When AI agents start managing the networks that run everything else, the question of who governs those agents becomes more pressing than the question of what they can do. That’s the problem Cisco is positioning Cloud Control to solve, and it’s a more honest pitch than most of what came out of Cisco Live in Las Vegas this week.
Cloud Control is a unified management platform that brings networking, security, compute, observability, and collaboration into a single environment. One login, one data layer, one place for human operators and AI agents to work from the same operational context. The platform includes tools for building custom agents and apps using natural language, connects to over 50 third-party platforms through native connectors and the Model Context Protocol, and feeds into a marketplace where those agents and apps can be shared across an organisation’s Cisco estate.
The announcement sits inside a broader shift that has been building for a couple of years. Competitors like Microsoft, ServiceNow, and Palo Alto Networks have each released their own versions of the converged AI operations platform, whether that’s Copilot-integrated Azure management, Now Assist, or Palo Alto’s XSIAM. The category thesis is consistent: IT environments are too complex and too fast-moving for human-paced operations, and the answer is agentic workflows that can detect, diagnose, and act without waiting for someone to open a ticket. Cisco isn’t inventing this idea. What it’s doing is building it on top of infrastructure that it actually owns and runs.
That matters more than it might seem. The Deep Network Model, which Cisco describes as grounded in 40 years of operational networking data, is the kind of proprietary asset that a software-first competitor would struggle to replicate. When an AI agent reasons about a network anomaly, it’s only as good as the context it has access to. Cisco’s argument is that nobody has more of that context than it does, and Cloud Control is how it surfaces that advantage. The claim is worth scrutinising, but it’s not empty. Robbins projected that network traffic associated with AI will triple in the next three years, and that’s before robotics, manufacturing automation, and physical AI workloads come fully online. For Cisco, that’s both a commercial opportunity and a structural argument: the more AI traffic the network carries, the more valuable purpose-built network intelligence becomes relative to generic management platforms.
The security angle is where Cisco’s announcements get genuinely interesting rather than just competitively logical. In his keynote, Chuck Robbins made an observation that was more candid than most CEOs offer at their own conferences: 90 days ago, nobody was talking about Mythos. Memory was the topic. Then Anthropic’s most advanced frontier model was released and the conversation shifted entirely, which is why Robbins is now fielding calls from CEOs across the Business Roundtable’s top 240 American companies asking what they should be doing. The speed of that shift is the actual threat, and it’s what gives the security announcements here more urgency than the usual enterprise vendor roadmap.
Cisco has been a charter member of Anthropic’s Project Glasswing, through which it has stress-tested its own products against Mythos, finding vulnerabilities before adversaries can. The practical output includes the open-sourced Foundry Security Spec, a framework for agentic security evaluation that any defender can apply. Cisco also scanned 1.8 billion lines of code across 25 programming languages in the past eight weeks using frontier models. Robbins noted that it would have taken roughly eight years before these models existed. He also said, without hedging, that these models are as bad today as they are ever going to be. That framing is worth sitting with, because it means every timeline for defensive infrastructure modernisation is already running late.
Live Protect, Cisco’s runtime vulnerability patching capability, is now expanding from Nexus N9000 series switches to campus and branch smart switches, with secure routers to follow later in the year. The no-reboot, no-downtime premise is the right response to a threat environment where the window between vulnerability discovery and active exploitation has collapsed from weeks to minutes. Whether the expansion timeline holds is a different question, but the direction is correct, and the infrastructure layer is the right place to solve it.
The quantum readiness work deserves a mention even if it will feel abstract to most readers. “Harvest now, decrypt later” attacks, where adversaries collect encrypted traffic today to decrypt once quantum capabilities mature, are already happening at a scale that most enterprises haven’t accounted for. Cisco’s new Quantum Ready Assessments, available through Cisco IQ, are designed to identify which assets are most exposed and where to start. The commitment to quantum-safe secure boot on all newly introduced campus, branch, and data centre hardware going forward is the kind of supply-side default that actually moves the needle over time, even if no individual customer feels it immediately.
Cisco IQ itself is worth watching. More than 1,700 customers have onboarded in the past few weeks, with 90% doing so without direct assistance. The platform now supports on-premises deployment for customers with data sovereignty requirements, which reflects something Robbins addressed directly in the keynote: governments across Europe, Asia, and elsewhere are demanding sovereign infrastructure, and the requirements aren’t consistent or converging. On-premises, air-gapped, trust-based licensing, varying definitions of what sovereignty even means across jurisdictions. Cisco is trying to build a portfolio that bends to those requirements rather than asking governments to bend to its architecture. South African enterprises, particularly in financial services and government, have been navigating exactly these constraints as they evaluate cloud-based management platforms. The peer benchmarking capability, which lets organisations compare their security posture and infrastructure risk against anonymised peers of similar size and sector, is a practical tool in environments where teams don’t always have visibility into how their exposure compares.
The ecosystem list for the Cloud Control Marketplace runs to over 50 partners, including AWS, Google Cloud (now incorporating Wiz), Microsoft, ServiceNow, Okta, PagerDuty, Snowflake, and Tenable. The breadth is both a feature and a complexity. A platform that integrates with everything is also a platform that requires careful governance over what agents from those integrations are permitted to do. Cisco’s framing of “humans in control” is the right instinct, but the operational reality of maintaining meaningful oversight when agents are executing at machine speed is a challenge no vendor’s fully solved. Cloud Control enters controlled availability in the United States today, with global availability to follow.
What Cisco announced at Cisco Live is less about any individual product and more about a strategic repositioning. As Cisco has argued before, the network is the layer that everything else depends on, and Cloud Control is an attempt to make that layer the place where AI agency is governed, not just where traffic flows. Robbins gestured at a longer arc too: quantum computing combined with AI as a tool for attacking chronic disease, which is the kind of speculative framing that reveals where Cisco thinks its relevance points beyond the current infrastructure cycle. Whether enterprises accept Cisco as the governance layer for agentic AI will depend on how fast IT teams can actually implement the architecture Cisco is describing, at a moment when, as Robbins acknowledged, the threat model is already shifting faster than most organisations can absorb.