Cisco Live 2025: AI Defense for secure AI use
Cisco has presented its all-round security concept for AI operations in companies, which is designed to create transparency and offer real-time protection.
(Image: Andrew Derr/Shutterstock.com)
- Arne Bauer
- Jens Söldner
At Cisco Live EMEA in Amsterdam, Cisco presented a range of new security and network products designed to help companies implement their AI strategies securely and efficiently. These include Cisco AI Defense, a service for overcoming the biggest challenges in dealing with AI and large language models (LLMs).
Threats such as the uncontrolled use of generative AI applications (so-called Shadow AI), manipulation of models through prompt injection or attacks on runtime environments pose serious risks. Cisco AI Defense is designed to minimize these dangers and enable companies to develop, deploy and operate AI applications securely.
Guidelines and real-time protection
Cisco's strategy is based on several protection mechanisms that can be summarized in four central components: Access to AI applications can be regulated through policy enforcement to prevent unauthorized use. At the same time, comprehensive visibility of the AI cloud applications used should ensure transparency regarding potential risks and threats. Through the continuous analysis of AI models, Cisco aims to identify security gaps and unexpected behavior. And real-time protection is designed to prevent attacks such as prompt injection or denial-of-service attacks. Cisco Talos, the in-house threat intelligence network, serves as a data source for detecting such attacks.
Cisco AI Defense is also integrated into the more comprehensive Cisco Security Cloud and uses Hypershield as a central security system for AI workloads. Hypershield combines current network security approaches with AI-supported threat detection and relies on a distributed security architecture. The idea: security must take effect directly where the applications are running – i.e., in the network itself. Hypershield acts as an “enforcement layer” for AI Defense and allows security policies to be enforced. Network performance should not be affected by this.
Protection against data leakage
Companies can also use Cisco Secure Access to enforce security policies for end users. A prominent use case would be protection against unauthorized data leakage into public GenAI services. Companies can use policies to define which applications are allowed and which are blocked. This prevents employees from unintentionally feeding sensitive company data into external AI models. Another example is the protection of in-house and used AI models against manipulation. Continuous validation and red-teaming approaches are used to check models for vulnerabilities.
Alongside AI Defense, Cisco has also introduced the Hybrid Mesh Firewall. This combines classic firewalls with modern network structures and offers granular protection for cloud and data center environments. AI Defense is to be embedded natively.
Videos by heise
New switches with DPUs
Cisco AI Defense was first presented on January 15 of this year and will be generally available from March 2025. At the same time, the new Cisco N9300 Smart Switches with integrated DPUs will be launched on the market. These are designed to further increase the level of security for AI workloads by efficiently distributing network, storage, and security tasks at hardware level. The cloud on-ramp switch will be available from April 2025, while the top-of-rack model is expected in summer 2025.
(mki)
