Cisco Agent Gateway: Zero Trust Evolves from Access to Action Control for AI Agents
Summary
Key Takeaways
Cisco announces Agent Gateway for Secure Access, extending Zero Trust from user/device access to AI agent workflow control. The core premise: agents like Claude Code or Codex autonomously call LLMs, MCP tools, SaaS APIs, and web resources—static access grants are insufficient. Agent Gateway evaluates five questions before each request: agent identity via Duo, target resource mapping, action permission, server-side credential injection (agent never touches keys), and unified audit. This shifts from 'can it connect?' to 'can it perform this action?'. Cisco leverages existing Secure Client, Secure Access, and Duo as the enforcement surface, requiring no new management portal or identity system, with natural extension to non-human identities (NHI) and tool-level authorization in MCP environments.
Why It Matters
Cisco's move defensively encircles Zscaler, Palo Alto Networks, and Netskope by locking agent identity into Duo and requiring the full Cisco stack for granular action control. Hidden limitations: the centralized policy engine introduces tail latency under high-frequency agent actions (MCP tool calls), degrading real-time workflows. Policy definition is complex—per-agent, per-resource, per-method rules—creating hidden operational overhead. Credential injection into Cisco's vault also reduces cross-cloud identity flexibility, forcing enterprises to either lose control or duplicate investment when accessing non-Cisco APIs.
PRO Decision
Vendors (Zscaler, Palo Alto Networks, Netskope): Rapidly launch native agent action control with open identity integration (Okta, Azure AD) to counter Cisco lock-in. Attack Cisco's centralized vault and policy engine by promoting distributed eBPF-based agent controls for lower latency. Enterprises: Conduct zero-trust audits—demand Cisco's Agent Gateway support for non-Duo identity providers, and benchmark tail latency under high-concurrency agent scenarios. Avoid migrating all credentials to Cisco's vault; retain cross-cloud flexibility. Pilot Observation Mode on non-critical workflows to assess policy complexity. Investors: Recognize this as a lock-in play leveraging AI agent hype. Long-term, open standards (OpenTelemetry, SPIFFE) and interoperability will dominate. Cisco's limited multi-cloud identity integration may cap market share.
Get 3-5 key AI infrastructure signals weekly →
💬 Comments (0)