3 min Security

‘AI-native’ Cisco Security Cloud Control simplifies security management

‘AI-native’ Cisco Security Cloud Control simplifies security management

At Cisco Live 2024 in Las Vegas, Cisco is expanding on its own security vision. Additions to Hypershield, new firewalls and management layer Security Cloud Control count as key points.

Cisco explains that management of its own Security Cloud will be centralized. That won’t happen overnight, as only the network security fabric will be up first. As an “AI-native” solution, Cisco Security Cloud Control generates insights proactively and hybrid environments are provided with automatic solutions to problems where possible. Initially, Security Cloud Control will launch in September with support for Secure Firewall Threat Defense, Secure Firewall ASA, Multicloud Defense and Hypershield.

Hypershield: hardware acceleration

In April, Cisco released Cisco Hypershield, which CEO Chuck Robbins described as “one of the most significant security innovations in our [Cisco’s, ed.] history.” The project aims to expose the security challenges of segmentation, patching and upgrades.

Read our comprehensive story on Hypershield here: Cisco Hypershield: new security architecture protects against new (and old) problems

Ideally, this runs on hardware specifically designed to handle mountains of data as quickly as possible. Now Cisco is announcing that it will offer Hypershield support via AMD Pensando DPUs (Data Processing Units) in Cisco UCS servers later this year. Intel’s IPUs (infrastructure processing units) will follow at a later date.

PXL_20240604_162602436.MP_

New firewall

On the hardware front, there is more news from Cisco. The Firewall 1200 series will be released in October 2024 and is considered a new family of appliances with support for SD-WAN. It eliminates the need for separate appliances for switches, routers and firewalls at branch locations of large enterprises. These physical firewalls and virtual equivalents will also have support for version 7.6 of Firewall Threat Defense (FTD). Again, this includes AI, which is deployed to deal with zero-day threats. Also included is support for 70 GenAI apps that manage sensitive data and for which access can be managed via FTD.

Further integration with Splunk

Cisco cites that it has an unparalleled comprehensive view into customers’ IT environments. It wants to leverage that, and it does so through data access. Splunk, bought for Cisco for $28 billion, was already integrated with Cisco’s XDR platform through its own Enterprise Security. Now the two parties are extending that integration through a new Cisco Security Cloud Technology Add-on (TA) for Splunk. The company describes it as a simple, reliable way to get a large amount of telemetry and analytics inside Splunk.

Tip: Cisco closes acquisition of Splunk

Cisco XDR itself is likewise more capable than ever. This is thanks to native integration of Cisco XDR with Cisco Meraki MX appliances. This allows network telemetry to be analyzed even from highly distributed organizations to detect threats.