Cisco Live 2026: When the Network Becomes the Governance Layer

Technology Note By: Shashi Bellamkonda, Info-Tech Research Group

Agentic AI breaks three assumptions enterprise infrastructure was built on: traffic direction, monitoring visibility, and identity scope. Cisco Live 2026 made the case that the right place to address all three is the network layer, not a security product bolted on top. The argument holds only if the integration runs deep.

The Network Was Not Built for This

Cisco's pre-event wide area network (WAN) research (May 2026) found that agentic AI tasks generate 450% more network traffic per action than equivalent human tasks. Enterprise WAN traffic is forecast to grow 9x over the next decade as agents deploy at scale, with AI inference accounting for 70% of that load. In a pre-event LinkedIn post in late May, Jeetu Patel framed the 9x figure as potentially "conservative" and suggested the decade timeline could compress to three years.

The harder challenge is which way the traffic moves. The internet was built for downstream traffic: Servers send content to humans. Agents reverse that flow. Each action sends the agent's current memory state upstream to the model, so connections run 9% upstream-heavy against less than 1% for ordinary web traffic. Corporate networks were sized for human work schedules, with spare capacity around off-peak hours. Agents have no schedule.

Cisco's measurements put 57% of AI inference traffic over QUIC, an encrypted transport protocol. Most enterprise security tools cannot inspect QUIC. The traffic most requiring governance is the hardest to monitor. No single vendor solves that with a software update.

What This Means for You: If your organization is piloting AI agents, your network team needs to be in that conversation now, not after deployment. Ask your infrastructure lead whether your WAN was sized for sustained upstream load rather than bursty downstream traffic. Ask your security team which of your monitoring tools can inspect QUIC. Those two questions will tell you more about your AI readiness than any vendor assessment.

Your Logs Don't Show What Your Agents Decide

Galileo, whose acquisition closed a few days before Cisco Live, addresses a governance problem that standard monitoring tools do not see. AI agents make decisions that do not appear in ordinary system logs.

In the demo, an automated AI agent applied a $1,200 refund where policy capped it at $200, and no security alert fired. Multiply that across millions of daily transactions and the exposure grows with nothing flagging it. The capability that matters is to catch each decision as it happens, before it reaches a later audit. Galileo will expand Splunk’s AI observability capabilities in Splunk Observability Cloud. This is a real-world problem in customer care for sure. Some customer service leaders aren't comfortable with agents that aren't fully deterministic. Systems will need to be in place to double-check agent rationale.

Galileo's answer to that gap is an evaluation engine called Luna. Its job is to grade an agent's decisions, checking whether each action stayed within policy. The usual way to run that check is to point a large AI model at every interaction and have it judge the output, which costs enough that most teams only spot-check a sample.

Luna is a smaller, purpose-built grader that does the same job at 98% lower cost, so every interaction gets checked instead of a sample. The trade-off is depth. A small grader reliably catches blatant failures like leaked personal data or a prompt-injection attempt, but it can pass an answer that sounds right but is wrong on nuanced, domain-specific logic. For higher-stakes decisions, the practical pattern is to run Luna as the inline filter and still route a sample to a larger model for deeper review. When an anomaly is detected, the system builds a detection rule applied retroactively to past interactions and prospectively to all future ones.

Splunk’s integration with AI Canvas is the shared workspace where an operator and the AI investigate a problem together, pulling the relevant telemetry onto one screen instead of across separate consoles. In the demo, it ran a 45-second root cause analysis on a simulated streaming application slowdown, drawing on network, application, infrastructure, and AI-layer telemetry at once. The same investigation across separate dashboards would have taken hours. The speedup comes less from the AI than from every layer's telemetry already sitting in one correlated place, with no separate consoles to stitch together. Production performance against a complex multi-vendor environment will vary.

What This Means for You: Define the problem categories where your organization is willing to let AI agents act autonomously before you evaluate any governance platform. The technology to monitor agent decisions at scale already exists. The governance framework is yours to build. Start by listing what your agents are currently authorized to do and whether those authorizations were intentional or the result of default settings that nobody reviewed.

Your Security Tools Were Built for People

Cisco's AI Defense research across eight widely used open-weight AI models produced a finding that changes how a chief information security officer should evaluate agent security. Single-session prompt-injection attacks were blocked reasonably well. Multi-session attacks, where an adversary returns across multiple interactions and incrementally erodes the model's guardrails, broke through more than 90% of the time. Agents operate across long sessions by design. Multi-session attacks are the relevant threat pattern.

A large semiconductor manufacturer turned on Cisco AI Defense and immediately found four unknown agents and 33 unlogged AI models in its own Amazon Web Services environment. Cisco's State of AI Security Report 2026 finds 85% of enterprises experimenting with agents but only about 5% in production. Governance is the bottleneck; the technology already exists.

Cisco's response spans the full agent-security lifecycle, from finding and testing agents to managing non-human identity through the pending Astrix acquisition. That ground is covered in depth in a companion note, Your Security Tools Were Built for People. Agents Are Not People.

What This Means for You: Run an agent inventory before you buy any governance platform. If you do not know what agents are running in your environment, any evaluation you conduct is incomplete. Ask each security vendor you are considering where their coverage stops. Specifically, can they detect a multi-session attack that unfolds across ten separate conversations rather than one? The answer to that question narrows the field considerably.

The Intelligence You Already Paid For

Cisco IQ is available inside existing services contracts with no separate budget line. The activation question is whether CIOs know it exists and what activating it actually requires.

