Cisco Repositions Security for the Agentic AI Era

Key Takeaways:

  • Cisco introduced AI-centric updates to its firewall portfolio and zero-trust access strategy
  • The company is embedding agent-aware security policies directly into the network fabric
  • Splunk integrations have been deepened for faster threat detection and automated response
  • Cisco says it is preparing for a future where AI agents are both productivity drivers and security risks

At Cisco Live 2025, Cisco unveiled a security revamp aimed at tackling the cybersecurity challenges of an AI-driven world. As AI agents begin to act more autonomously and proliferate across enterprise environments, Cisco is fusing threat protection more directly into its network infrastructure and extending zero-trust to users, devices, and machine identities alike.

The strategy focuses on two main fronts: expanded firewall capabilities optimized for AI workloads and universal zero-trust access that includes agent governance.

New Capabilities in Cisco’s Hybrid Mesh Firewall

Cisco launched updates to its firewall lineup to better accommodate the demands of AI-centric environments. The Secure Firewall 6100 Series is purpose-built for high-performance data centers with throughput up to 200 Gbps per rack unit. For distributed and branch environments, the new Secure Firewall 200 Series combines threat inspection with SD-WAN functionality and is positioned as a cost-effective alternative, offering what Cisco claims is roughly three times better price-performance than competitive solutions.

Cisco is also extending firewall enforcement to more surfaces. Policy controls can now run through Cisco’s Catalyst SD-WAN routers, Nexus switches using Hypershield, and ACI fabrics. These are centrally orchestrated by the new Mesh Policy Engine, designed to enable consistent policy enforcement across distributed environments.

Zero-Trust for Users, Devices, and Agents

Cisco is also extending its zero-trust framework to address a new class of threat vectors introduced by autonomous AI agents. Through its Security Cloud Control platform, access policies can now govern not only users and devices but also AI agents, assigning them identities and roles.

Cisco Duo now includes passwordless access and proximity-based authentication methods, while also serving as an identity broker between systems. This makes it possible to assign contextual access privileges and improve resistance to phishing attacks.

Additionally, Cisco’s Secure Access platform now integrates directly with Meraki and other SD-WAN architectures to enforce consistent access policies across remote locations and roaming users. This is designed to support the shift toward hybrid work and edge computing.

Profile photo of Jeetu Patel
Jeetu Patel, Cisco’s Executive Vice President and Chief Product Officer

Preparing for Autonomous AI Agents

Cisco expects that in the near future, tens of billions of AI agents will interact with enterprise systems. These agents, while enhancing productivity, also create new identity and access management challenges. In response, Cisco is embedding AI agent identity into its security framework, enabling real-time discovery, behavior tracking, delegated authorization, and granular access control.

Model identity and operational context are monitored through a Cisco-designed protocol called Model Context Protocol (MCP). This allows for identity-driven enforcement across a wide array of AI agents operating within business applications and networks.

This is similar to recent reporting we’ve done on BigPanda Agentic ITOps, Versa’s open-source MCP server, Itential’s AI-Powered network automation and Extreme Network’s Extreme Platform One.

These agent-related capabilities are powered by the combined functionality of Cisco Duo, Identity Intelligence, Secure Access, and Cisco’s AI Defense stack, all managed under Security Cloud Control.

Expanded Splunk Integration

Cisco has also extended its integration with Splunk to accelerate threat response and enhance security operations. Firewall logs can now be directly ingested into Splunk, improving visibility into network traffic and threat activity. Cisco’s Firewall Threat Defense telemetry feeds Splunk’s threat detection and investigation workflows, enhancing coverage of distributed infrastructure.

The companies also expanded orchestration capabilities. New SOAR (Security Orchestration, Automation, and Response) integrations are designed to automate response actions based on defined policy triggers. Application risk signals from AppDynamics can now be forwarded to Splunk to help prioritize remediation efforts within business-critical applications.

Industry Commentary

Jeetu Patel, Cisco’s Executive Vice President and Chief Product Officer, said the rise of agentic AI means “every new agent is both a force multiplier and a fresh attack surface.” He emphasized the importance of embedding security “into the very fabric of the network and AI infrastructure.”

John Grady, principal analyst at Enterprise Strategy Group, noted that Cisco’s approach reflects a “broader shift from point-product security toward integrated policy enforcement.” Chris Konrad of WWT added that securing AI agents will require policy and enforcement to be “as dynamic and scalable as the agents themselves.”

Strategic Implications

The launch reflects Cisco’s broader move toward policy-driven, identity-aware, and AI-aligned security infrastructure. By merging firewall, identity, and agent awareness into a cohesive strategy, Cisco is positioning itself to address both existing enterprise risks and those emerging with AI-powered automation.

While challenges remain in securing a rapidly evolving agent landscape, Cisco’s platform-level integration suggests a roadmap for organizations looking to future-proof their environments against increasingly autonomous digital actors.

Learn how AI Agents can supercharge your company’s profits and productivity at TMC’s AI Agent Event, Sept 29-30, 2025 in DC.

If you liked this post, you’ll love one of the the leading global business communications and technology events since 1999, the ITEXPO #TECHSUPERSHOW, Feb 10-12, 2026 Fort Lauderdale, Florida.

Don’t forget the collocated MSP Expo – just for managed service providers!

Rich Tehrani serves as CEO of TMC and chairman of ITEXPO #TECHSUPERSHOW Feb 10-12, 2026 and is CEO of RT Advisors and is a Registered Representative (investment banker) with and offering securities through Four Points Capital Partners LLC (Four Points) (Member FINRA/SIPC). He handles capital/debt raises as well as M&A. RT Advisors is not owned by Four Points.

The above is not an endorsement or recommendation to buy/sell any security or sector mentioned. No companies mentioned above are current or past clients of RT Advisors.

The views and opinions expressed above are those of the participants. While believed to be reliable, the information has not been independently verified for accuracy. Any broad, general statements made herein are provided for context only and should not be construed as exhaustive or universally applicable.

Portions of this article may have been developed with the assistance of artificial intelligence, which may have contributed to ideation, content generation, factual review, or editing

Related Articles

Loader..

 

Share via
Facebook
X (Twitter)
LinkedIn
Mix
Email
Print
Copy Link
Powered by Social Snap
Copy link
CopyCopied
Powered by Social Snap