Cisco reimagines security for data centres and clouds

Cisco has unveiled a radically new approach to securing data centers and clouds in response to the increasing demands the AI revolution has put on IT infrastructure.

  • Monday, 22nd April 2024 Posted 7 months ago in by Phil Alsop

Cisco is rearchitecting how we harness and protect AI and other modern workloads with industry-first, Cisco Hypershield. With this unprecedented innovation, Cisco is tipping the scales in favor of defenders, building on its recent announcements to accelerate AI infrastructure with Cisco's ethernet switching, silicon and compute portfolio

"Cisco Hypershield is one of the most significant security innovations in our history," said Chuck Robbins, Cisco Chair and CEO. "With our data advantage and strength in security, infrastructure and observability platforms, Cisco is uniquely positioned to help our customers harness the power of AI."

Hypershield is a revolutionary new security architecture. It's built with technology originally developed for hyperscale public clouds and is now available for enterprise IT teams of all sizes. More a fabric than a fence, Hypershield enables security enforcement to be placed everywhere it needs to be. Every application service in the datacenter. Every Kubernetes cluster in the public cloud. Every container and virtual machine (VM). It can even turn every network port into a high-performance security enforcement point, bringing completely new security capabilities not just to clouds, but to the data center, on a factory floor, or a hospital imaging room. This new technology blocks application exploits in minutes and stops lateral movement in its tracks.

"AI has the potential to empower the world's 8 billion people to have the same impact as 80 billion. With this abundance, we must reimagine the role of the data center – how data centers are connected, secured, operated and scaled," said Jeetu Patel, Executive Vice President and General Manager for Security and Collaboration at Cisco. "The power of Cisco Hypershield is that it can put security anywhere you need it – in software, in a server, or in the future even in a network switch. When you have a distributed system that could include hundreds of thousands of enforcement points, simplified management is mission critical. And we need to be orders-of-magnitude more autonomous, at an orders-of-magnitude lower cost."

Security enforcement with Hypershield happens at three different layers: in software, in virtual machines, and in network and compute servers and appliances, leveraging the same powerful hardware accelerators that are used extensively in high-performance computing and hyperscale public clouds.

Hypershield was built on three key pillars:

• AI-Native: Built and designed from the start to be autonomous and predictive, Hypershield manages itself once it earns trust, making a hyper-distributed approach at scale possible.

• Cloud-Native: Hypershield is built on open source eBPF, the default mechanism for connecting and protecting cloud-native workloads in the hyperscale cloud. Cisco acquired the leading provider of eBPF for enterprises, Isovalent, earlier this month.

• Hyper-Distributed: Cisco is completely reimagining how traditional network security works by embedding advanced security controls into servers and the network fabric itself. Hypershield spans all clouds and leverages hardware acceleration like Data Processing Units (DPU) to analyze and respond to anomalies in application and network behavior. It shifts security closer to the workloads that need protection.

Cisco, with its industry-leading expertise in networking, security and extensive partner ecosystem, together with NVIDIA, is committed to building and optimizing AI-native security solutions to protect and scale the data centers of tomorrow. This collaboration includes leveraging the NVIDIA Morpheus cybersecurity AI framework for accelerated network anomaly detection, as well as NVIDIA NIM microservices for powering custom security AI assistants for the enterprise. NVIDIA's class of converged accelerators combine the power of GPU and DPU computing, to augment Cisco Hypershield with robust security from cloud to edge.

"Enterprises across all industries are seeking the security that can protect them against ever expanding cyber threats," said Kevin Deierling, Senior Vice President of Networking at NVIDIA. "Together, Cisco and NVIDIA are leveraging the power of AI to deliver powerful, incredibly secure data center infrastructure that will enable enterprises to transform their businesses and benefit customers everywhere."

As a revolutionary new security architecture, Hypershield is solving three key customer challenges in defending against today's sophisticated threat landscape:

• Distributed Exploit Protection: Attackers are adept at weaponizing newly published vulnerabilities faster than defenders can patch. With defenders seeing nearly 100 new vulnerabilities every day, according to Cisco Talos Threat Intelligence, this can lead to catastrophic results. Hypershield delivers protection in minutes by automatically testing and deploying compensating controls into the distributed fabric of enforcement points.

