Ryan Noik speaks to Nabeel Rajab, cybersecurity technical solutions architect at Cisco South Africa, who gives a deeper insight into the newly released Hypershield. In Part 1, Rajab explains how Hypershield works to combat the security threats known and yet to be known.

RN: Can you provide a brief summary of why the recent Cisco Hypershield is such a noteworthy development?

NR: I think it's really groundbreaking because it is completely new, it's something that we've never done before. It’s an innovative way of approaching security in the data center application workload space.

It has been completely reimagined from the ground up; we had to really take a deep look at this area of customer environments, of data centers, of applications and of the future of what we see applications are going to be, and then reimagine the way we do security for each.

Hypershield is quite groundbreaking because it is not something that has been adapted or changed, or even redesigned, it is a whole new way of approaching security.

RN: What does it mean for organisations and datacentres from a security point of view?

NR: From the security point of view, it's really more around providing a fabric, rather than deploying point solutions at different parts in the environment. Previously we would take user and application traffic, and we would funnel it towards a protection point. And that is quite cumbersome, and could miss a lot of what's happening in the environment.

From a security perspective, re-imagining the way we protect these environments, by creating a fabric of enforcement and a fabric of monitoring, that's encompasses the breadth of the environment, but also goes deeply into the workloads themselves. This fabric-based approach is going to touch a lot more points within the environment, and it's really going to give us pervasive security.

RN: How does Hypershield work, so as to provide unprecedented levels of security?

NR: Hypershield is basically a cloud native service, it's a Security as a Service (SaaS) based product. So it is really a centralized way of controlling the security for that environment. But it's made up of a lot of very small, lightweight components.

If you think about taking a massive firewall, or some sort of traditional protection that we would have in an environment, and then splitting it up into hundreds of 1000s of tiny components, and then embedding that into various areas within the environment, whether that is a switch or server or within a container, or even as its own little virtual machine. Hypershield is essentially made up of a tiny little software agent that lives right there with the workload on an operating system.

It's really a completely hyper distributed way of doing the inspection and the enforcement and adding all the artificial intelligence (AI) and automation that we get from AI into the protection for the estate.

RN: Can you elaborate on the AI infused architecture of the Hypershield, and why having a solution built on AI is particularly important and relevant now?

NR: Being able to build something from the ground up natively with AI is important because, in the past there's been a lot of AI tools and AI services that have been attached or built on to existing solutions out there. But what we've done with Hypershield is we've developed from the ground up with AI native capabilities in mind.

 AI is one of the fundamental aspects of Hyper shield, it's not something that was bolted on top of an existing solution. So coming back to what I previously mentioned about why there's such a fundamental shift with Cisco Hypershield (see the first answer), is because we developed it with AI in mind.

We did this by creating, firstly, the ability to monitor the environment, using those little components that I spoke about before, collecting that data, understanding behavioral operations within that environment, and then being able to automate change, and automate adaptations to what the system is seeing within that data center, or within the applications and workloads.

Without AI, we wouldn't be able to do this, because AI is fundamental in allowing us to operate at machine speed. There's only so much that a human being can do in a given amount of time, whether it is one person or a team of people. Human beings can't operate at machine speed. That is why we need to have an augmented assistance, or augmented services that AI can provide. When I talk about operating at machine speed, I'm talking about looking at these massive, hyper distributed environments. And the system is looking at everything across the entire environment all the time, and being able to make decisions on the fly, in real time.

RN: Will Cisco will be designing and bringing solutions to market in the future that are similarly AI designed and AI first - does Hypershield represent a new dawn for how the company will create solutions moving forward?

NR: I definitely think so. I mean, as I mentioned, AI is becoming more and more pervasive, it's becoming more mature. We are learning how to best utilize the data that we must to build good AI tools. I believe the future for Cisco is going to be one filled with AI.

But having said that, it's not something new to us. We have been using AI tools for the longest time. we've been using AI in our analytics engines, within our solutions, to crunch specific types of numbers and look at spatial planning within wireless environments.

We've recently launched AI for security as well within the assistant generative AI space, so we have something like a chatbot on a management console, either for our extended detection and response capability, or our firewalling management system. And these AI tools allow us to query what's happening within our environment.

I think with Hypershield, for example, there is sort of that fundamental shift now that we are thinking and developing with AI natively from the ground up. So that I think is the is the real change. Instead of adding AI on top of the tools that we already have, we're imagining these tools with AI embedded from day one.