Brands

Hot News

Accelerating agent intelligence: Cisco Secure AI Factory expands with NVIDIA and VAST
Publish Time: 25 Feb, 2026

Artificial intelligence is entering a new phase. The conversation is shifting from model innovation to operational reality. Organizations are discovering that building AI models is often the easiest part of the journey. Running those models reliably, securely, and at scale across enterprise environments is where complexity emerges.

Many AI initiatives slow down, not because teams lack GPUs, data, or talent, but because there is no unified operating pattern that safely connects all of those elements into production. AI systems are not single applications. They are distributed ecosystems of data pipelines, inference services, orchestration layers, and increasingly, autonomous agents interacting with enterprise systems in real time.

Cisco Secure AI Factory with NVIDIA is built around a simple but transformative idea. AI must be treated as an end-to-end system. Performance, data readiness, cloud-native operations, and security cannot be designed separately. They must be engineered together from the beginning.

At VAST Forward 2026, we are demonstrating how that principle translates into a working secure AI data platform. This is not a future concept or hypothetical architecture. It is a real, deployable reference implementation built using NVIDIA accelerated computing infrastructure and software, VAST data services, Cisco infrastructure, the Isovalent Enterprise Platform based on Cilium and Tetragon, and Cisco AI Defense. It reflects a repeatable way to operationalize AI today while continuing to evolve toward deeper integration over time.

The new reality of enterprise AI

The rise of retrieval-augmented generation (RAG) and agent-driven applications is fundamentally reshaping how organizations interact with their data. AI systems are no longer isolated workloads. They continuously retrieve information, exchange context between services, and execute automated actions across business environments.

This transformation introduces a new type of operational challenge. The attack surface expands dramatically as AI workloads generate constant east-west traffic inside Kubernetes clusters. Runtime behavior becomes more dynamic as containers load libraries, execute helper processes, and interact with external services. At the same time, models and agents introduce risks that traditional security tools were never designed to address, including prompt injection, sensitive data leakage, and uncontrolled tool execution.

Business leaders are not asking whether these risks exist. They are asking whether AI can be trusted to deliver measurable outcomes without exposing the organization to unacceptable operational or regulatory exposure. The answer lies in designing AI platforms where security is inseparable from performance and scalability.

Building the platform from the data outward

Every effective AI system begins with data that is accessible, consistent, and immediately usable. VAST Data Platform and VAST InsightEngine transform enterprise data into an active participant in AI workflows rather than a passive storage layer. By automating ingestion, indexing, and retrieval pipelines, the platform enables enterprise data to become a reliable context for AI systems without the fragile and complex data engineering pipelines that often slow innovation.

Running this data intelligence layer on Cisco UCS and NVIDIA accelerated computing, software, and networking allows the platform to move beyond experimental deployments. It creates a repeatable building block that organizations can deploy across environments with consistent performance and lifecycle management. Production AI requires this level of operational discipline. Without it, scaling AI becomes unpredictable and difficult to govern.

Where security must live in modern AI platforms

The most significant shift in AI security is the location. Security can no longer focus only on protecting the network perimeter or scanning container images before deployment. In AI data platforms, the majority of risk now exists inside Kubernetes clusters and within AI application interactions themselves.

The first critical challenge is controlling east-west traffic. AI microservices communicate continuously as retrieval pipelines, embedding services, and inference engines exchange data. Without strong segmentation, unintended service reachability can emerge as clusters scale, allowing lateral movement across workloads.

The Isovalent Enterprise Platform based on Cilium addresses this challenge by enforcing identity-based network policies directly within Kubernetes. Instead of relying on fragile, IP-based rules, policies follow workload identity as services scale, migrate, or restart. This ensures that only authorized services communicate with one another while maintaining high performance through eBPF-accelerated networking. The result is consistent enforcement of least-privileged communication across the cluster.

However, network segmentation alone cannot detect unexpected behavior inside containers. AI workloads frequently execute processes, access sensitive files, and dynamically load tools and libraries. Even if network communication is restricted, compromised workloads can still behave unpredictably at runtime.

Isovalent Enterprise Runtime Security, built on Tetragon, addresses this second layer of risk. By providing kernel-level observability of process execution and file activity, it allows operators to understand what workloads are doing inside containers. Suspicious behavior can be identified early, helping organizations investigate and respond before issues escalate.

Together, these capabilities create a meaningful and enforceable Kubernetes security posture. They control how services communicate and provide visibility into how workloads behave during execution.

Extending protection to the AI layer itself

The fastest growing risk surface in AI environments sits at the model boundary. Models and agents operate in dynamic environments where user prompts, enterprise data, and external tools intersect. Traditional security tools were not built to detect manipulation of AI interactions or unsafe agent behavior.

Cisco AI Defense brings protection directly into the AI application layer. It helps organizations analyze model components for vulnerabilities, apply runtime guardrails to prompts and responses, and monitor how models interact with tools and data sources. This provides visibility into how AI systems behave and helps reduce the risk of enterprise data or automated agent actions creating unintended exposure.

With this layer in place, security spans the full lifecycle of AI workloads, from infrastructure and data to Kubernetes operations and AI application behavior.

Demonstrating the secure AI data platform in action

At VAST Forward 2026, we are showing this architecture operating as a complete and functional solution. Enterprise data is transformed into AI-ready context through the VAST pipeline. The platform runs on Cisco infrastructure aligned to Cisco Secure AI Factory with NVIDIA design principles. Kubernetes east-west traffic is segmented using the Isovalent Enterprise Platform based on Cilium, while runtime behavior is monitored using Isovalent Enterprise Runtime Security built on Tetragon. The AI interaction layer is protected using Cisco AI Defense.

This is not a theoretical blueprint. It is a live, deployable reference architecture that customers can implement today while continuing to evolve toward deeper integration and automation.

The shift toward secure AI outcomes

The most important lesson emerging from enterprise AI adoption is that security cannot be measured by the number of controls deployed. It must be measured by the ability to operate AI safely and confidently at scale.

A secure AI data platform enables organizations to deliver this outcome by ensuring:

  • AI pipelines remain isolated across teams and workloads
  • East-west traffic inside Kubernetes is controlled and observable
  • Runtime behavior inside containers is monitored and understood
  • Models and agent interactions are protected from emerging AI-specific threats

When these elements are designed together, organizations gain the confidence to scale AI initiatives across departments, applications, and business units.

The future of responsible AI operations

Cisco Secure AI Factory with NVIDIA represents a blueprint for how enterprise AI will be built moving forward. It brings performance, data intelligence, cloud-native operations, and AI-native security together in a unified operational pattern.

Organizations no longer need to choose between speed and safety. They can deploy AI systems that are both innovative and trustworthy, allowing them to move from experimental projects to production AI services that deliver real business impact.

If you are attending VAST Forward 2026, we invite you to experience this solution firsthand and explore what it means to build AI systems designed for production from day one.

AI your way, with Cisco and NVIDIA. Learn more.

Germany's Digital Health Revolution: Building a Smarter, More Connected Future for Care Turning AI Security Barriers into Partner Growth: Recap from Cisco Live EMEA and AI Summit
AI infrastructure AI Security AI-ready data center Secure AI Factory
I’d like Alerts: