Cisco is the only vendor in this assessment series whose AI infrastructure authority is anchored by networking and security — but the compute story has matured beyond that framing. Where Dell builds up from servers and storage, HPE from sovereign compute and owned networking, VAST from the data platform, and hyperscalers from managed services, Cisco builds outward from the network fabric and security posture, with a purpose-built GPU compute portfolio (C885A, C845A, X-Series X580p) that now competes directly with Dell and HPE at every AI workload tier. The Secure AI Factory with NVIDIA is a reference architecture, not a vertically integrated platform — and that distinction defines Cisco's entire 4+1 profile. The customer asking Cisco for an AI factory receives a complete solution: Cisco-owned networking and compute, Cisco-owned security and observability, and partner-delivered storage and data services through validated integrations.
Layer 0 is Cisco's strongest position with depth across both networking and compute. Cisco owns the network fabric (Silicon One G300, Nexus 9000/8000, Nexus Hyperfabric) and has built a three-tier GPU compute portfolio (C885A dense HGX for training, C845A modular MGX for inference, X-Series X580p for composable blade AI) that competes directly with Dell PowerEdge and HPE ProLiant. The X-Series disaggregated GPU architecture — independently managing CPU and GPU lifecycles via X-Fabric — is an architectural differentiator no other blade vendor matches. Cisco does not own storage; the AI POD storage story depends on partners (VAST Data primary, plus NetApp, Pure Storage, Hitachi Vantara, Nutanix), which is Delegated authority. This makes Cisco's Layer 0 the inverse of Dell's: Dell owns compute and storage but brands NVIDIA networking silicon. Cisco owns networking silicon and has purpose-built AI compute but depends on partners for the data foundation.
The security and observability layers are where Cisco makes its most differentiated claim. AI Defense, Duo Agentic Identity, DefenseClaw, Splunk Observability Cloud with AI Agent Monitoring, and the Galileo acquisition together represent the most comprehensive agent security and observability portfolio of any infrastructure vendor assessed. These capabilities span Layers 2A through 2C — and they constitute genuine Cisco-owned IP, not rebranded NVIDIA or partner technology. The structural question is whether security and observability are sufficient to constitute a control plane, or whether they remain constraint enforcement without placement reasoning.
The AGNTCY initiative — open-sourced by Cisco's Outshift incubator, donated to the Linux Foundation with Dell, Google Cloud, Oracle, and Red Hat as formative members — contributes infrastructure primitives (discovery, identity, messaging, observability) to the broader agentic standards ecosystem. AGNTCY sits within the Agentic AI Foundation (AAIF), the fastest-growing project in Linux Foundation history, where MCP (Anthropic), A2A (Google), AGENTS.md (OpenAI) define the foundational protocols. Cisco is a Gold member of AAIF, not a Platinum founder — the ecosystem-defining standards were originated by Anthropic, Google, and OpenAI, not Cisco. AGNTCY contributes essential plumbing beneath those protocols, and Cisco's commercial products (AI Defense, Duo, Splunk) could become the enterprise implementation layer if these open standards achieve adoption. But Cisco's position is contributor, not definer.
Cisco's ~$9B in projected FY2026 AI infrastructure orders, record $15.8B quarterly revenue, and hyperscaler design wins (Silicon One P200, G200) validate market traction. The Galileo acquisition and DefenseClaw open-source release signal an intent to own the AI agent trust layer. The 4+1 assessment reveals a vendor with genuine strength at Layer 0 (networking + compute), comprehensive security and observability across Layers 2A through 2C (all Cisco-owned IP), and partner-delivered data plane capabilities at Layers 1A through 1C that the customer receives as part of the Secure AI Factory solution. The structural gap is specific: Cisco has no proprietary data software (storage, retrieval, pipelines) and no policy-driven placement engine at Layer 2C. Cisco secures the AI Factory and contributes to the open standards that may define its governance. It does not yet govern the factory itself.
Layer-by-layer status: Layer 0 (Networking Strength — Asymmetric), Layer 1A (Delegated — Partner-Delivered), Layer 1B (Delegated — Partner-Delivered), Layer 1C (Delegated — Partner-Delivered), Layer 2A (Networking-Centric Orchestration), Layer 2B (Security Layer — Not Runtime), Layer 2C (Security + Identity — Not Yet Governance), Layer 3 (+1) (Partner Ecosystem).
Assessment framework: 4+1 Layer AI Infrastructure Model. Scoring model: Decision Authority Placement Model (DAPM) — Retained, Delegated, Ceded, or Absent. Published by The CTO Advisor LLC. Author: Keith Townsend. Date assessed: May 23, 2026. Version: v1.0 — Draft, Editorial Review Pending.
Raw compute, networking, and acceleration fabric
102.4 Tbps switching silicon for massive AI cluster buildouts. Intelligent Collective Networking delivers 33% increase in network utilization and 28% improvement in job completion time. Powers gigawatt-scale AI clusters for training, inference, and real-time agentic workloads. Cisco-designed silicon — not NVIDIA-branded, not repackaged. This is Cisco's most significant Layer 0 differentiator: owned networking silicon IP at the same architectural level as AWS Nitro/EFA/SRD, Google Virgo, and Microsoft SONiC.
