Cisco is advancing its cloud security platform with the launch of AI Assistant for Security, a new feature designed to strengthen defenses against evolving threats. Comprising two components – an AI-powered helper for firewall policy and an AI-powered encrypted visibility engine for all firewall models – the tools aim to simplify security policies, alerts, and prevention, reducing complexity for organizations of all sizes.
AI Assistant for Firewall Policy: This tool, integrated into Cisco’s Firewall Management Center and Defense Orchestrator, facilitates the input of user instructions to generate suitable security settings. By leveraging natural language, administrators can discover policies, receive rule recommendations, and eliminate duplications and misconfigurations without navigating complex menus.
Jeetu Patel, Executive VP and GM of Security and Collaboration at Cisco, emphasized the goal of augmenting human intelligence with machine intelligence to counter increasingly sophisticated attacks.
AI-Powered Encrypted Visibility Engine: Cisco addresses the challenge of malware detection in encrypted traffic with the AI-powered Encrypted Visibility Engine for all firewall models. Focusing on reducing decryption complexities, the engine utilizes billions of samples, including sandboxed malware samples, to assess encrypted traffic for potential malware without the need for decryption. This aims to save time and resources typically required for decryption and packet inspection.
Simplifying Security Against Sophisticated Threats: In the face of over 3,500 security vendors and growing threats, Patel asserts that simplicity and scalability are crucial. With a shortage of security talent, organizations need effective tools, and Cisco positions AI as a key solution. The company has invested significantly in AI, with these tools utilizing multiple AI engines to provide practical assistance.
Closing the Gap Between Intent and Outcome: Cisco’s AI Assistant aims to bridge the divide between intent and outcome by leveraging data more effectively. By analyzing over 550 billion security events daily across various domains, the tool facilitates event triage, impact assessment, root cause analysis, and policy design. The goal is to coordinate defenses across domains, correlating native telemetry for a more effective response to threats.
While Cisco plans to offer a certain amount of capacity for AI services within the existing suite, additional costs beyond a specified usage volume may be considered based on usage patterns.
