How is Cisco Defending Data Centres from AI Agents?

Cisco is shifting its cybersecurity strategy to meet the changing demands of AI, placing emphasis on new data centre firewalls and security tools designed to counter threats from autonomous systems and AI-powered attacks.

At Cisco Live in San Diego, the company detailed a revised approach that sees identity-based security measures baked directly into its networking products. 

The update marks a move away from legacy perimeter defences and towards more adaptable architectures capable of handling AI systems that make decisions and take action without human involvement.

“Safety and security are the defining challenges of the AI era — and agentic AI multiplies the risk, as every new agent is both a force multiplier and a fresh attack surface,” says Jeetu Patel, President and Chief Product Officer at Cisco.

Hardware designed for AI-era data centres

The centrepiece of Cisco’s plan is a hardware refresh aimed at improving how data centres secure environments with high volumes of automated processes. 

Two new additions to its Secure Firewall range are being introduced to target specific scenarios in the modern enterprise.

For data centres handling AI workloads, Cisco unveils the Secure Firewall 6100 Series, which it claims can deliver 200 Gbps performance density per rack unit. 

That figure is aimed at addressing scalability and operational complexity in high-performance computing. These systems are becoming increasingly common in data centre environments supporting Gen AI and real-time analytics.

At the other end of the deployment spectrum, the Secure Firewall 200 Series is developed for distributed branch offices, combining built-in threat inspection with software-defined wide area networking (SD-WAN). Cisco says this option can offer up to three times the price-performance ratio when compared to other products on the market.

Both firewall series feed into Cisco’s broader management layer through the Security Cloud Control platform. This allows enterprises to apply consistent policy across data centre infrastructure, SD-WAN and switching layers. 

The aim is to simplify how network operators manage access, monitor activity and enforce security rules across hybrid environments that span cloud and on-premises workloads.

Meeting the threat of autonomous agents

One of the main drivers for Cisco’s architectural rethink is the growth of agentic AI – autonomous systems capable of taking decisions and accessing networks without constant oversight. These AI agents offer productivity gains but also increase the number of entry points attackers can exploit.

Cisco’s answer is a framework known as Universal Zero Trust Network Access. 

It delivers identity-driven access control across both human users and autonomous agents. According to the company, it uses built-in agent discovery, delegated permissions and real-time visibility into agent activity using something Cisco calls native support for the Model Context Protocol.

This kind of protocol is designed to provide information about what an AI model is doing and why, helping administrators understand and audit behaviour. Cisco is positioning this as critical for both compliance and security assurance as AI takes on more independent tasks.

“The AI era demands a transformative approach to security. Organisations need distributed, identity-based, zero trust protection for applications, users, AI models and agents, supported by a unified policy framework,” says John Grady, Principal Analyst at Enterprise Strategy Group.

Splunk deepens integration for automated threat response

A major enabler of Cisco’s more advanced detection and automation capabilities is Splunk, the data analytics platform it acquired in early 2024. 

By integrating Splunk into its security ecosystem, Cisco has enhanced visibility into network traffic and threat patterns, allowing for quicker response to attacks.

Security orchestration, automation and response (SOAR) features now include specific actions linked to Cisco Secure Firewalls. These include automated host isolation and connection blocking, which reduce the time between detection and mitigation.

Chris Konrad, Vice President of Global Cyber at World Wide Technology, says integration is key to adapting to AI’s impact on cybersecurity: “As AI continues to evolve at an unprecedented pace and new cybersecurity challenges emerge, it's even more important to fuse security into the very fabric of the network.”

With traditional perimeters no longer sufficient and autonomous systems opening new attack surfaces, Cisco is placing its bets on identity-based architecture, AI-aware firewalls and cloud-integrated policy management tools to help data centres respond to emerging threats.

“Safety and security are the defining challenges of the AI era — and agentic AI multiplies the risk, as every new agent is both a force multiplier and a fresh attack surface.”