Follow on Twitter using the following hashtags or usernames: #CiscoLive, #CiscoLive26
Watch on YouTube
Watch on Vimeo
Cisco showcased AgenticOps powered by Cisco Cloud Control, a unified platform designed to serve as a single pane of glass for cross-domain telemetry and infrastructure operations. The architecture is anchored by a layer of trusted agents that operate within an agentic loop across five critical stages: sense, diagnose, remediate, validate, and deploy. The foundational sense layer aggregates deep user experience metrics and infrastructure state data across wired, wireless, and wide area networks (WAN) by incorporating the extensive visibility of Cisco ThousandEyes and Splunk. This comprehensive network telemetry feeds into ambient agents that remain active 24/7, transitioning the operational paradigm from on-demand reactivity to automated, real-time macro-level monitoring.
Central to the diagnostic stage is Cisco’s new deep reasoning engine, a specialized system trained on forty years of institutional networking expertise and CCIE problem-solving methodologies rather than general-purpose linguistic patterns. Deep reasoning enforces a structured, step-by-step troubleshooting methodology that systematically evaluates failure points, such as faulty cabling, configuration drifts, or BGP routing anomalies, and pairs its findings with corroborating dashboard evidence to establish verifiable trust for network operators. To eliminate the historical risk of minor policy updates causing widespread network downtime, the system introduces a digital twin virtualization environment. This twin creates exact replicas of Cisco IOS-XE topologies and configurations to execute thorough pre-change validation, while ThousandEyes synthetic testing ensures the precise health of the path before any policy modification is finalized.
Operational control and deterministic execution are maintained through Cisco’s agentic workflows, a specialized automation language that orchestrates recommended remediations in explicit sequences. Every automated configuration adjustment is logged within an audit trail, addressing critical requirements for transparency, compliance, and human oversight in mission-critical enterprise environments. This structured framework is designed to manage future scaling challenges as networks transition from human-centric metrics to environments populated by trillions of interacting agents. By automating routine troubleshooting, isolating edge-case emergencies, and validating security policy updates through Cisco Cloud Control, AgenticOps aims to maximize infrastructure uptime and allow operators to focus on proactive operations and comprehensive security audits.
Personnel: Kris Rangarajan, Raj Rikhy
Watch on YouTube
Watch on Vimeo
Switching infrastructure is being reinvented to meet the demands of AI workloads, evolving threats, and the looming quantum era. In this Tech Field Day session, we explore how zero-downtime operations, quantum-resistant cryptography, and embedded vulnerability protection are transforming switches from passive forwarding devices into intelligent, self-defending platforms. Join us for a deep, no-hype look at the architecture and innovations defining the next decade of networking.
Minhaj Uddin introduced the expanding Catalyst smart switching portfolio, highlighting the newly launched Catalyst 9550 fixed-core platform alongside the expanded 9350 access fiber and copper models, all engineered on Cisco Silicon One architectures to address the shifting requirements of symmetrical AI and rich media traffic patterns. A major evolutionary update showcased for the 9350 family is the 48HXG copper model, which incorporates an integrated GPU onto the CPU, deep buffer memory, and an external SSD to facilitate containerized edge computing and future localized firewall hosting. This hardware foundation is paired with a complete transformation of stacking mechanics; Cisco has replaced old ring topologies with a point-to-point, standards-based mesh architecture that utilizes an internal Shortest Path First (SPF) algorithm and VXLAN data encapsulation to deliver 1.6 Tbps of stacking bandwidth and 2,000 watts of mesh power distribution through plug-and-play click cables.
On the security front, Uddin detailed Cisco’s approach to post-quantum cryptography (PQC) and real-time threat mitigation at AI speed. The smart switching line incorporates a dedicated hardware Trust Anchor Module (TAM) that replaces traditional RSA and ECC signing with NIST-approved PQC-resistant algorithms, including LMS for secure boot firmware verification, ML-KEM for key exchanges, and ML-DSA for Cisco IOS-XE software validation, targeting total Commercial National Security Algorithm (CNSA) 2.0 compliance by the end of 2026. Furthermore, Cisco Live Protect embeds an Isovalent Tetragon agent natively within the IOS-XE kernel, leveraging extended Berkeley Packet Filters (eBPF) to monitor or enforce granular process-level blocks against zero-day exploits. Managed via Cisco Cloud Control or standard CLI, these shields download directly from Cisco Connection Online (CCO) to act as a hot, proactive band-aid that closes vulnerability exposure windows in real time without causing hardware reloads or interrupting production traffic.
The presentation concluded with a focus on zero-downtime operations, demonstrating Extended Fast Software Upgrade (XFSU) capabilities designed to eliminate maintenance windows. While traditional standalone switches experience a brief traffic interruption during software upgrades, the structural enhancements on the Catalyst 9350 smart switches bring data plane traffic impacts down to sub-second or low millisecond thresholds for Layer 2 and Layer 3 deployments, with extended roadmap support slated for BGP EVPN and Software-Defined Access (SD-Access) fabrics. To preserve the local network topology during a complete operating system reload, a specialized micro-engine inside the Silicon One ASIC continually transmits Spanning Tree Protocol (STP) BPDUs, preventing downstream client timeouts. The live demonstration illustrated a full XFSU cycle orchestrated through Cisco Cloud Control and Catalyst Center, showing that the underlying data plane safely caches stateful routing entries in a protected memory space to successfully flush them back to the active forwarding tables post-reload, incurring an operational hit of just 28 milliseconds.
Personnel: Minhaj Uddin
Watch on YouTube
Watch on Vimeo
The campus network is now a strategic part of AI, hybrid work and secure experiences across the enterprise. In this Tech Field Day session, we explore how security is infused into fabric architectures, powered by automation and intent-driven design, are redefining the next era of enterprise networking.
