Sovereignty is not just an issue that cloud providers have to deal with. Suppliers offering a whole portfolio of on-prem products are also being asked questions about it. That was also the case for Cisco, according to CEO Chuck Robbins. And Cisco says it has listened. The result: Cisco Sovereign Critical Infrastructure. It’s a mouthful, but it’s also a whole portfolio of products for customers with specific sovereignty requirements.
The Cisco Sovereign Critical Infrastructure portfolio does not necessarily consist of new products. That may not be quite what you expected based on the introduction. Today’s announcement is primarily the announcement of a new type of license for parts of the existing (and future) portfolio.
A new license may not sound that interesting, but we think it is. Because Cisco is linking the licenses to completely air-gapped products. This means that the license does its job without products being online or reporting their status. The products themselves in this portfolio are not fundamentally different from the same products in the “regular” part of Cisco’s offering.
During the launch, Cisco promises that products from across the company’s range will be part of Cisco Sovereign Critical Infrastructure. Specifically, Cisco mentions that the offering will include routers, switches, access points, and collaboration products. Cisco refers to these as its own core product lines. Compute is not included. It is not part of the Sovereign Critical Infrastructure offering. So it really is about the basis of the infrastructure.
Europe is important to Cisco
This launch is very important for Cisco. We were briefed on it by CEO Chuck Robbins, CPO and President Jeetu Patel, and President EMEA Gordon Thomson. We have been following Cisco for many years and know that such a delegation is quite rare. Robbins emphasizes the importance of Europe for Cisco and the investments it has already made here, including training many millions of people. Patel goes one step further by saying that no company can be successful on a large scale without being successful in Europe.
Of course, there is the usual American exaggeration in the statements we hear during the session. However, it would be too easy to dismiss it all as theater. There is indeed a great opportunity for Cisco in terms of sovereignty in Europe. It is undeniable that there are increasing questions about external access to infrastructure. And with its long track record in Europe, Cisco is deeply rooted in this continent. So it makes perfect sense that Cisco, of all companies, would come up with something like Cisco Sovereign Critical Infrastructure. It is also working hard to comply with the new European Union Cybersecurity Certification (EUCC).
Cisco Sovereign Critical Infrastructure
As already indicated, Cisco is making today’s announcement because it has understood from customers that there is demand for it. This mainly concerns governments and more regulated sectors such as banking and healthcare.
All products in the Sovereign Critical Infrastructure are intended for on-premises environments and are fully managed and controlled by the customer. They are also completely air-gapped. There is no longer any connection to Cisco. This means that Cisco cannot remotely disable or shut down products.
Thomson also promises several times that the Sovereign Critical Infrastructure products have the same functionality as the same products from the standard portfolio. However, he always adds “at deployment.” In other words, if the customer installs them somewhere, they have the same functionality.
The chance that a product running in isolation somewhere will fall behind, whether temporarily or not, compared to the same product that receives updates three times a month via the cloud is, of course, quite high. In itself, this does not have to be a problem, as long as the device does what it is supposed to do in the environment in which it runs. It becomes more troublesome when, for example, emergency patches need to be installed. However, this can always be rolled out centrally within an organization via its own network, Thomson points out when asked. Of course, someone within the organization must first obtain the patch from somewhere, but that is perfectly workable.
This is just the beginning
If Cisco has its way, today’s announcement is just the beginning of Cisco Sovereign Critical Infrastructure. The intention is to roll it out to more products in the range. That should be quite possible. After all, it is mainly the new license that makes it possible to offer this. It should not be too complicated to make this license available for more products.
Keep in mind that there will undoubtedly be products and platforms that are not eligible for this. Meraki is one such platform. It exists because of its connection to the cloud. Remove that connection, and you’re left with expensive paperweights. However, Cisco has an alternative. Although Catalyst is increasingly being merged with Meraki, it can still be managed entirely on-premises. In view of today’s announcement, it has actually been useful that Cisco was very late with this integration. That now gives it an extra option.
It may also be possible to go a little higher in the stack. Since AI is one of the main drivers for customers such as governments and other regulated sectors to no longer want to be dependent on suppliers outside Europe, Cisco can make an impact there by including an AI POD in this portfolio in the future. Then customers can really make rapid progress towards sovereignty. However, that is not very realistic at the moment, given the many components that are part of such a stack (from different suppliers).
Cisco wants to, but also has to
All in all, Cisco is clearly taking steps today. Of course, it is not doing so because it naturally likes Europe so much. We could even imagine that American companies such as Cisco are driven crazy by all the new laws and regulations coming out of Europe. However, based on today’s announcement, Cisco also recognizes that it must take these steps to remain relevant.
There will undoubtedly be many expansions to data centers in the coming years, especially for AI purposes. Governments want to build AI factories within their own borders, but there will undoubtedly also be more and more local neoclouds (think of Nebul in the Netherlands) that are also strongly committed to sovereignty and issues such as Private AI. They need infrastructure. If Cisco fully delivers on its promises with Cisco Sovereign Critical Infrastructure, it can reap the benefits. This gives customers flexibility and control and allows Cisco to remain relevant in a Europe where sovereignty is becoming increasingly important.