“This is a very modern way of going out and managing your security infrastructure,” he said.

Cisco unveils new security add-ons for Splunk

The company also unveiled a new Security Cloud Technology Add-on for Splunk as a way to get a broad range of telemetry and analytics into Splunk. Cisco Duo and Secure Malware Analytics are available now, with additional sources to be added in the coming months, the company said.

In terms of network monitoring, Cisco has extended the capabilities of its ThousandEyes monitoring software to spot problems across domains for both owned and unowned environments like the cloud.

The networking giant said ThousandEyes Cloud Insights extends end-to-end visibility deep into public cloud environments by providing topological mapping of its customers’ AWS environments.

This includes service connectivity, configuration changes, and traffic characteristics, enabling cloud operations teams to identify and resolve their most challenging issues even if they are not occurring on their own networks.

ThousandEyes Traffic Insights extends ThousandEyes visibility deeper into on-premises networks by collecting and correlating traffic flows with its synthetics measurements. This enables customers to rapidly detect performance issues and pinpoint them to real traffic bottlenecks and anomalies within their networks.

Cisco also said its ThousandEyes Endpoint Experience has added Meraki Wi-Fi and Local Area Network (LAN) telemetry and device information to give customers to gain deeper insight into local network issues impacting user experience.