Cisco Transforms Security for the Agentic AI Era, Further Fusing Security into the Network

Cisco is fundamentally reshaping enterprise security for the AI era, announced at Cisco Live. As organizations rapidly adopt AI and threat actors weaponize it for sophisticated attacks, Cisco is integrating robust security capabilities directly into its networking infrastructure. The strategy focuses on implementing zero trust architectures, securing AI applications and models, and deploying AI-powered tools to enhance threat detection and remediation.

Key innovations include solutions for Cisco Hybrid Mesh Firewall and Universal Zero Trust Network Access (ZTNA), designed to simplify policy management, boost visibility, and enable secure scalability without adding complexity. Further Splunk integrations promise to unify data across platforms, automating tasks and accelerating threat response.

"Safety and security are the defining challenges of the AI era," stated Jeetu Patel, Cisco President and Chief Product Officer. "Agentic AI multiplies risk by creating new attack surfaces. Cisco is reimagining network security, AI app protection, identity management, and equipping security teams with the necessary AI tools."

Reimagining Zero Trust: AI-Powered Security Deep in the Network

To combat increasingly complex, AI-driven threats across distributed environments, Cisco is reinforcing zero-trust principles. The Cisco Hybrid Mesh Firewall acts as a distributed security fabric, enabling zero-trust segmentation, AI application protection, and advanced threat defense across data centers and IoT, integrating Cisco and third-party firewalls, Cisco Hypershield, and Cisco Secure Workload. Simultaneously, Universal ZTNA unifies policy management to deliver secure, identity-driven access for all users and devices, including unmanaged and IoT, regardless of location.

Together, these solutions secure all user-to-application and back-end interactions, streamline management via Cisco’s Security Cloud Control, and provide AI-driven insights for enhanced observability, enabling organizations to scale securely amidst dynamic threats.

New Hardware and Unified Policy Management

Cisco's Hybrid Mesh Firewall is expanding with significant hardware and policy management enhancements:

• Cisco Secure Firewall 6100 Series: Delivers industry-leading performance density (200 Gbps per rack unit) for AI-ready data centers, offering modular scalability and addressing complexity challenges.
  
  
• Cisco Secure Firewall 200 Series: Provides advanced on-box threat inspection and integrated SD-WAN for distributed branches, boasting up to 3x price-performance.
  
  
• Expanded Enforcement Points: Cisco Security Cloud Control will extend unified policy management to Next-Generation Firewalls (NGFW) on Cisco Catalyst SD-WAN, Cisco Hypershield-ready C9000 Smart Switches, and Cisco’s Application Centric Infrastructure (ACI) data center fabrics.
  
  
• Multi-Vendor Segmentation Policy (Mesh Policy Engine): This innovation within Cisco Security Cloud Control allows teams to define a single, intent-based policy enforced across both Cisco and third-party firewalls, simplifying operations and enabling flexible enforcement point changes.

These advancements underscore Cisco's commitment to empowering IT and security teams with robust, integrated, and AI-powered defenses to counter the evolving threats of the AI era.

Cisco’s Universal ZTNA will also bring customers new innovations that simplify secure connectivity and enhance visibility across hybrid environments and AI agents.

• Secure Access Service Edge (SASE) Simplified: All Cisco SD-WAN offerings, including Meraki, now integrate with Cisco Secure Access. This enables customers to choose the optimal branch connectivity while still enjoying a unified security service edge (SSE) policy and consistent enforcement. 
  
  
• Frictionless Phishing Resistance: With the launch of Duo Identity and Access

Management (IAM), Duo now acts as an identity broker. With a new complete passwordless option and unique proximity verification capability, Duo layers end-to-end phishing resistance—without clunky hardware tokens—on top of existing identity infrastructure.

Enabling Agentic AI Securely: The emergence of agentic AI is revolutionizing workplaces while introducing critical security and safety challenges. These AI agents autonomously access enterprise resources, make decisions, and act on behalf of users, necessitating robust safeguards. To tackle these pressing issues, Cisco is advancing its Universal Zero Trust architecture to:

• Secure agentic identities
• Enable seamless zero-trust access to enterprise resources
• Provide comprehensive tracking of agent actions

Cisco’s vision integrates cutting-edge capabilities, including automated agent discovery, delegated authorization, secure zero trust agentic access, and native support for the Model Context Protocol (MCP).

This approach is powered by Cisco Duo IAM, Cisco Identity Intelligence, Cisco Secure Access, and Cisco AI Defense, unified under a single policy framework in Security Cloud Control. By leveraging these innovations, enterprises can confidently adopt agentic AI, ensuring unparalleled safety and security while maximizing their Cisco Security investments.

"The AI era demands a transformative approach to security. Organizations need distributed, identity-based, zero trust protection for applications, users, AI models and agents, supported by a unified policy framework," said John Grady, Principal Analyst, Enterprise Strategy Group. "Cisco is in a very unique position to support this with its ability to embed advanced protections directly into the network through innovations like Hybrid Mesh Firewall and Universal Zero Trust Network Access, which safeguard AI models and applications, manage identity, and simplify policy management across distributed environments."

"As AI continues to evolve at an unprecedented pace and new cybersecurity challenges emerge, it's even more important to fuse security into the very fabric of the network," said Chris Konrad, Vice President, Global Cyber, World Wide Technology. “Cisco is redefining security for the AI era with its latest innovations from Hybrid Mesh Firewall to Universal Zero Trust Network Access. This integrated approach will help our customers to prepare for an AI-driven future and achieve better outcomes, by protecting AI models and applications, managing identity, and providing essential tools to combat increasingly complex threats.”

Splunk Integrations Unlock New Threat Detection, Investigation, and Response Capabilities  As security challenges become more complex, organizations need integrated solutions that enhance visibility, accelerate detection, and streamline response. Advancements between Cisco and Splunk strengthen interoperability across key security workflows. By unifying and enriching data across platforms, these enhancements help security teams respond faster, reduce manual effort, and extract greater value from their security operations. This expanded functionality includes:

•   Surface Insights from Cisco Secure Firewall integrated with Splunk: Customers using Cisco Secure Firewall will be able to unlock deeper threat insights within Splunk by ingesting firewall log data. This enables advanced detections and helps security teams maximize the value of their Cisco and Splunk investments.

•   Expanded Threat Detection, Investigation and Response (TDIR) Coverage with Enhanced Detection Integration with Cisco Secure Firewall Threat Defense: The Cisco

Security Cloud App for Splunk now delivers deeper support for Cisco Secure Firewall Threat Defense (FTD), enabling enriched correlation and detection content aligned to TDIR workflows. Combined with telemetry from Cisco AI Defense, Cisco XDR, Cisco Multicloud Defense, Cisco Talos, and other sources, Splunk accelerates detection use cases across hybrid environments.

•   Streamlined TDIR with Security Orchestration, Automation and Response (SOAR) integrations for Cisco Secure Firewall: Expanded SOAR integrations now include Cisco Secure Firewall-specific actions to support containment and response within TDIR workflows. This is in addition to the currently available Cisco Talos Threat Intel integration. Playbooks can automatically isolate hosts, block outbound connections, and apply policy controls, reducing manual effort and accelerating resolution.

•  Connected Application Risk Signals from Splunk AppDynamics: By forwarding Secure Application events into Splunk, security teams gain visibility into application-layer vulnerabilities and threats, helping to contextualize findings within broader business risk.