Watch on YouTube
Watch on Vimeo
The campus network is now a strategic part of AI, hybrid work and secure experiences across the enterprise. In this Tech Field Day session, we explore how security is infused into fabric architectures, powered by automation and intent-driven design, are redefining the next era of enterprise networking.
Jayakrishna Mada, Director of Technical Marketing Engineering for the Cisco Campus Business Unit, introduced Cisco’s evolving campus fabric strategy, which focuses on delivering simplicity, built-in security, and advanced assurance to enterprise networks. A historical hurdle for fabric adoption has been a steep learning curve and highly complex troubleshooting workflows spanning separate underlay, overlay, and control planes. To solve this, Cisco showcased Cisco Cloud Control, a single, unified management dashboard designed to abstract the sophistication of individual platforms without ripping and replacing existing infrastructure investments. Operating as a cross-domain orchestration layer, Cloud Control manages both the data center side via Nexus Dashboard and the campus side through Meraki, creating a cohesive ecosystem where NetOps and SecOps teams can easily manage fabrics, create multiple virtual routing and forwarding (VRF) segmentation layers, and bridge campus and data center environments through automated back-to-back fabric peering.
The presentation heavily emphasized the transition from manual change management to intent-driven, automated workflows. To accommodate formal corporate change control processes, Cisco Cloud Control implements a staging architecture where multi-site network policies, autonomous system numbers, and device role changes (such as converting a leaf switch into a border node) are held in a staged mode for senior administrative approval before being committed to production. Mada demonstrated this dynamic orchestration by executing security policies on the fly within a simulated hospital environment. To counter a localized threat, an administrator easily adjusted a scalable group tag (SGT) contract from “allow” to “deny,” immediately isolating a compromised nurse laptop from sensitive finance servers. Because this intent-driven architecture is driven globally via the cloud-managed fabric, the security policy was instantly and consistently pushed to both the primary campus site and distributed remote branch locations.
The final block of the session focused on Cisco’s next-generation assurance engines: the pervasive AI Assistant, AI Canvas, and the newly launched deep reasoning engine. Unlike traditional reactive alerts, the deep reasoning engine executes comprehensive fabric health checks by assessing scope, site counts, and total findings, then systematically organizing network anomalies into strict priority tiers–such as flagging single power supply vulnerabilities or missing secondary border peers. Mada demonstrated how the deep reasoning engine processes complex data plane issues, such as identifying a missing DHCP relay configuration on a specific VLAN while recognizing that existing clients retained their leases. Furthermore, when audited regarding a connection failure between a nurse workstation and a finance application, the engine analyzed the fabric’s historical configuration drift, pinpointing the exact date and administrative change that altered the rule. Looking toward future threat vectors, Mada concluded with a focus on Cisco Validated Designs and AI Defense frameworks, noting that as organizations spin up millions of automated processes, Cisco’s end-to-end security fabric must evolve to monitor, detect, and mitigate malicious behavioral changes in local and remote digital agents.
Personnel: Jayakrishna Mada
Thank you for being part of the Tech Field Day community! Our mailing list is a great way to stay up to date on our events and technical content, and we appreciate your signup.
We promise that we’ll never spam you, send ads, or sell your information. This list will only be used to communicate with our community about our events and content. And we’ll limit it to no more than one message per week.
Although we only need your email address, it would be nice if you provided a little more information to help us get to know you better!
