Leveraging Cisco HyperShield: Five Key Insights for Your Business
2024年4月27日 - 4:44AM
Cisco dropped a buzzworthy release this week - HyperShield, the
first “AI Native” Security Infrastructure. Cisco’s Executive Vice
President and General Manager of Security and Collaboration, Jeetu
Patel, calls it “the most radically different security innovation
I’ve ever been a part of in my career.” HyperShield won’t be
released until August but implications are already swirling over
its game-changing impact on technology. INE Security, a leading
networking & cybersecurity certification and training platform,
Cisco among its many Fortune 500 clients, is revealing five ways
business leaders can leverage HyperShield to enhance IT security
automation and position their teams for success.
What is HyperShield?
The “Hyper” in HyperShield refers to HyperScale providers, like
Google, Amazon, & Meta (e.g., FAANG). Their network
architectures have largely been custom-developed in software
through years of R&D, to the tune of billions of dollars. Many
of these custom solutions came out as standardized protocols, a key
one of these, which is at the heart of Cisco’s HyperShield
solution, is called eBPF.
eBPF, or extended Berkeley Packet Filters, can intercept things
like network packets directly in the Linux kernel space, without
changing kernel source code or loading kernel modules. This
powerful tool forms one of the core functionalities of HyperShield,
allowing full visibility into every software process and I/O
operation applications are running, whether it be in a Kubernetes
container or a Virtual Machine.
Using this deep visibility gained from eBPF, HyperShield's
“AI-Native” engine can automatically search for and apply patches
for new vulnerabilities as they become available.
“Cisco’s HyperShield solution may have tipped the scales in
favor of the defenders for once,” says 4X CCIE Brian McGahan,
Director of Networking Content and Co-founder of INE. “Applying
firmware and software frantically to plug an endless stream of new
attack vectors is one of the biggest challenges network and
security operators face today. HyperShield could change that.”
What does HyperShield do?
AI-based HyperShield learns 24/7 about new vulnerabilities that
could affect systems, prioritizing their potential impact, and
automatically applying patches where needed. Before applying these
updates or modifying any filtering rules, HyperShield offers the
important step of qualifying the impact of these changes. Using a
feature called dual dataplane, traffic is processed twice by
the system. Once for the actual forwarding of traffic based on the
current state of the system, and second to test the proposed
changes of any updates or rule modifications. As applications &
requirements change over time, HyperShield will dynamically refine
and update these rules.
Another key feature of HyperShield is that its AI learns about
legitimate behavior of applications running in the network over
time, automatically segmenting traffic to protect against lateral
movements inside the network if an application is
compromised.
Furthermore, while the management & control of the
HyperShield solution is centralized (i.e. managed via the cloud),
the enforcement of its policies is distributed in nature. This
helps to avoid common bottlenecks in the network, for example at
centralized edge firewalls.
Why is HyperShield such a big deal?
A slow update cycle leaves an organization open to emerging
threats, but HyperShield can perform an update process in a
completely automated manner, applying changes it deems the best fit
for your systems as new vulnerabilities are discovered.
HyperShield features an AI assistant to explain its analysis
& recommendations, allowing built trust in the fact that it is
taking the correct actions.
This revolutionary automated step provides confidence to adopt a
more proactive approach to your security posture. Eliminating the
need for potentially thousands of man-hours to correctly qualify
the change-control process.
What does HyperShield mean for businesses?
There are endless implications and opportunities for businesses
to harness the power of HyperShield. Three of the quickest
wins:
- Enhanced ability to predict and prevent cyberattacks
before they happen: HyperShield uses advanced AI
algorithms to analyze patterns, predict potential vulnerabilities,
and automatically patch them - marking a significant shift from
reactive to proactive cybersecurity.
- Increased efficiency in SecOps: AI automation
reduces the need for manual intervention, allowing security teams
to focus on more strategic tasks.
- Greater compliance with regulatory
requirements: HyperShield’s advanced security protocols
help enterprises meet stringent regulatory requirements more
efficiently, avoiding potential legal penalties and reputational
damage.
What will HyperShield mean for the future?
The introduction of an AI-driven security solution and
distributed network security architecture like Cisco’s HyperShield
will have a profound impact on the industry. By resolving the
inherent weaknesses of traditional models, HyperShield promises a
scalable, efficient, and secure framework that will adapt to the
evolving landscape of cybersecurity threats.
Businesses will benefit from enhanced security measures that
protect the perimeters of their networks and their internal data
and systems. This level of comprehensive security is crucial as
enterprises continue to expand and diversify their digital
operations.
The ability of HyperShield to autonomously manage and deploy
security measures frees up valuable IT resources, allowing
companies to focus more on growth and innovation rather than
constant threat monitoring and management.
HyperShield is set to debut in August 2024, with additional
functionality, such as DPU offload, being introduced after the
initial launch.
Press Team
INE
917-715-0911
Press@ine.com