- Cisco Cloud Control gives humans and AI agents a unified platform to manage and defend critical infrastructure
- New agent security capabilities protect AI agents from hostile environments and protect networks from rogue agents
- Live Protect expands to shield Nexus 9000 switches and more Cisco products from new vulnerabilities at runtime
CISCO LIVE 2026, LAS VEGAS — Cisco kicked off its annual customer and partner conference Tuesday with a stack of announcements designed to rebuild infrastructure, management and security tools for a workforce that is no longer entirely human.
Anchoring the portfolio is Cisco Cloud Control, a unified management platform to control AI agents and put them to work managing and securing the network. The broader launch spans autonomous network operations, data center and campus networking, security against AI-accelerated threats, multicloud connectivity and long-term resilience services.
"We are firmly moving from the age of chatbots to the age of agentic AI," said Jeff Schultz, Cisco SVP, portfolio strategy, on a call with media before the event. "Every agentic action is a routing challenge, a trust decision and a telemetry event."
Network operators face infrastructure, trust and data constraints that limit the value of AI investments, Schultz said. AI agents generate long, sustained network loads rather than the spiky traffic of chatbots, creating infrastructure challenges. Agents now collaborate with other agents and require access to systems, creating new trust requirements. And networks are generating more telemetry data than operators can usefully capture and apply.
Cloud Control: one platform for humans and agents
Cisco describes Cloud Control as a "harness," without actually defining the term. The general meaning in recent industry discussion is that a harness provides a control and security framework to allow agentic AI to do useful work.
In other words, a software harness does for AI agents what a physical harness does for a horse or ox. Or, as Reddit user Sleepnotdeading said: "A bunch of LLMs with no harnesses are like dogs in a dog park. A bunch of LLMs fitted with a well harnessed workflow are a dogsled team."
Cisco Cloud Control brings together Cisco's historically siloed product lines — Nexus Dashboard, Meraki, Intersight, Security Cloud Control, Collaboration and Splunk — under one login and one operating model. Cisco describes it as going beyond a dashboard to provide an active execution environment with policy and identity built into the control path.
"Agents are doing the heavy lifting and humans are in control of what happens," said DJ Sampath, Cisco SVP and GM, AI software and platform.
The AI Canvas workspace, which debuted roughly a year ago, provides a collaborative environment where human operators and AI agents share the same live telemetry, investigation context and remediation options. Context persists across shifts, meaning operators who hand off an active investigation don't lose the work that's already been done.
Cloud Control Studio adds two customization environments. Agent Builder lets customers and partners build, train and bring their own agents. App Builder, built in partnership with OpenAI and using Codex, lets users describe an application in plain language and have it deployed as a running, governed enterprise app within Cloud Control — with Cisco identity, hosting and policy built in from the start. Cisco says its own engineering teams used Codex to build the Cloud Control platform in four months.
Meanwhile, Cloud Control Marketplace catalogs more than 50 partner integrations, including Amazon, Google, ServiceNow and Slack. Partners can publish agents and applications they build in Studio.
Cloud Control enters controlled availability in the United States this month.
From 'in the loop' to 'on the loop'
Cisco is simultaneously pushing toward fully autonomous network operations while emphasizing that humans remain in control.
"It is very similar to how a toddler learns to walk," Sampath said. "The first time they start walking, they hold onto things they can grab. Once they have confidence, they start walking."
Sampath added: "Over a period of time, humans will switch from being in the loop to being on the loop, where they are watching all of these tasks being performed and ensuring the right things are happening."
Cisco's framework for this progression is the Agentic Loop, a five-stage workflow — sense, diagnose, remediate, validate, deploy — that structures every autonomous action with audit trails, approval queues and operator-defined autonomy controls. Agents can be pre-approved for low-risk actions and routed to a human approval queue for higher-risk changes.
Before a change is deployed in a production network, it can be tested against a digital twin of the environment. "When they sense a problem, they can reason through the root cause analysis, come up with a remediation, test that remediation in a digital twin of your network, and then deploy to production," said Anurag Dhingra, Cisco SVP and GM, enterprise connectivity and collaboration.
This positions Cisco against the network automation market broadly, where vendors including HPE-Juniper's Mist AI platform as well as Nokia's Autonomous Network Fabric and Ericsson's AI-driven autonomous network efforts are pursuing autonomous network goals. The differentiator Cisco claims is the depth of its cross-domain telemetry and the breadth of its installed base — if the agent is grounded in 40 years of Cisco operational data, it has more to reason from than a point product.