102.4 Tbps switching speeds in liquid-cooled and air-cooled designs. Nearly 70% energy efficiency improvement with liquid cooling and advanced optics. Common hardware for diverse fabric types including Nexus Hyperfabric. Designed for hyperscalers, neoclouds, sovereign clouds, service providers, and enterprises. First P200 design wins confirmed with hyperscalers; third P200 win in early Q4 2026.
Cloud-managed network fabric integrating networking, GPU, and storage into a unified infrastructure. Fabric-as-a-Service model with automated deployment and operations. NVIDIA NCP (Networking Connectivity Platform) design validation. Sharon AI selected Hyperfabric for Australia's first Cisco Secure AI Factory deployment (1,024 NVIDIA Blackwell Ultra GPUs).
Unified management across on-premises and cloud-based data center deployments. AI Job Observability provides job-aware, network-to-GPU visibility correlating network telemetry with AI workload behavior. Native Splunk Platform integration for in-place telemetry analysis without data movement — essential for sovereign cloud and compliance-sensitive environments. API-driven automation and customization built-in.
Cisco's first 8-way accelerated computing system. Built on NVIDIA HGX platform with 8x NVIDIA H100 or H200 Tensor Core GPUs, OR 8x AMD MI300X/MI350X OAM GPUs — multi-vendor GPU support in the same dense server. One ConnectX-7 NIC or BlueField-3 SuperNIC per GPU for cluster-scale training. BlueField-3 DPUs for accelerated GPU-to-data access and zero-trust security. Designed for large LLM training, fine-tuning, and large model inference. MLPerf Training benchmarks published January 2026. This is Cisco's direct competitor to Dell PowerEdge XE9680 and HPE ProLiant DL380a — a genuine leadership-class AI server, not a rebadged reference design.
Flexible, scalable AI server based on NVIDIA MGX modular reference design. Configurable from 2 to 8 NVIDIA or AMD PCIe GPUs including RTX PRO 6000 and RTX PRO 4500 Blackwell Server Edition in a 4RU chassis. Enhanced power delivery, fewer PCBs, improved cable routing for optimal airflow and thermal management. GPU hot-swap for faster replacement. E1.S SSDs for increased storage density. First VAST Certified CNode-X platform in market (UCS C845A M8 with RTX PRO 6000). 'Start small and scale up' positioning for enterprises ramping AI from inference to fine-tuning. Day-1 Intersight management for unified AI and traditional workload operations.
Disaggregated, composable AI compute within the UCS X9508 blade chassis. X580p PCIe Node adds up to 4 NVIDIA GPUs (RTX PRO 6000/4500 Blackwell, H200 NVL, L40S) to X210c/X215c compute nodes via X-Fabric Technology. X9516 X-Fabric Module provides PCIe Gen 5 switching with ultra-low-latency, NVLink Bridge support, and dynamic GPU-to-host provisioning. Independent CPU and GPU lifecycle management — upgrade GPUs without replacing compute nodes. MLPerf Inference benchmarks published April 2026. Up to 24 GPUs per 7RU chassis. This is architecturally distinctive: no other vendor offers a modular blade system with disaggregated GPU composition for AI workloads. Dell PowerEdge MX and HPE Synergy do not have equivalent GPU composability.
C240 M8: 2U rack server with Intel Xeon 6 processors, up to 2 double-width NVIDIA GPUs (RTX PRO 6000 Blackwell, H200 NVL). Balanced compute for distributed AI, analytics, edge AI, and vision workloads. Up to 28 NVMe/SAS/SATA drives for high-speed data access. C225 M8: designated as VAST Data Platform EBOX (storage servers) in AI POD architecture — the persistent storage foundation for Cisco AI PODs. Both managed through Cisco Intersight.
Modular, full-stack AI infrastructure platform combining UCS C885A/C845A compute, Nexus 9000 networking (up to 800G), NVIDIA GPUs, and partner storage (VAST Data, NetApp, Pure Storage, Hitachi Vantara, Nutanix). Scalable from 32 to 128+ GPUs. Cisco Validated Designs (CVDs) and NVIDIA Enterprise Reference Architectures (ERAs) for training, fine-tuning, inference, and RAG workloads. Pre-validated designs reduce setup time by up to 50%. Integrated management through Cisco Intersight and Nexus Dashboard. Modular scale-unit design enables growth without full infrastructure overhaul.
Edge compute platform supporting NVIDIA RTX PRO 4500 and 6000 Blackwell Server Edition GPUs for mission-critical AI at the edge. Also supports NVIDIA L4 GPUs. Zero-touch deployment with pre-validated blueprints. Centralized management via Intersight with Splunk and ThousandEyes integrations for end-to-end edge observability. Multi-layered zero-trust security with tamper-proof features, deep telemetry, drift-free configurations. Cisco AI Grid reference design extends edge AI to service providers via Cisco Mobility Services Platform — a unique go-to-market that no other assessed vendor offers.
