Cisco Expands Security Portfolio to Protect Agentic AI in Enterprises

Cisco  announced a sweeping evolution of its security portfolio to help enterprises adopt agentic AI with confidence, combining agent protection, interaction governance, and resilient connectivity for AI-driven workflows.

As organizations move from AI assistants to autonomous agents that use tools and data across hybrid environments, security teams need to strengthen agentic defenses, govern agent interactions with enterprise systems and external services, and maintain reliable, cryptographically protected connectivity at scale.

“In the age of AI, safety and security are pre-requisites for adoption, and AI agents bring a whole new set of challenges. As agents take on critical enterprise roles, we’re developing protections that work both ways: preventing agents from being compromised and controlling what they can access and do on our behalf.”

– Jeetu Patel, President and Chief Product Officer, Cisco

Protect agents from compromise, manipulation, and poisoned tooling

Agentic AI innovations have expanded the attack surface across AI supply chains and the tool ecosystem. Enterprises need protections that reduce the risk of agents being manipulated, or hijacked, including during tool interactions.

In the biggest expansion since its January 2025 launch, Cisco AI Defense delivers new features to better secure agents and the AI supply chain.

These features include:

• AI BOM (Bill of Materials): Provides centralized visibility and governance for AI software assets, including model context protocol (MCP) servers and third-party dependencies, to secure the AI supply chain
• MCP Catalog: Discovers, inventories, and helps manage risk across MCP servers and registries spanning public and private platforms, strengthening AI governance
• Advanced algorithmic red teaming: Expands the scope of AI security assessments with adaptive single and multi-turn testing for models and agents in multiple languages
• Real-time agentic guardrails to keep agents and applications safe: Continuously monitor and inspect agentic interactions to detect manipulation or unsafe behavior—such as poisoned tools or prompts designed to trigger unauthorized tool use—helping teams enforce policy and reduce compromise risk

Govern agent interactions and ensure AI workflows AI agents rely on continuous interaction with LLMs, SaaS applications, data stores, and tool endpoints that are often remote.

To meet these needs, Cisco SASE is unveiling new capabilities designed to both govern agent interactions and keep AI traffic reliable:

• AI traffic optimization for predictable performance during surges: Detects AI traffic and applies optimization techniques like packet duplication to maintain reliable, low-latency AI interactions during bursts of load
• MCP visibility, logging, and policy control: Discovers and governs MCP communications with in-path controls and inspection outcomes to manage agent-to-tool connectivity
• Intent-aware inspection of interactions and tool requests: Combines rapid detection techniques with cloud-based analysis to evaluate the intent behind agentic messages and actions to detect and stop threats
• Unified policy enforcement across SD-WAN and SSE: Coordinates controls in a single framework to simplify governance as agent adoption accelerates and regulatory expectations evolve

Deliver reliable, cryptographically protected connectivity at scale

To meet this challenge, Cisco is announcing IOS XE 26, the latest version of the operating system that powers millions of networks globally. The new release powers its recently announced Cisco 8000 Series Secure Routers and Cisco C9000 Series Smart Switches, as well as two new variants of the 8100 Series Secure Routers for small and mid-size businesses, also available today. IOS XE 26 delivers industry-first full-stack post-quantum cryptography (PQC) protections for the enterprise, defending organizations against device tampering and data compromise designed to align with evolving European and global regulatory guidance.