Live Protect and post-Mythos AI security
Live Protect, which Cisco introduced on Nexus 9000 switches and is now expanding across its portfolio, addresses the accelerating post-Mythos AI threat environment to protect infrastructure.
"In a pre-Mythos world, this infrastructure might only have a dozen or so critical vulnerabilities over the course of a year, and it would take months before attackers would start to exploit the vulnerability," said Tom Gillis, Cisco SVP and GM, infrastructure and security group, in a blog. "So, an annual or semi-annual infrastructure update plan was reasonable and commonplace, especially in the data enter."
The new normal requires what amounts to a continuous-deployment model for security — more like painting the Golden Gate Bridge in small increments than shutting it down for a full repaint, Gillis said.
Cisco is collaborating with AI red-teaming firm Armadin to independently validate Live Protect shields before they are deployed.
Live Protect is currently shipping on Nexus 9000 switches, with expansion to SD-WAN Manager, Catalyst campus wireless controllers, switches and other platforms planned.
Post-quantum cryptography is also getting love. Cisco committed to enabling quantum-safe communications across the majority of its core portfolio by December 2026 and announced that all newly launched enterprise and data center routers, switches and firewall series will ship quantum-safe by default. The new Quantum Ready Assessments capability in Cisco IQ, planned for general availability in July, evaluates every device against quantum readiness criteria and produces a prioritized remediation roadmap.
Protecting agents — and protecting from agents
The proliferation of AI agents introduces two distinct security problems: agents operating in hostile environments need protection from attacks, and networks need protection from agents that may be compromised or malicious.
Cisco introduced DefenseClaw, its implementation of OpenClaw security for agentic systems, incorporating Claude Code. For the other direction — protecting assets from agents — Cisco announced Agent Discovery, which uses technology from Astrix, a company Cisco acquired last month. Agent Discovery identifies agents operating on the network, while fine-grained access controls assign roles to agents and provide just-in-time access scoped to the task at hand.
Cisco is a charter member of Anthropic's Project Glasswing and a participant in OpenAI's Daybreak program, both of which use frontier AI models to stress-test Cisco's own products for vulnerabilities before adversaries can find them.
Data center: unified networking from fabric to container
In the data center, a persistent operational problem has been the gap between Kubernetes container environments and underlying network fabrics. Kubernetes is intentionally designed to abstract the infrastructure, which creates visibility gaps — when an application performs poorly, network teams and application teams can each see their own environment cleanly while the problem lies in the seam between them, Cisco said.
Cisco's acquisition of Isovalent, the company behind Cilium and eBPF-based networking, addresses this directly. Isovalent Networking for Virtualization (INV), now generally available, integrates with Cisco Nexus One via BGP EVPN, making every Kubernetes node a native participant in the fabric's routing domain. Security context travels with workloads as they move.
Campus and multicloud
On the campus side, Cisco introduced the C9550 series smart switches, built on SiliconOne, with 400G uplinks, eight times the IPv4 routing scale of the previous-generation C9500H, and dedicated on-switch resources for small language models and agents. New CW9177 Wi-Fi 7 outdoor access points and an expanded C9350 series round out the campus hardware.
Cisco also announced Multicloud Fabric, a network-as-a-service offering managed through Cloud Control that creates a single fabric for site-to-cloud and cloud-to-cloud connectivity across AWS, Azure and Google Cloud.
Cisco's own research found that agentic AI workflows generate roughly 450% more network traffic than manually performed tasks, with the majority being inference traffic that chains across multiple clouds — a data point that motivates the multicloud connectivity play.
Fierce's take
The breadth of these announcements reflects Cisco's strategic position: few vendors own much of the network stack, from silicon to software, from campus to data center to cloud edge. Cloud Control's value compounds with the amount of Cisco infrastructure an organization runs. Customers with heterogeneous environments — and most large enterprises have them — will get partial benefit until third-party integrations mature.
The competitive context matters here. Juniper's Mist AI platform, now within HPE's portfolio, has been making similar claims about AI-driven operations for several years and has a strong track record in campus environments. Nokia has pursued autonomous network ambitions on the service provider side. The difference Cisco is pressing is the cross-domain breadth — spanning campus, data center, security and cloud under one agent-powered management plane — which none of those competitors can match from a single vendor.
For more Cisco Live updates, and all the latest news and insights from Cisco, see the Fierce Network Cisco hub.