Cisco spotlights generative AI in security, collaboration

Looking to harness a decade of AI/ML development Cisco this week previewed generative AI-based features it will soon bring to its Security Cloud service and Webex collaboration offerings.

Cisco said it was looking meld the network and security intelligence it has amassed over the years with the large language models (LLMs) of generative AI to simplify enterprise operations and address threats with practical, effective techniques.  

The first fruits of this effort will be directed at the Cisco Security Cloud, the overarching, integrated-security platform that includes software such as Duo access control and Umbrella security as well as firewalls and  Talos threat intelligence access all delivered via the cloud.

During his Cisco Live! keynote, Jeetu Patel, Cisco’s executive vice president and general manager of security and collaboration, said that an AI-based policy engine, Policy Assistant, will be available by the end of the year in Security Cloud. The idea is that the assistant will use natural language interfaces to simplify policy management for admins, he said. 

Security and IT administrators will be able to describe granular security policies and the assistant willl evaluate how to best implement them across different aspects of their security infrastructure, Patel said.

At the Live! event, Cisco demoed how a generative Cisco Policy Assistant can reason with the existing set of  firewall policy rules to implement and simplify them within the Cisco Secure Firewall Management Center. Cisco says it is the first of many examples of how generative AI can reimagine policy management across the Cisco Security Cloud.

“Basically going forward you won’t need to have a Ph.D. to manage a firewall policy,” Patel said.

In addition, he said the security assistant will let customers describe and contextualize events across email, the web, endpoints, and the network to tell security operation center (SOC) analyst exactly what happened, the impact, and best next steps to take to remediate problems and set new policies.

The SOC Assistant will provide a comprehensive situation analysis for analysts, correlating intel across the Cisco Security Cloud, relaying potential impacts, and providing recommended actions with the goal of reducing the time needed for SOC teams to respond to potential threats, he said.

“Cisco will continue to add generative AI capabilities to our entire security portfolio over time,” Patel said.

Generative AI will also be a part of features—to be disclosed in the future—in Cisco Networking Cloud unveiled at this week’s Cisco Live! The Networking Cloud will involve a broad range of software and cloud-system integration and has as its ultimate goal to converge networking platforms over time, culminating in a unified management platform.  

In addition, Cisco recently announced plans to buy Armorblox, a six-year-old AI vendor, to help create “an AI-first Security Cloud.”

“Leveraging Armorblox’s use of predictive and generative AI across our portfolio, we will change the way our customers understand and interact with their security control points,” wrote Raj Chopra senior vice president and chief product officer for Cisco Security in a blog announcing the pending acquisition.

The use of generative AI is potentially a powerful tool for enterprises but its still early yet and customers should start to get a handle on it now, said Neil Anderson, area vice president of Cloud & Infrastructure Solutions at World Wide Technology (WWT), a technology services provider and Cisco business partner.

WWT recently issued a report on the use of generative AI in the enterprise that stated: “For now, generative AI should be treated with caution. Unless using a proprietary generative AI solution, the technology is not ready for critical or semi-critical enterprise use cases. Governance and risk management must be top of mind for IT leaders being inundated with requests for how best to implement the technology.”

“We expect that as people get their arms  around AI and figure out how they will actually use this technology securely, it will become valuable—because it’s a little like the Wild West right now,” Anderson said.

Shamus McGillicuddy, research director for the network-management practice at Enterprise Management Associates, said network pros recognize that AI/ML can optimize and automate IT operations, so it makes sense for Cisco to make a big investment in it.

“It will take time for customers to learn to trust this stuff,” he said. “If it works, AI features will prove their value fairly quickly. Right now, much of this is about vision and a commitment to product development. Automated troubleshooting and predictive capacity management will be key use cases.”

Cisco’s security portfolio won’t be the only system where generative AI will impact customers.

The company introduced a variety of AI-based features for its flagship collaboration Webex Suite of software as well.

For example, a new catch-me-up feature lets users ask questions about meetings or chats they missed. The idea is that customers can find out the status of a project or get an overview of what was discussed in a previous meeting they might have missed. In addition, users can simply generate intelligent summaries of meetings with action items from a Webex meeting or Vidcast, Cisco’s video messaging tool.  

Also a new conversation capability in Webex Contact Center will provide agents with a fast, automated way to consume long-form text from digital chats with customers as well as easing post-call wrap-up and resolution with customers.

The idea with the new AI features within Webex is to save times and help make faster, smarter decisions by analyzing vast amounts of information in real-time, Cisco stated. 

“AI empowers organizations to tackle the challenges of hybrid work head-on, bridging gaps in real-time information, streamlining manual processes, reducing unnecessary meetings, and ultimately delivering exceptional experiences for employees and customers,” Cisco stated in a blog post.

Copyright © 2023 IDG Communications, Inc.

