 
Tech company Cisco has released improvements to help enterprises improve security for the AI era, fusing security capabilities deeper into its networking infrastructure, helping companies implement zero trust architectures, innovating on security for AI apps and models, and delivering breakthrough AI tools that improve threat detection and remediation.
Key advancements announced at Cisco Live include solutions for Hybrid Mesh Firewall and Universal Zero Trust Network Access (ZTNA) that simplify policy management, improve visibility, and enable enterprises to scale securely without adding complexity to their security stack. In addition, Cisco announced further Splunk integrations that unify data across platforms, helping security teams automate tasks and respond faster to threats.
“Safety and security are the defining challenges of the AI era, and agentic AI multiplies the risk, as every new agent is both a force multiplier and a fresh attack surface,” said Cisco President and Chief Product Officer Jeetu Patel. “At the same time, threat actors are already leveraging AI tools to launch more sophisticated attacks than ever.”
Robust network security has never been more critical, as enterprises navigate increasingly complex environments characterised by a growing number of applications, a highly-distributed and mobile workforce, and sophisticated AI-driven threats.
Adopting a zero-trust security approach, including continuously verifying users, applications, and soon AI agents, is critical to preventing the lateral movement of threats across hybrid environments. Cisco is addressing these challenges with innovative solutions for AI-ready data centers and campus networks centered on the Cisco Hybrid Mesh Firewall and Universal ZTNA.
Cisco Hybrid Mesh Firewall and Universal ZTNA work together to deliver a robust zero-trust security framework that integrates into the network. For zero-trust segmentation, AI application protection and advanced threat protection across diverse environments, including data centres and IoT, Cisco Hybrid Mesh Firewall offers a distributed security fabric. This fabric includes Cisco and third-party firewalls, Cisco Hypershield and Cisco Secure Workload. For secure, identity-driven access for users and devices, regardless of location, Universal ZTNA unifies policy management and extends zero trust principles even to unmanaged devices and IoT.
Together, these solutions secure user-to-application connections and back-end interactions, simplify management through Cisco’s Security Cloud Control, and bolster observability with AI driven insights, allowing organisations to scale securely and protect their digital assets in a complex threat landscape.
Cisco’s Hybrid Mesh Firewall is adding hardware as well as new enforcement points and policy management capabilities in Security Cloud Control with its latest innovations:
- Cisco Secure Firewall 6100 Series: Addresses complexity, cost, and scalability challenges in AI-ready data centres with the highest performance density for data centre firewalling – 200 Gbps per rack unit and modular scalability.
- Cisco Secure Firewall 200 Series: Delivers advanced on-box threat inspection and integrated software-defined wide area network (SD-WAN) for distributed branches at up to 3x price-performance compared to competition.
- Expanded enforcement points: Cisco Security Cloud Control will extend unified policy management to next generation firewall (NGFW) on Cisco Catalyst SD-WAN (including on the new Cisco 8000 Secure Router Series), Cisco Hypershield-ready C9000 Smart Switches, and Cisco’s Application Centric Infrastructure (ACI) data center fabrics.
- Multi-vendor segmentation policy: Cisco Security Cloud Control introduces Mesh Policy
- Engine, enabling teams to define a single intent-based policy that is enforced across Cisco and third-party firewalls. Not only does this simplify day-to-day operations, it also enables organisations to change enforcement points without re-writing policy.
- Secure access service edge (SASE) simplified: All Cisco SD-WAN offerings, including Meraki, now integrate with Cisco Secure Access. This enables customers to choose the optimal branch connectivity while still enjoying a unified security service edge (SSE) policy and consistent enforcement.
- Frictionless phishing resistance: With the launch of Duo Identity and Access Management (IAM), Duo now acts as an identity broker with a new complete passwordless option and unique proximity verification capability, Duo layers end-to-end phishing resistance without clunky hardware tokens on top of existing identity infrastructure.
- Enabling agentic AI securely: The emergence of agentic AI is revolutionising workplaces while introducing critical security and safety challenges. These AI agents autonomously access enterprise resources, make decisions, and act on behalf of users, necessitating robust safeguards. To tackle these pressing issues, Cisco is advancing its Universal Zero Trust architecture to secure agentic identities, allow zero-trust access to enterprise resources, and provide comprehensive tracking of agent actions.
Cisco’s vision integrates cutting-edge capabilities, including automated agent discovery, delegated authorisation, secure zero trust agentic access, and native support for the Model Context Protocol (MCP).
This approach is powered by Cisco Duo IAM, Cisco Identity Intelligence, Cisco Secure Access, and Cisco AI Defense, unified under a single policy framework in Security Cloud Control. By leveraging these innovations, enterprises can confidently adopt agentic AI, ensuring safety and security while maximising their Cisco Security investments.
As security challenges become more complex, organisations need integrated solutions that enhance visibility, accelerate detection, and streamline response. Advancements between Cisco and Splunk strengthen interoperability across key security workflows. By unifying and enriching data across platforms, these enhancements help security teams respond faster, reduce manual effort, and extract greater value from their security operations. This expanded functionality includes:
- Surface insights from Cisco Secure Firewall integrated with Splunk: Customers using Cisco Secure Firewall will be able to unlock deeper threat insights within Splunk by ingesting firewall log data. This enables advanced detections and helps security teams maximise the value of their Cisco and Splunk investments.
- Expanded threat detection, investigation and response (TDIR) coverage with better detection integration with Cisco Secure Firewall Threat Defense: The Cisco Security Cloud App for Splunk now delivers deeper support for Cisco Secure Firewall Threat Defense (FTD), enabling enriched correlation and detection content aligned to TDIR workflows. Combined with telemetry from Cisco AI Defense, Cisco XDR, Cisco Multicloud Defense, Cisco Talos, and other sources, Splunk accelerates detection use cases across hybrid environments.
- Streamlined TDIR with security orchestration, automation and response (SOAR) integrations for Cisco Secure Firewall: Expanded SOAR integrations now include Cisco Secure Firewall-specific actions to support containment and response within TDIR workflows. This is in addition to the currently available Cisco Talos Threat Intel integration. Playbooks can automatically isolate hosts, block outbound connections, and apply policy controls, reducing manual effort and accelerating resolution.
- Connected application risk signals from Splunk AppDynamics: By forwarding Secure Application events into Splunk, security teams gain visibility into application-layer vulnerabilities and threats, helping to contextualise findings within broader business risk.
 
 
 
 
 


















