Cisco has revealed a completely new method for protecting clouds and data centers in response to the growing demands that the AI revolution has placed on IT infrastructure. With the introduction of Cisco Hypershield, Cisco is rethinking how we leverage and safeguard AI and other contemporary workloads. Anywhere that clients require it – public and private data centers, clouds, and physical locations – Cisco Hypershield would safeguard appliances, applications, and data.
With Cisco Hypershield’s AI-first design and construction, enterprises may attain security results that have hitherto been unattainable with human labor alone, according to Cisco itself.
Originally designed for use with hyperscale public clouds, Cisco’s Hypershield new security architecture is now accessible to enterprise IT teams of all sizes. Hypershield, which is more like a fabric than a fence, would make it possible to position security enforcement wherever it is required. Every data center application service. Every public cloud-based Kubernetes cluster. Each virtual machine and container (VM). It can even transform any network port into a high-performance security enforcement point, adding entirely new security features to cloud computing, data centers, factory floors, and medical imaging rooms, among other places. This “revolutionary” technology would halt lateral movement in its tracks and disable application exploitation in a matter of minutes.
“Cisco Hypershield is one of the most significant security innovations in our history,” said Chuck Robbins, CEO and Chair of Cisco. “With our data advantage and strength in security, infrastructure and observability platforms, Cisco is uniquely positioned to help our customers harness the power of AI.”
Using the same hardware accelerators that are widely utilized in high-performance computing (HPC) and hyperscale public clouds, Hypershield enforces security at three different layers: in software, virtual machines, and network and compute servers and appliances.
“With the help of AI, the 8 billion individuals on the planet may have the same influence as 80 billion. The function of the data center – how it is linked, secured, run, and scaled – must be rethought in light of this abundance,” said Cisco Executive Vice President and General Manager for Security and Collaboration, Jeetu Patel. “Cisco Hypershield’s strength lies in its ability to provide protection to any application, server, or network switch in the future. Simplified management is essential when operating a distributed system with hundreds of thousands of enforcement points. Additionally, we must achieve orders-of-magnitude cost savings while increasing our level of autonomy.”
Hypershield was constructed on the basis of three primary pillars:
- AI-Native – Hypershield was created from the ground up to be autonomous and predictive. After gaining confidence, it takes care of itself, enabling a hyper-distributed strategy at scale.
- Cloud-Native – Hypershield is based on the open-source eBPF, which is the hyperscale cloud’s default method of connecting and safeguarding workloads that are cloud-native. Earlier this month, Cisco acquired Isovalent, the top supplier of eBPF for businesses.
- Hyper-Distributed – By integrating cutting-edge security measures into servers and the network fabric itself, Cisco is radically rethinking how conventional network security functions. Hypershield analyzes and reacts to anomalies in application and network behavior across all clouds by utilizing hardware acceleration such as Data Processing Units (DPU). It moves security closer to the tasks that require safeguarding.
Collaboration with NVIDIA
To speed up network anomaly detection, Cisco collaborates with NVIDIA on the use of the NVIDIA Morpheus cybersecurity AI framework. Additionally, NVIDIA NIM microservices are utilized to create customized security AI assistants for the organization. With the capabilities of both GPU and DPU processing, NVIDIA‘s class of convergent accelerators would enhance Cisco Hypershield with strong security from cloud to edge.
According to Kevin Deierling, Senior Vice President of Networking at NVIDIA, businesses in all sectors are looking for security that can shield them from ever-growing cyberthreats. In order to create strong, highly secure data center infrastructure that will help businesses transform and benefit customers worldwide, Cisco and NVIDIA are working together to harness the power of AI.
Cisco Hypershield would address three key difficulties that customers face when it comes to protecting themselves against the sophisticated attack landscape of today:
- Distributed Exploit Protection – Attackers would be skilled in weaponizing newly reported vulnerabilities in a shorter amount of time than patching can be done by defenders. In light of the fact that defenders are exposed to over one hundred new vulnerabilities on a daily basis, as reported by Cisco Talos Threat Intelligence, this can have disastrous consequences. By automatically testing and applying compensating controls into the distributed network of enforcement points, Cisco Hypershield woulod be able to provide protection in a matter of minutes.
- Autonomous Segmentation – Segmentation can be essential for preventing an intruder from moving laterally within the network once they have already entered it. To autonomously segment the network, Cisco Hypershield continuously observes, auto-reasons, and re-evaluates the policies that are already in place. This would allow it to solve the issue in environments that are both huge and complicated.
- Self-qualifying Upgrades – Through the utilization of a secondary data plane, Cisco Hypershield would be able to automate the extremely arduous and time-consuming process of testing and delivering upgrades once they are ready. This completely new software architecture would make it possible to install software upgrades and policy changes in a digital twin. This digital twin then tests updates by using the customer’s specific combination of traffic, policies, and features, and then applies those updates without causing any downtime.
“AI is not just a force for good but also a tool used for nefarious purposes, allowing hackers to reverse engineer patches and create exploits in record time,” said Frank Dickson, Group Vice President, Security & Trust at IDC. “Cisco looks to address an AI enabled problem with an AI solution as Cisco Hypershield aims to tip the scales back in favor of the defender by shielding new vulnerabilities against exploit in minutes – rather than the days, weeks or even months as we wait for patches to actually get deployed. With the number of vulnerabilities ever increasing and the time for attackers to exploit them at scale ever decreasing, it’s clear that patching alone can’t keep up. Tools like Hypershield are necessary to combat an increasingly clever malicious cyber adversary.”
“Cisco Hypershield takes aim at the complex security challenges of modern, AI-scale data centers,” said Zeus Kerravala, Founder and Principal Analyst of ZK Research. “Cisco’s vision of a self-managing fabric that seamlessly integrates from the network to the endpoint will help redefine what’s possible for security at scale. For instance, this level of visibility and control across a hyper-distributed environment prevents lateral movement of attackers, enabled through a unique approach to segmentation that’s autonomous and highly effective. While this may seem fantastical, the time is right given recent AI advances combined with the maturity of cloud-native technologies like eBPF.”
It is anticipated that Cisco Hypershield, which is integrated into Cisco’s unified, AI-driven, cross-domain security platform, Cisco Security Cloud, will be generally available in August 2024. Customers will benefit from unmatched visibility and insights throughout their whole digital footprint for unmatched security protection thanks to Cisco’s recent acquisition of Splunk.
