Cisco Unveils a Firewall Built for the AI Era: Breaking Performance Records Without Sacrificing Security + Video

Listen to this Post

Featured ImageIntroduction: Why Modern Networks Need a New Generation of Firewalls

Artificial Intelligence is rapidly transforming enterprise infrastructure. Organizations are processing more encrypted traffic than ever before, AI agents are generating massive volumes of automated requests, and cloud-native applications continue to increase the complexity of modern networks. Traditional security appliances, once considered sufficient, are now struggling to inspect traffic at scale without introducing latency or becoming performance bottlenecks.

As cyberattacks become more sophisticated and encrypted communications dominate internet traffic, enterprises require security platforms capable of maintaining full inspection while delivering uncompromised speed. Cisco believes it has reached that milestone with the introduction of the Cisco Secure Firewall 6160, a platform specifically engineered for AI-scale networking. Independent testing suggests that this firewall not only exceeded previous performance records but also maintained perfect threat detection during heavy workloads, demonstrating that high-speed networking and advanced cybersecurity no longer need to compete against each other.

The AI Revolution Is Changing Network Traffic Forever

Enterprise networks are experiencing one of the largest transformations in decades.

According to industry observations, automated AI agents now generate an enormous percentage of internet requests. Machine-to-machine communication continues to grow, while encrypted protocols have become the default for both consumer and enterprise environments. Organizations are simultaneously managing hybrid cloud infrastructures, remote workforces, edge computing, Internet of Things (IoT) devices, and AI workloads that continuously exchange massive datasets.

These changes place extraordinary pressure on firewalls, intrusion prevention systems, and network inspection engines.

Instead of simply filtering packets, modern firewalls must decrypt or intelligently inspect encrypted sessions, identify advanced malware, stop zero-day attacks, classify applications, and perform deep packet inspection without reducing overall network performance.

Cisco Secure Firewall 6160 Breaks Previous Performance Benchmarks

Cisco partnered with independent cybersecurity testing organization NetSecOPEN to evaluate the Secure Firewall 6160 under realistic enterprise conditions.

The results proved remarkable.

Rather than reaching the

In other words, the firewall still had additional performance capacity that could not be measured because the laboratory equipment was unable to generate enough traffic.

NetSecOPEN ultimately established a brand-new benchmark that increased previous throughput measurement limits by nearly five times simply because existing benchmarks no longer reflected what modern hardware could achieve.

This is an unusual outcome in independent security testing and highlights just how dramatically firewall hardware has evolved to support AI-driven enterprise environments.

Performance Numbers That Push Current Testing Limits

During independent evaluation, the Cisco Secure Firewall 6160 demonstrated exceptionally high inspected throughput across multiple workloads, including:

Inspected HTTP Traffic

The firewall sustained approximately 269.59 Gbps of fully inspected HTTP traffic while maintaining security inspection.

Encrypted HTTPS Inspection

Encrypted HTTPS throughput reached approximately 222.37 Gbps, showing that encryption no longer needs to become a performance bottleneck.

Massive Concurrent Connections

The firewall successfully handled roughly 5.6 million simultaneous TCP and HTTPS connections, making it suitable for hyperscale enterprise deployments.

Connection Creation Speed

Cisco’s platform processed approximately 79,600 new HTTPS sessions every second, supporting environments with rapidly changing workloads and high user density.

Perhaps even more impressive, application traffic testing pushed the laboratory equipment to nearly 98% CPU utilization while the firewall itself continued operating below its actual limits.

Perfect Threat Blocking During Maximum Load

Raw performance means little if security effectiveness declines under heavy workloads.

To evaluate real-world protection, NetSecOPEN launched thousands of attack simulations while maintaining high traffic volumes.

Cisco Secure Firewall 6160 reportedly achieved a 100% detection and prevention rate across every tested attack category.

The testing included:

1,380 publicly disclosed CVEs

180 privately identified vulnerabilities

3,809 malware samples

19 advanced evasion techniques

In total, the firewall successfully blocked 5,388 attack scenarios without allowing a single tested threat to bypass security controls.

Maintaining this detection rate while processing enormous traffic volumes is particularly important because many competing security platforms reduce inspection depth to preserve network performance.

Cisco Talos Intelligence Powers Advanced Detection

Much of Cisco’s security capability comes from its integration with Cisco Talos, one of the world’s largest commercial threat intelligence organizations.