Cisco debuts its Secure Service Edge offering and enhances app security

Cisco Systems Inc. today unveiled a new security service edge offering that it says will help enterprises to securely connect their growing portfolios of edge resources, such as cloud, private and software-as-a-service applications.

The new SSE offering comes alongside two additional security updates announced at the Cisco Live! event today, including Cisco Multicloud Defense for protecting cloud service workloads, plus upgrades to Panoptica, a cloud-native security development platform.

Cisco’s SSE offering is called Cisco Secure Access (pictured), and it features zero-trust network access or ZTNA, secure web gateway, cloud access security broker, firewall-as-a-service, DNS security, remote browser isolation and more security capabilities. In a blog post, Jeff Scheaffer, vice president of product management for Cisco’s SSE team, explained that it’s designed to secure any application through any port or protocol, while ensuring optimized performance and continuous verification and granting of trust from a single, cloud-based portal.

SSE services are defined by Gartner Inc. as a comprehensive security service that bundles access control, threat protection, data security, monitoring and acceptable-use control, enforced by network-based and application programming interface-based integration.

Cisco said the Secure Access service will be in limited availability from July, before becoming generally available in October. The platform offers client-based and clientless browser-based access, granular user and application-based access policy control, with Security Assertion Markup Language or SAML authentication, intrusion prevention, built-in identity controls and contextual access controls. Users are authenticated through a secure, encrypted tunnel, meaning they can see only the applications and services they have permission to access, the company said.

“Cisco Secure Access features a new ZTNA Relay architecture that solves the challenges of last-generation ZTNA vendors,” Scheaffer said. “Last generation ZTNA vendors do not support all application architectures, like multi-channel applications, peer-to-peer applications, or server-initiated communication. Last generation ZTNA vendors often struggle with the sheer volume of 1000’s of enterprise and long-tail legacy applications.”

Other capabilities include integrated intelligence from Cisco’s Talos security research organization, ensuring it remains up to date with the latest threats. In addition, Cisco Secure Access continuously runs artificial intelligence and machine learning models against the enormous Talos threat database to provide insights into threats and improve incident response, Scheaffer said. Finally, it’s also integrated with Cisco’s ThousandEyes network intelligence software, so users can identify and resolve any network performance issues that occur.

Cisco is playing to its strengths with Cisco Secure Access, said analyst Holger Mueller of Constellation Research Inc. “It is combining its considerable expertise in both networking and security,” he explained. “It adds to the convenience too, because the edge doesn’t operate independently from enterprises’ centralized infrastructure. Cisco has integrated everything in a highly desirable single plane of glass.”

Enterprise Strategy Group analyst John Grady said enterprises have lots of reasons to want to deploy an SSE, with improved security outcomes being at the top of the list. “Achieving this requires an emphasis on users to create a frictionless experience and simplifying security team processes to improve efficiency and ensure consistency,” he said. “Security teams making plans for SSE should prioritize integrated solutions that focus on simplicity, scale and user experience.”

A second new service announced by Cisco today is Multicloud Defense (below) and it’s available now. It is designed to help customer security operations teams get a better handle on Amazon Web Services, Google Cloud, Microsoft Azure and Oracle Cloud workloads.

“Cisco Multicloud Defense brings together distributed Layer-7 protection, web application firewall (WAF), and data loss prevention (DLP) capabilities managed through a single, dynamic policy,” Rick Miles, vice president of product management with Cisco’s cloud and network security group, wrote in a blog post.

Miles explained that Multicloud Defense is based on technology Cisco acquired after buying the network security startup Valtix Inc. in February. It acts as a kind of interpreter across multiple cloud platforms, using gateways distributed across customer environments as enforcement points for security policies, he said. In this way, he said, it can stop threats that target specific applications, block command and control attacks, prevent data exfiltration and mitigate lateral movement attacks.

Cisco also rolled out some major updates to Panoptica, which is its primary cloud-native application security software offering. Panoptica allows developers and engineers to embed cloud-native security controls from application development to runtime, using a single interface for container, serverless, API, service mesh and Kubernetes security. It can scale across multiple clusters with an agentless architecture, integrate with developer tools and programming language frameworks across any cloud platform.

Today, Panoptica gains support for Cloud Security Posture Management, enabling continuous cloud security compliance and monitoring at scale. With this, Cisco said, customers gain more visibility into their entire cloud asset inventory, including Kubernetes clusters. There’s also a new attack path engine that uses graph technology to provide advanced attack path analysis, helping security teams to identify and remediate possible risks more quickly.

In addition, Panoptica will be integrated into Cisco’s full-stack observability tools to provide even greater visibility into business risks. The new features will go live later this year, Cisco said.

Finally, Cisco said it’s rolling out a new, high-end firewall appliance. Known as the Secure Firewall 4200 Series, it’s twice as fast as previous systems. It also runs a new operating system that uses AI and machine learning to identify threats within encrypted traffic, without needing to decrypt that traffic first.