The Day 2 keynote, led by Liz Centoni, Executive Vice President & Chief Customer Experience Officer, showed two production deployments. GEODIS, a global supply chain operator, ran a query that surfaced every device reaching end-of-life within four months at a specific site, by device type and product ID, with a budget-ready report. A planning exercise that previously consumed engineering cycles returned as a query result. GlobalFoundries, a semiconductor manufacturer operating with zero maintenance windows, used Cisco IQ to identify every device carrying a specific vulnerability, generate workaround options, and pinpoint the minimum software version to resolve the issue without touching production. Impact assessments that previously took days now take hours.

A GlobalFoundries customer framed it this way: you cannot navigate what is coming with a map when what you need is a GPS. Forty years of infrastructure data, support history, and device context already sat inside Cisco's systems. Cisco IQ makes it queryable and actionable continuously, not on a reporting cycle.

The adoption signal from the keynote carries a caveat. The Cisco CX team forecasted that 800 customers would be onboarded by the event. The actual count at keynote time was 2,036. Whether that reflects genuine pent-up demand or aggressive activation by Cisco's customer success organization is worth tracking through the next earnings call. Cisco wants customers to take full advantage of the asset and dynamic assessment capabilities of Cisco IQ, as they are key to help customers understand their installed base and critical asset disposition. The more immediate question for customers, however, may be operational: What does "onboarded" mean in practice, and is activation automatic under your services tier or opt-in? Put that question to your account team to ensure you are taking full advantage of the entitlements you have.

What This Means for You: Check your current Cisco services contract before your next renewal conversation. As a Cisco Services customer, you already have access to Cisco IQ with your current service entitlements. You can self-onboard at https://iq.cisco.com/login/, or Cisco TAC can assist. To learn more, ask for a specific demonstration against your environment rather than a canned demo. The GEODIS and GlobalFoundries cases represent the hardest operating environments Cisco could find. Ask to see it run against your actual device inventory.

Cloud Control Is an Operating Model, Not a Dashboard

Cisco Cloud Control unifies Catalyst, Meraki, Nexus, Webex, Intersight, and Splunk under a single interface with shared telemetry and a common agent framework. The company calls the resulting operational posture AgenticOps: humans and AI agents working from the same context and data, with one shared action layer.

Three purpose-built models underpin it: a Deep Network Model trained on decades of Cisco operational data, a Foundation Security Model, and a Time Series Model for infrastructure telemetry. Cisco Data Fabric, powered by Splunk, ingests telemetry from networks, security, applications, and third-party sources and exposes it as a single action layer. Kamal Hathi, EVP and General Manager of Splunk, made a point at an evening reception that did not make it into the formal keynote: the Data Fabric is not built only for IT teams. Business leaders can draw from the same correlated telemetry for operational decisions. That is a meaningful expansion of the target audience beyond what the product page describes.

Cisco announced 52 launch partners, including ServiceNow, Slack, PagerDuty, and Snowflake, all onboarded in weeks. The integration velocity matters more than the list. Partners building against a shared telemetry layer are structurally harder to displace than integrations built point to point against individual product APIs.

Chuck Robbins framed the competitive position at the keynote: Cisco's security competitors do not have networking, and its networking competitors do not have security. Cisco has made that argument for years. What changed at Cisco Live 2026 is the silicon layer. The Cisco Silicon One G300 delivers a 102.4 Tbps switching silicon designed for massive AI cluster buildouts. Additionally, the P200 chip connects multiple data centers hundreds of kilometers apart as a single logical compute unit and scale-across networking. Silicon One is now integrated into Nvidia's Spectrum-X architecture as the only non-Nvidia silicon in that scale-out cluster design. The strategic question the silicon announcements raise is whether Cisco is competing with Broadcom for the switching layer in AI data center builds and what that means for enterprises that have standardized on Broadcom-based infrastructure. That competitive dynamic did not get addressed on stage.

What This Means for You: Evaluate Cloud Control against your current tool fragmentation, not against the theoretical unified platform. If you are running separate dashboards for network management, security operations, and application observability, the consolidation argument is real and worth a structured proof of concept. If you are already running Splunk, the entry cost is lower than it appears. The real test is whether Cisco's implementation handles the third-party infrastructure you cannot replace on any near-term timeline.

Our Take

Cisco's argument at Cisco Live 2026 is structural: Whoever already owns the network layer agents run on is best positioned to govern them at scale. The WAN research gives that a foundation, surfacing a traffic inversion problem infrastructure teams have not budgeted for. Galileo and the multi-session breach data expose a failure mode standard security tools were never built to catch. At GEODIS and GlobalFoundries, Cisco IQ held up in the most punishing environments Cisco could put on stage.

Cisco has assembled the components. At this scale, though, unification is still an integration project. Whether the pieces run as one coherent platform in a multi-vendor environment or as a well-integrated set of Cisco products is something only a proof of concept will settle.

There is a parallel here with application portfolio management. You can't govern and rationalize your apps without a comprehensive inventory of both business-owned and IT-owned applications. The same is eminently true for agents. You cannot govern what you cannot see, and most enterprises cannot yet see what is running in their own environment. From there, two cheap checks pay off: whether Cisco IQ is already sitting inactive in your services contract, and whether your WAN was ever sized for the upstream load agents generate. Neither depends on a platform decision. Both close exposure you already carry.

Want to Know More?

Latest Technology Notes

All Technology Notes