For much of the past decade, enterprise networking was something the industry tried to abstract away. Cloud-first architectures commoditized switching and routing, burying them under software-defined layers. AI infrastructure has reversed that trajectory. Tom Gillis , senior vice president and general manager of Cisco’s infrastructure and security group, has a theory about why, and it starts with the network. At Cisco Live this week, Cisco is announcing a broad set of security and infrastructure capabilities spanning vulnerability protection, network enforcement and agentic access control. In the AI era, Gillis said, the network performs the role the PCI bus once played inside a single server. Distributed AI systems require memory, compute, GPU, and storage to work together across physical infrastructure at scale. The network is the backplane that makes that possible. The result, he said, is that customers have come to see it as the one thing they can count on. “There is a new operating model necessary for infrastructure,” Gillis told Network World . AI changed how Cisco builds its own products The shift shows up inside Cisco’s own development organization. Gillis runs a team of roughly 12,000 software developers, and AI coding tools have fundamentally changed how that team works. Earlier generations of AI coding tools produced significant gains on new projects, where a team of five to 10 developers could accomplish what once required 100 people working for a year. But those tools hit a ceiling on complex legacy products. A Catalyst switch or Cisco firewall can contain 50 to 100 million lines of code, more context than prior models could handle at once. Newer AI coding tools have removed that ceiling, allowing Cisco to accelerate development across its entire product portfolio. The other side of that acceleration is vulnerability discovery. Frontier AI models like Anthropic’s Claude Mythos can now comprehend entire complex codebases and are finding vulnerabilities that humans have been unable to find. “Frontier models are finding vulnerabilities at a scale that has never been achieved before, and it’s not one and done. These things are going to continue to find new vulnerabilities,” Gillis said. A new security stack built from the Linux kernel up The standard data center response to vulnerabilities has been to build a configuration, test and validate it, lock it down, and leave it alone. Gillis described that model as no longer viable. Switches and routers are inline, high-performance systems that require taking offline to update, which is why customers do it infrequently. Continuous AI-driven vulnerability discovery makes that approach untenable. Cisco’s answer is built on Isovalent , its commercial platform based on the open source Cilium project, which uses eBPF technology built into the Linux kernel. “What’s great about eBPF is that we can inspect memory, so we can look at that memory, we can see what’s happening, we intercept every system call and every function call, and we can modify those system calls and function calls,” Gillis said. The eBPF based functionality enables multiple new capabilities in the Cisco platform. The headline capability is Live Protect, a feature built directly into Cisco network operating systems such as NXOS and IOS. A compensating control can be scoped to a specific process ID and file, blocking a particular action without affecting anything else on the system. For an administrator, the experience is a vulnerability flagged in the Nexus dashboard with a button to apply a shield. “We’ve introduced a capability that can apply a compensating control to a running system without rebooting, touching, or modifying the binaries of that running system,” Gillis said. Not every workload is an AI app Live Protect and the Isovalent platform address the security challenge for infrastructure running today. But the infrastructure itself is also in transition, and Cisco is building for where most enterprises actually are, not just where they are headed. “The enterprise, most of their workloads are not AI, right? They’re excited about AI, AI is gonna be cool as a rapid transition, but the vast majority of their workloads are still VM-based,” Gillis said. “VMs have been around for 20 years, and so our vision for this kind of data center of the future for the enterprise is that Kubernetes becomes the orchestration layer that runs all applications.” The friction point is networking. VMware operates at Layer 2, Kubernetes is Layer 3, born in the cloud. Moving a VM from a VMware environment into Kubernetes has historically meant reengineering how it connects to everything else. Cisco’s Isovalent-based software bridge allows VMs to migrate one at a time without changing their IP addresses. The result is legacy VM workloads, container-based applications, and AI workloads running together on the same infrastructure, with no forced full migration. At Cisco Live, Gillis is demoing that vision on the main stage. VM-based and Kubernetes-based workloads appear as peers in the same Nexus dashboard, with the Isovalent-based software bridge handling the Layer 2 to Layer 3 translation underneath. The future of networking in the AI era The announcements at Cisco Live address the infrastructure challenges of today. The next challenge is already visible. As AI agents begin acting on behalf of users across enterprise systems, the network faces a new access control problem it was not designed to solve. A typical enterprise user has password-based access to hundreds of applications, with credentials that rotate on a six-month cycle. Extending that same access to an agent is too permissive. “We need to put task-based controls, much more ephemeral controls, in place for agents,” Gillis said. “An agent authorized to file an expense report should have no ability to make purchases; I do not want the agent to buy a Porsche.” Cisco is addressing this through Cisco Secure Access, its SSE solution, and through its hybrid mesh firewall, with controls that are task-scoped and session-specific for both user-to-application and server-to-server scenarios. Beyond the show floor, Gillis said Cisco has additional announcements planned for the fall. “We’ll make some announcements in the fall that I think are going to be startling,” he said, without providing details. His near-term vision is a single infrastructure architecture that spans all application types. “A year from now, I hope customers are realizing, hey, I can build infrastructure that can power my AI apps that are kind of tomorrow, the same infrastructure can power my Kubernetes-based apps that are today, in my VM-based apps, which are yesterday, all with one design, one architecture,” Gillis said.

Source: Network World

Read Original Source →