• Autonomous Segmentation: Once an attacker is in the network, segmentation is key to stopping their lateral movement. Hypershield perpetually observes, auto-reasons and re-evaluates existing policies to autonomously segment the network, solving this in large and complex environments.

• Self-qualifying Upgrades: Hypershield automates the incredibly laborious and time-consuming process of testing and deploying upgrades once they are ready, leveraging a dual data plane. This completely new software architecture allows software upgrades and policy changes to be placed in a digital twin that tests updates using the customer's unique combination of traffic, policies and features, then applying those updates with zero downtime.

Built into the Security Cloud, Cisco's unified, AI-driven, cross-domain security platform, Cisco Hypershield is expected to be Generally Available in August 2024. With Cisco's recent acquisition of Splunk, customers will gain unparalleled visibility and insights across their entire digital footprint for unprecedented security protection.

"AI is not just a force for good but also a tool used for nefarious purposes, allowing hackers to reverse engineer patches and create exploits in record time. Cisco looks to address an AI enabled problem with an AI solution as Cisco Hypershield aims to tip the scales back in favor of the defender by shielding new vulnerabilities against exploit in minutes - rather than the days, weeks or even months as we wait for patches to actually get deployed," said Frank Dickson, Group Vice President, Security & Trust at IDC. "With the number of vulnerabilities ever increasing and the time for attackers to exploit them at scale ever decreasing, it's clear that patching alone can't keep up. Tools like Hypershield are necessary to combat an increasingly clever malicious cyber adversary."

"Cisco Hypershield takes aim at the complex security challenges of modern, AI-scale data centers. Cisco's vision of a self-managing fabric that seamlessly integrates from the network to the endpoint will help redefine what's possible for security at scale," said Zeus Kerravala, Founder and Principal Analyst of ZK Research. "For instance, this level of visibility and control across a hyper-distributed environment prevents lateral movement of attackers, enabled through a unique approach to segmentation that's autonomous and highly effective. While this may seem fantastical, the time is right given recent AI advances combined with the maturity of cloud-native technologies like eBPF."

"At AHEAD we believe cybersecurity should be integrated into everything we do. Bolted-on security is more expensive and less effective," said Steven Aiello, Field Chief Information Security Officer at AHEAD. "Cisco Hypershield ensures that cyber protections are included into the fabric of the enterprise. Distributed Exploit Protection will be a massive win for blue teams - legacy synthetic patching was primarily limited to edge devices, allowing lateral movement once an attacker breached the perimeter. It's a great day for cyber-defenders!"

Guardz expands in EMEA

Posted 4 days ago by Phil Alsop
Through a new partnership with Infinigate Cloud, Guardz will help to secure SMBs and support the MSP community across EMEA.
Data centre operators can now achieve the unparalleled speeds needed for the most demanding Artificial Intelligence (AI) applications, thanks to a...

Dell Technologies boosts AI for enterprises

Posted 4 days ago by Phil Alsop
Dell Technologies continues to make enterprise AI adoption easier with the Dell AI Factory, expanding the world’s broadest AI solutions portfolio....

AMD accelerates Exascale Computing

Posted 4 days ago by Phil Alsop
El Capitan, powered by the AMD Instinct MI300A APU, becomes the second AMD supercomputer to surpass the Exascale barrier, placing #1 on the Top500...
Global system integrator won over by simplicity, security and speed of the Cloudbrink service.
The Seeq platform will be leveraged to maximize production and increase energy efficiency across the largest biorefinery in Europe.
This global service forms part of the recently launched Intelligent Security portfolio and increases Logicalis' proactive threat-hunting capabilities...

Pure Storage invests in CoreWeave

Posted 6 days ago by Phil Alsop
Pure Storage and CoreWeave have announced Pure Storage’s strategic investment in CoreWeave to accelerate AI cloud services innovation. Alongside...