In a blog post, Miles said this resolves the complexities involved in decrypting traffic for inspection, which is not only complicated but also affects performance and impacts privacy. The Cisco Secure Firewall 4200 Series appliance will become generally available in September. The new operating system will be available to Cisco’s wider Secure Firewall appliance family in December.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU

Cisco Injects Generative AI Into Security, Collaboration Portfolios For ‘Reimagined’ Customer Experiences

‘We were going to be investing very heavily in this notion of AI just being part of the fabric of everything … One of the big challenges we have in our industry is shortage of skill and talent, and we can make sure that every single person can become this very sophisticated user when they start using our products,’ Cisco’s EVP of Security and Collaboration Jeetu Patel tells CRN.

Cisco Systems is injecting generative AI into both its security and collaboration portfolios to the delight of channel partners.

The tech giant announced at Cisco Live 2023 that it was starting to harness large language models (LLMs) to help businesses ramp up productivity and automate simple tasks for their workforces. The opportunity around AI is huge because talent is at a high demand and security threats are getting worse, said Faisal Bhutto, senior vice president of cloud and cybersecurity for Cisco partner Calian Group.

“You can’t hire people fast enough and I think AI plays a tremendous role because the faster we are able to detect, the faster we’re able to contain and protect an organization from massive damage,” Bhutto said.

Generative AI, a “cool” emerging feature to a lot of customers, also opens the door to a reimagined collaboration experience, Bhutto said. “[Things like] using generative AI to write a summary to give us the high points instead of listening to a 90-minute meeting -- imagine how easy life would be for [users],” he said. “Every single customer of ours is thinking about AI when it comes to their own innovation right now.”

[Related: Cisco Accelerates Platform Push With New Full Stack Observability Platform ]

Security Policy Management

Cisco took to the event to preview new generative AI capabilities for security policy management across the security ecosystem. It’s especially important as many businesses still employ multiple and disparate security tools, Jeetu Patel, Cisco’s executive vice president and general manager of security and collaboration, told CRN.

Cisco previewed how the virtual assistant can work with the existing firewall policy set to implement and simplify rules within the Cisco Secure Firewall Management Center. Patel said it is the first of many examples of how generative AI can be employed within Cisco Security Cloud.

“We were going to be investing very heavily in this notion of AI just being part of the fabric of everything, and especially security,” he said. “One of the big challenges we have in our industry is shortage of skill and talent, and we can make sure that every single person can become this very sophisticated user when they start using our products.”

Patel said that in addition to the new AI capabilities that will be baked into the company’s security portfolio, the ongoing progress within Cisco Security Cloud, the company’s platform approach to security, will also help as customers attempt to set and maintain policies across multiple secure access products, firewalls and cloud security tools.

For partners like Long View Systems, it’s a constant battle to stay ahead of cybersecurity threats and bad actors, said Lane Irvine, network business solutions director for Calgary, Alberta-based Long View. AI could have a significant impact on security, both for IT professionals and hackers, he added.

“Ultimately, if we’re not leading the charge with how we’re using AI to provide protection, then we’re going to fall behind,” Irvine said. “I think we’re going to see major changes over the next several years around AI and how it affects security.”

AI-Based Collaboration Capabilities

Cisco has been building AI into its collaboration portfolio right along, as evidenced by features in Webex such as noise cancellation, video framing, and call transcription, but Cisco’s announcements this week is taking AI integration into the next phase, said Joe Berger, area vice president of Digital Experiences for St. Louis-based Cisco Gold partner World Wide Technology.

“We’re seeing Cisco [ask] how does AI become a bit more intelligent, more proactive? Things like capturing meeting notes and doing best next action? I think customers are looking around [and asking], ‘Okay, how does AI start augmenting my workforce experience? How does it make my workers smarter, more productive and faster?’“ he said.

The Webex portfolio now includes generative AI-based conversational capabilities that allow users to give prompts and ask questions, such as “catch me up” to find out the status of a project or to learn what was discussed in a previous meeting or chat. Cisco said that the responses generated are based on data users have permission to access.

The company said that meeting summaries will also extend into Cisco’s video messaging tool, Vidcast, so that viewers can navigate to relevant parts of the video quickly.

New conversation summaries in Webex Contact Center will give agents a quicker, more automated way to consume long-form text from digital chats with customers. The summaries will also help with post-call wrap-up and resolution with customers, Cisco revealed.

Augmenting the agent experience will deliver a better customer experience that end users are looking for because the call center has turned into a customer engagement center, Berger said.

“As customers start to move into different styles of workflows and omni-channel, how can AI start augmenting? Maybe not everything’s a voice call anymore, or maybe it’s more of a chat. I think you’ll start seeing AI take over a lot more in those spaces and the experience has to be personalized,” he said.

Gina Narcisi is a senior editor covering the networking and telecom markets for CRN.com. Prior to joining CRN, she covered the networking, unified communications and cloud space for TechTarget. She can be reached at gnarcisi@thechannelcompany.com.