Cisco presents new security approach for datacenters

Cisco has presented a new approach to protecting datacenters and clouds in response to the growing demands that Artificial Intelligence (AI) has placed on IT infrastructures. The basis of this scheme is the Cisco Hypershield architecture, which protects applications, equipment and data in public and private datacenters, clouds and other installations wherever they are needed, according to Cisco.

Hypershield was designed and developed from scratch using AI and is presented by Cisco as one of the most important security innovations in the company’s history. “With our competitive advantage in the data industry and our strength in security platforms, infrastructure and observability, Cisco is uniquely positioned to help our customers harness the power of AI,” says Chuck Robbins, president and CEO of Cisco.

Hypershield was created on the basis of technologies originally developed for hyperscale public clouds and is now available to IT teams in companies of all sizes. It can be seen more as a fabric than a fence, allowing security resources to be placed wherever they are needed, such as services in datacenters, Kubernetes clusters in public clouds, containers, virtual machines and network ports. Cisco claims that the solution is capable of blocking intrusions in minutes and interrupting lateral movements in networks.

For Cisco, we need to reimagine the role of datacenters, how they are connected, protected, operated and scaled, and the power of Hypershield is to be able to guarantee security everywhere, in software, servers and network switches. “When you have a distributed system with hundreds of thousands of application points, simplified management is a mission-critical task, which is why we need more autonomy at a much lower cost,” explains Jeetu Patel, executive vice president and general manager of Cisco’s security and collaboration areas.

Hypershield’s goal is to help overcome the main challenges in today’s scenario of sophisticated cyber threats:

• Distributed protection against intrusion attempts: Hypershield offers protection in minutes by automatically testing and deploying compensation controls in distributed structures.
• Autonomous segmentation: Segmentation is key to stopping lateral movements after a potential network intrusion. Hypershield observes, automatically plans and continuously re-evaluates existing policies to autonomously segment networks in large and complex environments.
• Self-qualified updates: Hypershield automates the arduous and time-consuming process of testing and deploying updates by using a dual data plane. This new software architecture allows software updates and policy changes to be made in a digital twin that tests them using the combination of traffic, policies and resources and then applies them without the need for downtime.

According to Cisco, the security features of the Hypershield architecture are applied in three layers: in the software, in the virtual machines and servers and in the network and computing devices, with the same hardware accelerators used in high-performance computing and hyperscale public clouds. The solution is built on three main pillars:

• Artificial Intelligence: Built and designed to be autonomous and predictive, Hypershield manages itself as soon as it gains confidence, with a hyper-distributed approach at scale.
• Cloud: It is based on open source eBPF, an engine that connects and protects cloud-native workloads at hyperscale. Cisco acquired Isovalent, a leading provider of eBPF solutions, at the beginning of April.
• Hyperdistribution: Cisco has incorporated security controls into servers and the network structure itself. The architecture covers all clouds and uses hardware acceleration, such as data processing units (DPUs), to analyse and respond to anomalies in the behaviour of applications and networks.

Collaboration with NVidia

Cisco is working with NVidia to develop and optimise security solutions with native Artificial Intelligence integration to protect the datacenters of the future. The cooperation includes the use of NVidia’s Morpheus AI framework for accelerated anomaly detection in networks, as well as NVidia NIM microservices to train customised security AI assistants. NVidia’s accelerator class exploits the computing power of GPUs and DPUs to give the Cisco Hypershield architecture robust security capabilities, from the cloud to the edge.

“Companies in all sectors are looking for ways to protect themselves against increasingly serious cyber threats. Together, Cisco and NVidia are harnessing the power of AI to deliver powerful, incredibly secure datacenter infrastructures that will empower companies to transform their businesses and benefit their customers everywhere,” says Kevin Deierling, senior vice president of networking at NVidia.