Cisco Reimagines Data Center and Cloud Security in the Artificial Intelligence Era

Cisco Hypershield brings powerful security and connectivity at ultra-scale to enterprises

News summary:

• Cisco powers and protects the data center and cloud at AI scale. Cisco secures applications and devices no matter how they are distributed or connected.
• In today's highly fragmented network world, the time from emergence to exploitation of vulnerabilities is shortening, and defending data centers from the increasingly complex threat environment has exceeded the scope of human capabilities.
• Cisco Hypershield delivers security wherever customers need it, whether in the cloud, data center, factory floor, or hospital imaging room.
• With AI-native security capabilities, customers can segment their networks autonomously, enjoy distributed and near-instant vulnerability protection without the need for patches, and enjoy automated software upgrades with zero downtime.

2024April 24, Beijing——Cisco, a global technology leader, recently officially launched a new technology for data center and cloud security to cope with the growing demand for IT infrastructure caused by the AI ​​revolution.Cisco launches industry-firstCisco Hypershield, reimagining how enterprises leverage and secure artificial intelligence and other modern workloads. This unprecedented innovation, coupled with Cisco’s recently announced portfolio of Ethernet switching, silicon, and computing products to accelerate AI infrastructure and its partnership with NVIDIA, further expands the security support Cisco can provide defenders. .

Hypershield protects applications, devices and data wherever customers need it, including public and private data centers, cloud platforms and physical locations. Hypershield is designed and built with artificial intelligence needs in mind to help enterprises achieve security outcomes beyond human capabilities.

Cisco Chairman and CEO Chuck RobbinsSaid: “Cisco Hypershield is one of the most significant security innovations in Cisco's history. Cisco's strengths in data, security, infrastructure, and visualization platforms give us a unique advantage in helping customers realize the full potential of artificial intelligence.”

Hypershield is a revolutionary new security architecture. It uses technology that was initially targeted only at hyperscale public clouds and is now available to enterprise IT teams of all sizes. Hypershield is more of a security network than just a security barrier, enabling security policy to be deployed wherever it is needed. Hypershield protects every application service in the data center, every Kubernetes cluster in the public cloud, and every container and virtual machine (VM). Hypershield can even turn every network port into a high-performance security enforcement point, bringing a new level of security to the cloud, data center, factory floor, or hospital imaging room. This new technology blocks application vulnerabilities in minutes and quickly prevents their lateral movement.

Jeetu Patel, executive vice president and general manager of the Security and Collaboration Group, CiscoSaid: “AI has the potential to enable 8 billion people around the world to have the same influence as 80 billion people. In this era of infinite possibilities, we must reimagine the role of the data center, that is, the connection method, security guarantee, and operating model of the data center. And the ability to scale. The power of Cisco Hypershield is that it can deliver security wherever it is needed, whether it's software, servers, or future network switches when you have a distribution with hundreds of thousands of security enforcement points. Simplifying management is critical when deploying systems, and we need to achieve higher levels of automation at lower costs.”

Hypershield's security enforcement is divided into three different layers: software, virtual machines, and network and computing servers and devices, and leverages powerful hardware accelerators widely used in high-performance computing and hyperscale public clouds.

Hypershield is built on three pillars:

• artificial intelligence native: Hypershield is designed with automation and predictability at its core. Once trust is established, Hypershield can self-manage and achieve highly discrete layouts at scale.
• Cloud native:Hypershield is built on the open source eBPF (Extended Berkeley Packet Filter) and is the default mechanism for connecting and protecting ultra-large-scale cloud-native workloads. Cisco is expected to complete its acquisition of Isovalent, a leading provider of eBPF for enterprises, this month.
• Hyper-distributed:Cisco is revolutionizing the way traditional network security works, embedding advanced security controls into servers and network architecture. Hypershield covers all cloud platforms and uses hardware acceleration capabilities such as data processing units (DPUs) to analyze and respond to anomalies in application and network behavior, providing stronger security protection for workloads that require more protection.

Leveraging industry-leading expertise in networking, security, and an extensive partner ecosystem, Cisco is working with NVIDIA to build and optimize AI-native security solutions to protect and scale the data center of the future. This collaboration includes leveraging the NVIDIA Morpheus artificial intelligence network anomaly detection framework to accelerate network anomaly detection, and leveraging NVIDIA NIM microservices to provide enterprises with customized secure artificial intelligence assistants. NVIDIA's integrated accelerator family combines the power of GPU and DPU computing to ensure Cisco Hypershield's powerful security from the cloud to the edge.

Kevin Deierling, senior vice president of networking at NVIDIA, said: “Enterprises across all industries are looking for security solutions that can protect them from ever-expanding cyber threats, and Cisco and NVIDIA are working together to harness the power of artificial intelligence to deliver powerful and extremely secure data. The central infrastructure will help enterprises transform and benefit customers around the world.”

As a revolutionary new security architecture, Hypershield is solving three key challenges faced by customers in today's complex threat environment:

• Distributed vulnerability defense:Attackers are good at exploiting newly released vulnerabilities, often faster than defenders can patch them. According to data from Cisco Talos Threat Intelligence, defenders are faced with almost 100 new vulnerabilities every day, which can lead to catastrophic consequences. Hypershield provides protection in minutes by automatically testing and deploying compensating controls into a distributed execution point structure.
• Autonomous segmentation:Once an attacker enters the network, segmentation is key to stopping their lateral movement. Hypershield continuously observes, automatically reasons, and re-evaluates existing policies to autonomously segment the network to block attacks at scale and in complex environments.
• Automatically verify upgrades:Hypershield leverages a dual-tier data plane to automate the extremely tedious and time-consuming process of testing and deploying upgrades. This new software architecture allows software upgrades and policy changes to be placed in the digital twin, tested with a customer's unique combination of traffic, policies and features, and then updated with zero downtime.

Cisco Hypershield is part of Cisco’s Security Cloud, Cisco’s AI-driven unified cross-domain security platform, and is expected to be generally available in July 2024. As Cisco completes its acquisition of cybersecurity software company Splunk, customers will be able to gain superior visibility and insights across their entire digital footprint for an unprecedented security protection experience.

“AI is not only a force for good, but it is also used for nefarious purposes, allowing hackers to reverse engineer patches and create exploits in a very short time,” said Frank Dickson, group vice president of IDC's Security and Trust Sector. Cisco hopes to use AI solutions to To solve the problems posed by AI, Cisco Hypershield is designed to allow defenders to regain the advantage by protecting new vulnerabilities from being exploited in minutes, rather than waiting for the days, weeks, or even months it takes for a patch to actually be deployed. As the number of vulnerabilities continues to increase and the time it takes for attackers to exploit them on a large scale continues to shorten, it is clear that tools like Hypershield alone are no longer able to keep up with this trend. It’s important.”

Zeus Kerravala, founder and principal analyst at ZK Research, said: “Cisco Hypershield is designed to solve the complex security challenges faced by modern, AI-scale data centers. Cisco's vision of a self-managing network architecture that can seamlessly integrate from the network to the endpoint will Helping to redefine what is possible in security at scale, enabling this level of visibility and control in a hyper-distributed environment, for example, is able to prevent attackers from lateral movement, thanks to a unique and autonomous and highly effective A segmented approach. While this may sound weird, given recent advances in AI and the maturity of cloud-native technologies like eBPF, the time is right.”

“At AHEAD, we believe cybersecurity should be integrated into everything we do,” said Steven Aiello, chief information security officer at AHEAD. “Additional security measures are more expensive and less effective, and Cisco Hypershield ensures cybersecurity protections are woven into the fabric of the enterprise.” Distributed vulnerability protection will be a huge win for defenders in network security – traditional synthetic patches are primarily limited to edge devices, allowing attackers to move laterally once they breach the perimeter. This is a real win for network defenders. Good news!”

Article source: Cisco