Jayakrishna Mada, Director of Technical Marketing Engineering for the Cisco Campus Business Unit, introduced Cisco’s evolving campus fabric strategy, which focuses on delivering simplicity, built-in security, and advanced assurance to enterprise networks. A historical hurdle for fabric adoption has been a steep learning curve and highly complex troubleshooting workflows spanning separate underlay, overlay, and control planes. To solve this, Cisco showcased Cisco Cloud Control, a single, unified management dashboard designed to abstract the sophistication of individual platforms without ripping and replacing existing infrastructure investments. Operating as a cross-domain orchestration layer, Cloud Control manages both the data center side via Nexus Dashboard and the campus side through Meraki, creating a cohesive ecosystem where NetOps and SecOps teams can easily manage fabrics, create multiple virtual routing and forwarding (VRF) segmentation layers, and bridge campus and data center environments through automated back-to-back fabric peering.
The presentation heavily emphasized the transition from manual change management to intent-driven, automated workflows. To accommodate formal corporate change control processes, Cisco Cloud Control implements a staging architecture where multi-site network policies, autonomous system numbers, and device role changes (such as converting a leaf switch into a border node) are held in a staged mode for senior administrative approval before being committed to production. Mada demonstrated this dynamic orchestration by executing security policies on the fly within a simulated hospital environment. To counter a localized threat, an administrator easily adjusted a scalable group tag (SGT) contract from “allow” to “deny,” immediately isolating a compromised nurse laptop from sensitive finance servers. Because this intent-driven architecture is driven globally via the cloud-managed fabric, the security policy was instantly and consistently pushed to both the primary campus site and distributed remote branch locations.
The final block of the session focused on Cisco’s next-generation assurance engines: the pervasive AI Assistant, AI Canvas, and the newly launched deep reasoning engine. Unlike traditional reactive alerts, the deep reasoning engine executes comprehensive fabric health checks by assessing scope, site counts, and total findings, then systematically organizing network anomalies into strict priority tiers–such as flagging single power supply vulnerabilities or missing secondary border peers. Mada demonstrated how the deep reasoning engine processes complex data plane issues, such as identifying a missing DHCP relay configuration on a specific VLAN while recognizing that existing clients retained their leases. Furthermore, when audited regarding a connection failure between a nurse workstation and a finance application, the engine analyzed the fabric’s historical configuration drift, pinpointing the exact date and administrative change that altered the rule. Looking toward future threat vectors, Mada concluded with a focus on Cisco Validated Designs and AI Defense frameworks, noting that as organizations spin up millions of automated processes, Cisco’s end-to-end security fabric must evolve to monitor, detect, and mitigate malicious behavioral changes in local and remote digital agents.
Personnel: Jayakrishna Mada
Watch on YouTube
Watch on Vimeo
Arpitha Shetty and Simarbir Singh presented the modular strategy behind Cisco Unified Branch, utilizing architecture standards categorized by size. Small branches rely on a single-tier footprint consisting of one router, one switch, and one access point, while medium deployments layer on redundant edge routing alongside a switch stack. Large branches scale out into multi-tier topologies featuring two routers, comprehensive distribution and aggregation switching, and broad wireless access point density to support complex, high-density traffic. To ensure robust day-zero protection, Cisco incorporates validated designs (CVDs) that turn on Next-Generation Firewall (NGFW) features, secure network visibility, and automated Cisco Secure Access integration by default across the entire hardware stack. The team also introduces specialized, vertical-specific baseline configurations engineered to preserve mission-critical workflows, such as guaranteeing localized point-of-sale (POS) network isolation and uptime for retail and cafe operations.
The day-zero live demonstration emphasized rapid, multi-site provisioning driven through the cloud-managed Meraki dashboard and the in-house Cisco Deep Networking Model LLM. By invoking the native AI Assistant, operators can execute modular JSON-based automation toolkits that configure hybrid environments, including IOS-XE edge routing within Catalyst SD-WAN Manager alongside Meraki wireless and switching layers, in under two minutes. This blueprint transitions into day-two operations by utilizing an ambient agent infrastructure that runs continuous, background compliance checks. When instructed to execute a retail-specific security audit via deep reasoning mode, the AI Assistant references active runbooks to identify non-isolated POS systems, flags priority-one PCI-DSS compliance risks, maps configuration drift evidence, and constructs a downloadable remediation workflow to dynamically apply necessary VLAN separations and firewall rules across both primary sites and remote branches.
The session concluded by highlighting proactive infrastructure management through predictive data modeling. The integrated AI Assistant generates detailed 30-day capacity forecasts by analyzing peak traffic patterns and historical 95th-percentile datasets, protecting operations from unforeseen seasonal spikes or retail holiday trends. The resulting data plane projections map specific up-and-down speed growth curves for multiple WAN links, assign overall operational risk scores, and isolate specific latency bottlenecks or packet loss anomalies across public endpoints. Armed with this granular telemetry, the platform automatically compiles comprehensive remediation paths, guiding administrators to fine-tune stateful SD-WAN policies, institute automated bandwidth utilization thresholds, or acquire necessary ISP circuit expansions to maintain enterprise resiliency.
Personnel: Arpitha Shetty, Simarbir Singh
Thank you for being part of the Tech Field Day community! Our mailing list is a great way to stay up to date on our events and technical content, and we appreciate your signup.
We promise that we’ll never spam you, send ads, or sell your information. This list will only be used to communicate with our community about our events and content. And we’ll limit it to no more than one message per week.
Although we only need your email address, it would be nice if you provided a little more information to help us get to know you better!