Talos continuously analyzes malware campaigns, attacker infrastructure, exploit techniques, and emerging vulnerabilities worldwide.

Threat intelligence generated by Talos feeds directly into Cisco Secure Firewall, allowing detection signatures and behavioral analytics to evolve rapidly as new attacks appear.

This integration significantly shortens the time between threat discovery and enterprise protection.

Machine Learning Helps Detect Unknown Threats

One of the

Instead of relying solely on traditional signature matching, SnortML incorporates machine learning models capable of recognizing behavioral similarities between known exploits and previously unseen attack variants.

This enables inline detection of certain zero-day exploit variants before traditional signatures become available.

As attackers increasingly modify malware automatically using AI, behavioral analysis is becoming just as important as signature-based detection.

Encrypted Visibility Without Decryption

Encrypted communications continue to dominate internet traffic.

Decrypting every encrypted connection consumes significant computing resources while introducing privacy and compliance challenges.

Cisco addresses this problem through its Encrypted Visibility Engine (EVE).

Rather than decrypting every packet, EVE analyzes metadata, traffic characteristics, communication behavior, and protocol patterns to identify potentially malicious encrypted sessions.

Current protocol support includes:

TLS

QUIC

SSH

STUN

Cisco has also expanded malware detection coverage across Android, macOS, and Linux environments, providing broader endpoint visibility.

Designed for AI-Scale Enterprise Infrastructure

Modern organizations rarely operate from a single data center.

Instead, applications are distributed across:

Hybrid Clouds

Organizations increasingly split workloads between public cloud providers and private infrastructure.

Edge Computing

Remote offices and edge locations require enterprise-grade protection without centralized bottlenecks.

AI Training Clusters

Large language models and AI analytics platforms exchange enormous datasets requiring both speed and security.

Multi-Cloud Deployments

Applications frequently communicate across multiple cloud providers simultaneously.

Cisco designed Secure Firewall 6160 to operate consistently across physical appliances, virtual deployments, and cloud-native environments.

Improved Efficiency Beyond Raw Speed

Performance alone does not determine enterprise value.

Infrastructure costs, rack space, power consumption, and cooling requirements significantly influence long-term operational expenses.

According to Cisco, Secure Firewall 6160 offers:

Up to 80% less rack space

Around 60% lower power consumption

Approximately one-third the cost per protected Gbps compared to competing enterprise firewall platforms

These operational improvements become increasingly valuable for organizations deploying dozens or hundreds of security appliances across global environments.

Scalable Architecture for Future Growth

Instead of replacing hardware every few years, enterprises increasingly prefer modular scalability.

Cisco Secure Firewall 6160 supports clustering that scales inspected throughput up to approximately 8 Tbps.

This allows organizations to begin with a smaller deployment and expand incrementally as network traffic grows.

Such flexibility reduces capital expenditure while simplifying long-term infrastructure planning.

Deep Analysis

The Cisco Secure Firewall 6160 represents more than a faster appliance. It reflects the changing priorities of enterprise cybersecurity, where AI-generated traffic, encrypted communications, and cloud-native applications demand security platforms capable of operating at unprecedented scale.

One of the most significant takeaways from the NetSecOPEN evaluation is that inspection remained enabled throughout testing. Many published firewall performance figures are measured with advanced security services disabled or partially configured, which rarely reflects production environments. Maintaining deep inspection while sustaining hundreds of gigabits per second is a stronger indicator of real-world capability.

Cisco’s use of SnortML and the Encrypted Visibility Engine also demonstrates an industry-wide transition from purely signature-based detection toward behavioral and AI-assisted analytics. As attackers increasingly automate malware generation and exploit development, defenders must rely on machine learning to identify suspicious activity that traditional rules may miss.

For security operations teams, deploying a firewall is only part of the equation. Continuous monitoring and validation remain essential. Useful administrative and troubleshooting commands commonly associated with Cisco Secure Firewall environments include:

show version

show cpu usage

show memory

show interface ip brief

show conn count

show asp drop

show access-list

show running-config

show logging

show threat-detection statistics

For network validation and connectivity testing:

ping <destination-ip>
traceroute <destination-ip>
tcpdump -i any
curl -I https://example.com
openssl s_client -connect example.com:443

For security verification and vulnerability assessment:

nmap -sV <target>
nmap --script vuln <target>
snort -T

These commands help administrators validate performance, investigate anomalies, verify connectivity, monitor firewall health, and ensure security policies function as expected. Ultimately, the true value of high-performance security lies not only in throughput but also in operational visibility, efficient management, and the ability to adapt quickly as enterprise environments evolve.

