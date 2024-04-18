Cisco on Thursday launched Hypershield, a new approach to securing data centres and clouds in response to the increasing demands of artificial intelligence on IT infrastructure.

Designed with AI in mind, Hypershield protects applications, devices and data across public and private data centres, clouds and physical locations. It’s built with technology originally developed for hyperscale public clouds and is now available for enterprise IT teams, Cisco said.

In today’s distributed world, the time from vulnerability to exploitation is shrinking, and defending against the increasingly complex threat landscape in data centres is often beyond human scale.

Hypershield enables security enforcement in application service in data centres, Kubernetes cluster in public cloud, containers and virtual machines. According to the company, it can turn network ports into security enforcement points, block application exploits quickly and stop lateral movement in its tracks.

“The power of Cisco Hypershield is that it can put security anywhere you need it—in software, in a server, or in the future even in a network switch. When you have a distributed system that could include hundreds of thousands of enforcement points, simplified management is mission critical,” said Jeetu Patel, executive vice president and general manager for security and collaboration, Cisco.

According to Cisco, security enforcement with Hypershield happens at three different layers: in software, in virtual machines and in network and compute servers and appliances. It is AI-native and designed to be autonomous and predictive.

Hypershield is built on open source eBPF, the default mechanism for connecting and protecting cloud-native workloads in the hyperscale cloud. Cisco said it has embedded advanced security controls into servers and the network fabric, so that anomalies in application and network behaviour can be analysed and responded to.

According to Cisco, Hypershield solves three challenges:

Distributed Exploit Protection : Attackers are increasingly adept at weaponising newly-published vulnerabilities faster than defenders can patch. Hypershield delivers protection faster by automatically testing and deploying compensating controls into the distributed fabric of enforcement points.

Autonomous Segmentation : Once an attacker is in the network, segmentation is key to stopping their lateral movement. Hypershield observes, auto-reasons and re-evaluates existing policies to autonomously segment the network.

Self-Qualifying Upgrades: The system automates the process of testing and deploying upgrades once they are ready, leveraging a dual data plane. This new software architecture allows upgrades and policy changes to be placed in a digital twin that tests updates using the customer’s unique combination of traffic, policies and features, then applying those updates with zero downtime.

As part of its collaboration with Nvidia, Cisco will also leverage the Nvidia Morpheus cybersecurity AI framework for network anomaly detection and NIM microservices for enabling custom security AI assistants for enterprises. Nvidia’s class of converged accelerators will also augment Cisco Hypershield with security from cloud to edge, the company said.