Cisco Integrates AI and Security in Newest Cloud-Based Data Center Offering

Cisco is harmoniously merging AI’s cognition with cloud’s muscle-power to construct a mechanism dedicated to provide proactive safety measures for distributed applications, devices and data situated over diverse public and private data centres and clouds.

This advanced blueprint, christened as Hypershield, is a composite of AI-dominated software, virtual platforms, and several other technological entities aimed to be integrated into the central networking units like switches, routers or servers. It pledges to facilitate organisations to separately segment their networks when encountered with threats, attain swift exploit safeguard without the need to correct or restructure firewalls, and voluntarily upgrade software without intervening the computing resources, informs Tom Gillis, senior vice president and general manager of Cisco Security.

Hypershield incorporates a self-controlling fabric that situates safety measures exactly where required – a network unit, a server, a workload, or a virtual mechanism, Gillis elucidates. He metaphorically explains it as a security fabric enveloping the entire environment instead of a barrier obstructing a particular feature of it.

At the heart of Hypershield lies a cloud-native AI device, set to be launched in August, that operates on a central host console. In-built delegates in various enterprise components, such as VMs, Kubernetes clusters, firewalls, load balancers and network components, give consistent feedbacks on the application and network statuses.

Cisco has plans to incorporate Hypershield into DPUs, GPUs, network routers and switches in the future, according to Ellis. The company is also improving its network anomaly detection capabilities by leveraging the Nvidia Morpheus cybersecurity AI framework, while employing Nvidia NIM microservices to develop bespoke security AI assistants for businesses, stated Gillis.

Hypershield, once implemented, establishes a dual dataplane, effectively creating a mirror image of the production environment, explained Craig Connors, Vice President and CTO of Cisco Security Business Group. In a blog post, he shared more details about the features of Hypershield.

As part of this functionality, Connors stated that the dataplane supports two paths for data: a primary and a secondary. Information is duplicated between the two, and software updates are initially applied to the secondary dataplane prior to being fully verified, after which the roles of the two dataplanes are switched. The same process occurs for new security policies as well.

Connors added that this mechanism allows for software upgrades and policy modifications to be implemented in a digital twin. This setting tests the updates based on a distinctive mix of the client’s traffic, guidelines, and features, and then integrates those updates with no downtime.

Hypershield, underpinned by the extended Berkeley packet filter (eBPF) connectivity technology, is a product of Cisco’s recent acquisition of the open-source, cloud-native networking and security enterprise, Isovalent. The acquisition details can be found on this page.

The eBPF is an open-source Linux OS kernel technology that enables operations to run securely within an OS kernel’s sandbox. It facilitates the quick and easy integration of security, observability, and networking features by its users without the need for modifications to the kernel source code, network overlays, or other complex programming tasks.

Furthermore, eBPF serves as a foundation for Isovalent’s widely acknowledged open-source, cloud-based software packages, Cilium, and Tetragon. Cilium utilizes eBPF for networking, security, and observability of containerized Kubernetes workloads. In contrast, Tetragon enables users to establish security policies using eBPF. Both services are components of Hypershield, according to Gillis.

Ellis stated that Hypershield was crafted to be self-upgradable and up-to-date. Due to the distributed architecture, the eBPF agents involved in telemetry also function as enforcement points. The system uses a patent-pending design to extend the continuous update CI/CD model of the cloud to premises-based systems, whether at the network, workload, file, or process level.

Organizations can now detect and respond to threats more effectively as compensating controls are tested and deployed automatically into the distributed fabric of enforcement points, according to Gillis.

Gillis further explained that Hypershield is designed to perpetually observe and reevaluate existing policies in order to autonomously segment the network. This feature proves particularly beneficial in large and complex environments where segmentation can be a cumbersome task, Ellis noted. Users can progressively increase the autonomy of the system based on their comfort level. “The ability to do this in such a remarkable, almost magical way is because Hypershield was built with an AI management approach,” Gillis stated.

Industry observers believe enterprise organizations will find great value in Hypershield as it allows them to leverage AI in swiftly combating hackers and other potential threats.

Frank Dickson, Group Vice President of Security & Trust at research firm IDC, praised the product, saying, “The time to value is extraordinary. There’s no need for hardware purchases as it can be installed and enabled using the existing infrastructure.”

“For those that believe in security in depth, it is a net new approach to security. It moves security from the core to edge, essentially to be integrated into the fabric of the network,” Dickson said. “It creates a scale advantage by enabling the compute embedded in edge devices to be applied to securing our IT infrastructure.”

The security landscape is intensely competitive, with many formidable competitors, Dickson said.

“Cisco is certainly one of those competitors. To be fair though, Cisco has not led the thought leadership or innovation in the industry over the recent past; that is changing,” Dickson said. “Hypershield is an example of how Cisco is changing the narrative. Competitors will respond, but you have to credit Cisco with first mover advantage. Hypershield is net new and a significant step in improving security,” Dickson said.

Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Article

Enjoy a $10 Discount on Preorders for Luigi's Mansion 2 HD

Next Article

The Issue of Doxing within the Trump Jury

Related Posts