Cisco creates architecture to improve security and sell you new switches Cisco has developed a product called Hypershield that it thinks represents a new way to do network security. The core element of Cisco's plan is the deployment of "enforcement points" – essentially teensy firewalls that can run on a server, or in data processing units (DPUs, aka SmartNICs) installed in servers or networking …
[Cisco's Gillis] thinks it will also be welcomed in industries like healthcare that can't easily update devices with security vulnerabilities – because they just don't mess with hardware that keeps people alive. Self-updating networks and mitigations that keep those machines safe is Cisco's alternative.
So an industry that doesn't like to change its software often is going to be OK with a network that automagically filters traffic.
Hmmm....
“Cisco has developed a product called Hypershield that it thinks represents a new way to do network security.”
Security doesn't reside in the network but in the end-point computers. While a malicious actor can hack a computer by feeding it a malformed parameter, such cures as the above are merely so much sticking plaster.
They run Minix too?
A remake of the Intel Management Engine(ME) fiasco?
AST would be so pleased.(Not.)
I don't know which would make me happier - shoving Cisco crap into my server's kernel (Fireeye's xagt and Crowdstrike falcon were bad enough) or messing with the networking hardware.
I can see a perfectly benign update to existing production software could change network behaviour sufficiently for this stuff to pull the plug on the whole fleet. There is enough self updating (in place) software for this to be a real problem.
"O frabjous day! Callooh! Callay!" I chortled in my joy!
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
