- I love the Galaxy S25 Ultra, but the Pixel 9 Pro XL for $200 off right now is the better deal
- 10 common dangers VPNs won't protect you from online - and how to avoid them
- Building Contextual Data Models for Identity Related Threat Detection & Response (ITDR)
- The billion-dollar AI company no one is talking about - and why you should care
- Security Detection Tech Failing, Say Cyber Leaders
Achieve Transformative Network Security With Cisco Hybrid Mesh Firewall
The need for a robust, and flexible network security architecture has never been more pressing. The distributed nature of modern applications, the complexity of networks, and the explosion of AI applications is preventing progress through complexity.
As these hindering complexities shift and grow, our approach to security must evolve to meet them head-on. In the previous blog, we talked about our overall approach to zero trust with Universal ZTNA and Hybrid Mesh Firewall. At Cisco, we are at the forefront of this evolution in protecting applications with our Hybrid Mesh Firewall, and now that the vision is coming to life, I’m thrilled to share how it will lead us into a new era of security.
Shifting How We Approach Network Security
The vision for the Hybrid Mesh Firewall was born out of necessity, addressing three critical forces: the increasingly fine-grained composition and distribution of applications in the data center, the complexity of modern networks, and the rising level of sophistication observed with today’s threats and threat landscape. The Hybrid Mesh Firewall isn’t just a product, it’s a shift in how we approach network security. It represents a move towards holistic, integrated approaches that infuse security into each layer of the network and cloud fabric.
The heart of the Cisco Hybrid Mesh Firewall is Cisco’s Security Cloud Control management system. This is the single cloud delivered console for policy creation that brings together thousands of optimized enforcement points into one mesh.
A strong, distributed perimeter at all major trust boundaries—including between the internet and your applications— is still the backbone of enterprise security, reducing attack surface and protecting services that are exposed with advanced threat protection, including at scale in encrypted traffic. Guardrails for AI models are increasingly important here, as AI is embedded in more and more applications. Cisco’s Hybrid Mesh Firewall includes leading NGFW—physical, virtual and cloud-native—to provide AI runtime protection, advanced threat inspection, and protection against encrypted threats with the flexibility to run across the distributed enterprise.
This is necessary but not sufficient. We now must assume compromise and thus inspect and validate every flow between highly distributed and fine-grained applications to prevent lateral movement. So Cisco’s Hybrid Mesh Firewall goes deeper, with security infused switches that are highly distributed, providing segmentation deeper inside the network to prevent lateral movement. Workload agents bring security close to the application itself, with autonomous segmentation and process-level compensating controls to protect against exploits. Together, this fabric delivers optimal security where needed, with a management paradigm that cuts down policy administration time.
Today, I’m thrilled to announce some of the game changing innovations we are bringing to market that make Cisco’s Hybrid Mesh Firewall unique in the industry.
Security Infused into the Data Center Fabric
We’re making a revolutionary step forward in data center security with the Cisco N9300 Series Smart Switches by integrating networking and security into a single solution. These new switches future-proof customers’ data center infrastructure by offering an extensible platform for hardware-accelerated services. Powered by Cisco Hypershield, the Cisco Smart Switches support L4 zone-based segmentation to enable autonomous segmentation policies within and across data centers and at the cloud edge. Leveraging Data Processing Units (DPUs) to offload complex processing tasks, this innovation not only improves performance and cost efficiency, but also simplifies the network architecture. We are doing this by embedding security directly into the network fabric, taking it closer to applications where agents are not always possible.
Cloud-Native Orchestration
As enterprises adopt the cloud, the need for a strong perimeter defense at major cloud boundaries is important. However, existing solutions fall short because they are not built with automation in mind for deploying, orchestrating, and scaling. This is why I am excited to introduce our new cloud-native orchestration capability for Firewall Threat Defense. With it, organizations will be able to extend Secure Firewall to public cloud environments, such as AWS and Azure, natively.
Cloud-agnostic automation of native constructs and orchestration saves time when deploying, removes the need for dedicated cloud expertise when networking firewalls into the infrastructure, and automatically scales security to meet demand. And if a problem is detected, auto-healing capabilities will automatically replace that instance with a new one stitching it into the auto-scale group. Unlike other solutions, there is no need of stepping through a complex multistep process just to deploy a virtual firewall force fitted into a cloud fabric, then trying to scale across a complex network, tens, hundreds, thousands of sites.
This powerful new capability empowers enterprises to deploy, manage and auto scale Secure Firewall instances seamlessly across public cloud environments.
Guarding the AI Frontier
As AI continues to transform industries, securing AI applications has become imperative. Our AI Defense capability is purpose-built to protect the development and deployment of AI applications from increasingly sophisticated threats. By leveraging AI-driven algorithms and continuous validation, AI Defense safeguards against misuse, data leakage, and other security challenges unique to AI environments. This solution reflects our vision of integrating AI security seamlessly within the Hybrid Mesh Firewall, providing enterprises with the confidence to advance their AI initiatives securely.
This vision is already taking hold, as recently reported in Wired magazine and on our own blog.
As our researcher’s state, the results of AI Defense testing “underscores the urgent need for rigorous security evaluation in AI development to ensure that breakthroughs in efficiency and reasoning do not come at the cost of safety. It also reaffirms the importance of enterprises using third-party guardrails that provide consistent, reliable safety and security protections across AI applications.”
Unified Management
Managing thousands of enforcement points in a dynamic environment is beyond human scale and needs AI to manage, deploy, troubleshoot, and upgrade all these distributed enforcement points. This is where Security Cloud Control comes in with intelligent, centralized management of all your enforcement points. Unified AI Assistant provides AI-generated insights across the Hybrid Mesh Firewall for policy configurations, rule optimization, and recommendations for common tasks, drastically cutting management time.
This is a game-changer and so is ending the need for traditional upgrade periods. We’re doing that by introducing infrastructure that updates itself continuously, with a dual data plane allowing you test any update to your assets or policies with live traffic, before deploying them with zero-downtime. As your needs change, you can deploy new enforcement points in your environment, without the need to change policies.
Bringing the Vision to Life
The Hybrid Mesh Firewall is the embodiment of Cisco’s commitment to redefining network security for the modern age. By unifying security and networking, leveraging AI for policy lifecycle management, and ensuring ultra-fine-grained policy enforcement across diverse environments, we are not just keeping pace with change; we are driving it.
Our innovations, from infusing security into the network, to cloud-native orchestration and holistic defense of AI applications, are pivotal in realizing this vision, providing our customers with unparalleled security, performance, and simplicity.
As this journey takes shape, we’re not merely responding to the challenges of today; we are anticipating the needs of tomorrow. We invite you to join us as we continue to build the future of network security, ensuring that every device, workload and application is protected in an increasingly complex digital world.
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Security Social Channels
Instagram
Facebook
Twitter
LinkedIn
Share:
