Suggested searches:
< Back

Cisco Security AI Assistance

Cisco Security AI Assistance
By Nathan Ashby, Senior Solutions Architect

AI is taking the IT world by storm right now; due to the ability, it will have to transform our day-to-day working tasks across all industries. In turn, one of the quickest and most impactful first implementations of AI seen is with the use of natural human language assistants. These are used to make our job roles easier and can be a simple starting point to drive AI use. 

Cisco Live this year was not short on focusing on how AI is empowering existing products including Cisco-validated design, which we should view as a blueprint to enable businesses to build out their own AI solutions based on Cisco infrastructure. 

For today, I wanted to focus on one announcement that, Cisco teased earlier last year with AI assistants for their security products. Aimed at helping our network and firewall administrators with their working days. At Cisco Live this year, they had it on full display in all its glory with some more information around it. It was named suitably “Cisco AI Assistant for Security”. It does exactly what it says on the tin. Focused on driving three main outcomes “Assist”, “Augment”, and “Automate”.  In turn, these will focus on easing and improving the administration of Cisco security products. This was shown across two core Cisco solutions, across their firewalls and within Secure Access.  

Breaking down what I saw across these two solutions: 

The live demo highlighted a built-in AI assistant on the Cisco Firepower Management Centre (FMC) within Cloud Defence Orchestrator (CDO). It is important to note, that I spoke to the Cisco teams about the availability of this function on other deployments such as on-premises FMC and this was confirmed as coming in future updates. As it stands it is expected this will be publicly available during this Spring for CDO. In comparison, on-prem FMC availability is likely to be from the Summer. 

The current function on the FMC is the “Assist” capability with the “Augment/Automate” due later. 

As part of the assist capabilities, this is where you can naturally query the assistance in the same way you may type a question into Google or ask a colleague over an instant message. The power of this comes with its focus on the information across your firewall to provide invaluable insight quickly. The example Cisco demonstrated a few times was for instance asking how to upgrade the firewall firmware. Within 10-20 seconds of asking the question, the assistant pulled out directly relevant information for the firewall version currently running and how to upgrade in easily broken-down steps. While I acknowledge in this instance, that this is something you can in principle google and gather the same information, the way it presented the information made it very digestible compared to reading configuration guides. In terms of accessing this function, it simply existed embedded into the UI as if you have a constantly available live chat with a friendly consultant ready to help at any time! 

However, I believe this power lies within explicit information around policies and configurations based on your live firewall setups.  In turn, during the demo, I took the wheel and explicitly queried information which would be more bespoke, such as, “What policies have not been used within the last 14 days?” or “How do I create a VPN policy to enable contractors only to access the IoT server administration page on port 443?”.   

The power of this was seen from quick examples like this, however, in my demo the assistant produced step-by-step guides to creating these policies as opposed to just advising on the rule. Naturally, a suitable engineer should still review this to validate the steps and to align with any change control processes. However, the time saving is quite incredible and will empower the administrators to invest their time into more business transformation tasks. Further down the line, will come the ability for the firewall to also create policies and edit them live, but at this time this is not available. I also suspect we will all want to be heavily testing and re-validating then blindly having an AI adjust our firewall policies right away. This may make many of us feel uncomfortable for now however it’s likely in time to be considered a normal situation as we build trust in its capabilities. 

Personally, I am excited about what this could drive for our customers to get additional value from their existing deployments. Further, for those exploring how to drive efficiencies, this will drive greater value from the Cisco security portfolios.  This is the early days of driving AI adoption across a range of Cisco solutions, and we are just at the starting point of what is capable. 

In terms of Secure Access, this was shown with full capabilities being available within this product set. This was built into the UI function in the same likeness as before and gave the ability to again query your policies and setups. The key difference being in Secure Access it could further expand on the queries and then create/edit the setups for you!  

I would love to have further conversations on what this could mean for you and your technical teams and would like to personally invite you into our Cisilion Client Experience Centre to build up roadmaps in ensuring you do not miss out, as this is rolled out. 

Related articles and resources