Cisco Hybrid Mesh Firewall At-a-Glance
Available Languages
Bias-Free Language
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Firewalling for the AI era: Every workload, every connection, every time.
Firewalls have long been the cornerstone of enterprise security. However, a new shift is underway where modern application architectures span multiple clouds, data centers, and distributed edges—dramatically increasing the number and variety of firewalls enterprises must manage.
This explosion in complexity has created an urgent need for simplified, unified management, but simplifying management alone is not enough. Unauthorized lateral movement continues to be a concern for most organizations, vulnerabilities are being exploited at machine scale, and the introduction of AI has introduced a new attack surface that traditional next-generation firewall architectures cannot effectively secure. Simply put, firewalling in the AI era must be able to support zero trust segmentation, shield vulnerabilities from exploits, stop advanced threats, and protect the development and deployment of AI applications all from a single interface.
Cisco Hybrid Mesh Firewall is a highly distributed security fabric optimized to stop advanced threats, protect vulnerabilities—including AI models—and implement zero trust segmentation across data centers, clouds, and edge sites. It consumes network-born identity (user/device/thing) and runtime workload identity (service/process) to create micro-perimeters and apply segmentation, threat, and AI protection in-path-at the app edge and inside workloads and containers.
Policy is orchestrated by Cisco Cloud Control – a single, unified intent-based console—pushing the right controls across appropriate enforcement points, while rich telemetry flows through Splunk.
Cisco Hybrid Mesh Firewall simplifies adoption and protects your investment with flexible licensing through the Cisco Cloud Protection Suite, enabling you to easily access different capabilities and new innovations as your business needs evolve.
Improve performance: Distributed security placed as close to the application as possible simplifies network design, removes performance bottlenecks, latency, and reduces cost.
Reduce risk: Industry leading threat intelligence combined with comprehensive security stops advanced threats, prevents unauthorized lateral movement, safeguards vulnerabilities from exploits, and protects the development and deployment of AI.
Simplify operations: Centrally manage all your enforcement points enabling organizations to write a policy once and enforce across their environment. This reduces manual labor and overhead associated with administering policies across disparate tools and environments.
Lower total cost of ownership: Simple licensing, unified management of enforcement points, AI-driven automation, and orchestration means faster time to value, and reduce overhead
Future-proofed for AI adoption: Add security as your business needs evolve without rip and replacement; defend against novel threats targeting AI models and applications.
Intelligent Centralized Management: Automatically configure, deploy, and scale firewalls across environments without scripting. Reduce overhead with AI assistant.
Advanced Threat Protection: Detect threats in encrypted traffic without decrypting. When decryption is necessary, leverage high-performance hardware with price-performance leadership.
End-to-End Segmentation: Prevent unauthorized lateral movement across data center and clouds with topology aware security that understands app dependencies.
AI Model Protection: Leverage AI guardrails to safeguard in real-time against threats introduced through the development and deployment of AI applications.
Exploit Protection: Prioritize CVEs and shield vulnerabilities from exploits to buy time for patch development.
Why Cisco Hybrid Mesh Firewall?
Highly distributed security fabric. Unified management. Single vendor. Intelligent security that meets you where you are to protect your apps wherever they are.
Cisco goes beyond ‘firewalling in a box’ to fuse security into the network, cloud, container, and workload for a highly distributed fabric. It puts security where you need it, incorporates your existing firewalls, scales with your business, and handles policy management that goes beyond human-scale. It is available in a flexible license that evolves with your needs and as Cisco innovates.
1. Fuses security into the fabric of the network
● Distribute security using smart switches and workload/container agents, in addition to physical, virtual, and cloud-optimized firewalls, 3rd party, and CSP-native firewalls
● Natively enforces identity-aware policies based on asset discovery and traffic tagging using Cisco Identity Services Engine to mitigate risk of IoT devices on the network
● Enforce process-level segmentation in traditional and modern Kubernetes environments
2. Protects apps and AI workloads
● Secure the development and deployment of AI applications and agents with validation, algorithmic red-teaming, and native guardrails
● Shield vulnerable applications and infrastructure from exploits with runtime vulnerability shields, buying time for patching
● Find threats in encrypted traffic at scale both on the network and by inspecting outside of the encryption boundary in the workload
3. Unified, agentic operations
● Write, test, optimize, and deploy policies across the mesh, including 3rd party firewalls, with AI-native unified management
● Leverage AI for agentic workflows to automate and simplify security operations and troubleshooting
● Accelerate detection and response with edge summarization and integration with Splunk
Protects your business
Increase resilience and avoid downtime with the right security controls and the optimal enforcement points.
Protects your team
Dramatically increase your team’s efficiency by freeing up resources with centralized management of security tools and ability to analyze and optimize policies quickly across the fabric.
Protects your investment
The Cloud Protection Suite is your path to Hybrid Mesh Firewall. It marries simplicity and flexibility that evolves with your security needs to more easily achieve your outcomes. No rip and replace, simply leverage solution innovations at your own pace as your business scales.
To find out more about Cisco Hybrid Mesh Firewall products and services, visit http://www.cisco.com/go/hybridmeshfirewall.
To view buying options and speak with a Cisco sales representative, visit www.cisco.com/site/us/en/buy/index.html.