What Undercode Say:

The announcement surrounding Cisco Secure Firewall 6160 highlights a broader shift occurring across the cybersecurity industry. Enterprises are no longer purchasing firewalls solely for perimeter defense; they are investing in intelligent security platforms that function as high-speed inspection engines capable of supporting AI-driven infrastructures.

The reported NetSecOPEN results are impressive because they emphasize inspection performance rather than theoretical throughput. This distinction matters, as many firewall benchmarks become less meaningful once advanced security features are enabled. If the testing accurately reflects production scenarios, Cisco has demonstrated that modern inspection no longer needs to create significant performance penalties.

Another notable aspect is the increasing role of artificial intelligence in both offensive and defensive cybersecurity. AI agents generate more traffic, attackers automate exploit development, and security vendors respond with machine learning models such as SnortML. This creates an ongoing technological competition where both defenders and attackers continuously evolve.

Encrypted traffic presents another major challenge. Organizations cannot realistically decrypt every session without introducing latency and privacy concerns. Cisco’s Encrypted Visibility Engine represents an approach that balances performance with security by analyzing traffic behavior instead of relying exclusively on decryption.

The scalability of the platform is equally important. Enterprises rarely design infrastructure for today’s traffic alone; they plan for future expansion. A platform capable of clustering toward multi-terabit inspection capacity aligns with long-term digital transformation strategies.

However, benchmark results should always be interpreted carefully. Independent testing provides credibility, but every production environment has unique application mixes, traffic patterns, security policies, and operational constraints. Organizations should conduct pilot deployments before making large infrastructure investments.

Cost efficiency also deserves attention. Reduced rack space and lower power consumption can significantly decrease operational expenses over several years, particularly for large data centers where energy and cooling costs continue to rise.

From a strategic perspective, Cisco appears to be positioning Secure Firewall 6160 as infrastructure built specifically for AI-native enterprises rather than simply releasing another incremental hardware refresh. If enterprise AI adoption continues accelerating, demand for inspection platforms capable of sustaining hundreds of gigabits per second will likely increase substantially.

The cybersecurity market is entering an era where firewall performance is measured not only by speed but also by intelligence, automation, scalability, and operational efficiency. Vendors that successfully combine these characteristics will be better positioned to support next-generation enterprise networks.

✅ Independent Testing:

✅ Threat Detection: The reported 100% protection rate applies specifically to the 5,388 threat scenarios tested during the evaluation. It should not be interpreted as protection against every existing or future cyberattack.

✅ Performance Context: The throughput figures were reportedly limited by the laboratory’s testing equipment rather than the firewall itself. While impressive, organizations should validate performance within their own production environments, as real-world workloads may produce different results.

Prediction

(+1) AI adoption across enterprises will significantly increase demand for ultra-high-performance firewalls capable of inspecting encrypted traffic without sacrificing throughput.

(-1) Cybercriminals will continue leveraging AI to generate more sophisticated malware and evasive attack techniques, forcing security vendors to update machine learning detection models at an increasingly rapid pace.

(+1) Future enterprise security platforms will increasingly combine behavioral analytics, AI-assisted detection, encrypted traffic intelligence, and cloud-native scalability as standard capabilities rather than premium features.

▶️ Related Video (78% Match):

🕵️‍📝Let’s dive deep and fact‑check.

🎓 Live Courses & Certifications:

Join Undercode Academy for Verified Certifications

🚀 Request a Custom Project:

Secure, high-velocity infrastructure and disruptive technological engineering. Contact our engineering team for high-tier development and proprietary systems:
[email protected]
💎 Smart Architecture | 🛡️ Secure by Design | ⭐ Trusted by Thousands

References:

Reported By: blogs.cisco.com
Extra Source Hub (Possible Sources for article):
https://www.linkedin.com
Wikipedia
OpenAi & Undercode AI

Image Source:

Unsplash
Undercode AI DI v2

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow UndercodeNews & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin | 🦋BlueSky | 🐘Mastodon | 📺Youtube