"She is literally guiding the direction of our product development."

At the Cisco Live! 2025 event, Cisco introduced the new N9300 Series intelligent switches designed to enhance security and improve network capabilities in multi-cloud environments and artificial intelligence workloads. These switches feature Cisco E100 Silicon One network processors and AMD data processing units (DPUs), as well as Hypershield, which integrates with Cisco Security Cloud Control.

To delve into these advancements, Tom Gillis, Senior Vice President and General Manager of Cisco's Security, Data Center, Internet, and Cloud Infrastructure Group, shared how these new devices can help address current threats in data centers.

Gillis mentioned that 2024 was marked by significant cyber disasters, such as the downtime of CrowdStrike, which affected a large portion of global systems, and the Salt Typhoon attacks targeting telecommunications networks in the U.S. Although these are not directly comparable events, both had a considerable impact on the technology and networking industries.

One highlighted incident was an error in a security update that caused millions of Windows devices to experience the infamous "blue screen of death." Although a test deemed successful was carried out before its release, the error went undetected by the diagnostic software. Gillis emphasized the lesson learned: "CrowdStrike showed that introducing security updates into a core module can be disastrous. A bad update can lead to a global system outage."

The architecture of the new intelligent switches provides strict separation between network and security aspects. The network portion uses the Silicon One processor, while security operates on the DPU. Gillis clarified that while the software runs on both, they have independent memory spaces, allowing security updates to take place without jeopardizing network stability.

Additionally, the switches are equipped with a local artificial intelligence (AI) engine within the DPU that monitors individual firewalls on each switch port. This means that a data center can have up to a million ports, each with its own firewall. Interestingly, each port not only has an active firewall but also a "shadow data path" for the latest updates. This allows for constant assessments of critical metrics and careful migration of flows from one firewall to another without disrupting service.

Gillis also commented on the impact of the Salt Typhoon attacks on Cisco's product development direction, indicating that these events are redefining their priorities. He noted that infrastructure will essentially rely on more resilient and self-defensive software. This approach aims to strengthen their architecture to enhance defense against cyber attacks, marking a significant step in the evolution of security in network infrastructure.