All GPU acceleration in Cisco UCS servers depends on NVIDIA silicon — same structural dependency as Dell and HPE. But Cisco adds genuine compute engineering above the GPU: the X-Series X580p disaggregated GPU composition, X-Fabric PCIe Gen 5 switching, MGX reference design improvements (enhanced power delivery, PCB reduction, cable routing for thermal management), and multi-vendor GPU support (AMD MI300X/MI350X on C885A alongside NVIDIA HGX). Cisco's compute differentiation is modularity and composability, not thermal engineering (Dell) or sovereign heritage (HPE).
Cisco offers BOTH Silicon One-powered switches (Cisco-designed silicon) AND Spectrum-X-powered switches (NVIDIA silicon). This dual-silicon networking strategy is unique in the assessment series — Dell only brands NVIDIA Spectrum, HPE only uses Juniper/Aruba/Slingshot, VAST depends on OEM networking. Cisco is the only vendor that competes with NVIDIA in switching silicon while also offering NVIDIA's switching silicon.
Cisco extends Hybrid Mesh Firewall policy enforcement to BlueField DPUs embedded in GPU servers, enabling threat mitigation at the server level before reaching sensitive data. This is Cisco adding security value on top of NVIDIA hardware — a pattern consistent across the assessment.
Cloud-native software tools, libraries, frameworks, dynamic GPU resource allocation, AI workload scheduling, and production-ready models. Same NVIDIA software dependency as Dell and HPE at this layer.
Layer 0 is Cisco's strongest position with genuine depth across both networking AND compute — not just networking. Networking authority is unmatched among on-prem vendors. Silicon One is proprietary switching silicon comparable in strategic significance to AWS's Nitro/EFA, Google's Virgo, or Microsoft's SONiC. No other on-prem infrastructure vendor designs their own switching silicon for AI networking. Dell brands NVIDIA Spectrum. HPE acquired Juniper for networking IP but doesn't design switching ASICs. VAST depends entirely on OEM networking. The compute portfolio is broader and more architecturally deliberate than initial assessment suggested. The three-tier GPU server strategy (C885A for dense 8-GPU HGX training, C845A for flexible 2-8 GPU MGX inference and fine-tuning, X-Series X580p for composable blade AI) covers the full spectrum of enterprise AI workloads from leadership-class training to distributed inference. The C885A competes directly with Dell PowerEdge XE9680 and HPE ProLiant DL380a as a genuine 8-GPU dense server with MLPerf benchmarks published. The X-Series X580p is an architectural differentiator that deserves specific recognition: disaggregated GPU composition via X-Fabric allows enterprises to independently manage CPU and GPU lifecycles, dynamically provision GPU resources to compute nodes, and scale GPU density within a blade chassis (up to 24 GPUs per 7RU). No other vendor offers modular blade-based GPU composability at this level. Dell PowerEdge MX and HPE Synergy do not have equivalent GPU disaggregation. This is Cisco applying its composable infrastructure heritage (UCS X-Series has always been about disaggregation) to the AI compute problem. Multi-vendor GPU support (AMD MI300X/MI350X alongside NVIDIA HGX on C885A) gives Cisco the same silicon optionality that HPE offers with GX5000 (NVIDIA Rubin + AMD MI430X). Dell's AI Factory is NVIDIA-only (AMD under separate branding). The storage gap remains the most significant Layer 0 structural difference from Dell and HPE. Cisco does not manufacture or sell storage. The AI POD storage story depends on partners: VAST Data (primary), plus NetApp, Pure Storage, Hitachi Vantara, and Nutanix as validated options. This multi-vendor storage flexibility is arguably a strength for the reference-architecture model — the enterprise retains storage vendor choice — but it means Cisco cannot build a vertically integrated data plane. The dual-silicon networking strategy (Silicon One + Spectrum-X) is strategically unique. Cisco gives customers a choice: Cisco-designed silicon or NVIDIA silicon, both managed through Nexus One. This preserves the NVIDIA partnership while maintaining Cisco's networking authority. If NVIDIA changes its Spectrum roadmap, Cisco's customers have an alternative that Dell's customers do not. The ~$9B in FY2026 AI infrastructure orders and hyperscaler design wins (P200, G200) validate that the networking + compute + reference architecture approach has market traction at the highest scale.
Moderate but structurally different from Dell's or HPE's. Cisco borrows GPU silicon judgment from NVIDIA (same as everyone) but retains genuine compute platform engineering judgment: X-Series composable architecture, X-Fabric GPU disaggregation, MGX reference design improvements, multi-vendor GPU support, and the three-tier server strategy. Cisco also retains networking judgment entirely — Silicon One, Nexus 9000/8000, Hyperfabric, and Nexus One are all Cisco IP. Storage judgment is borrowed from VAST Data and other partners. The comparison: • Dell retains compute packaging (thermal, mechanical, rack-scale) and storage judgment, borrows networking silicon from NVIDIA (Spectrum). • HPE retains compute judgment (Cray heritage, ProLiant) and networking judgment (Juniper/Aruba/Slingshot), borrows runtime from NVIDIA. • Cisco retains networking judgment AND compute platform engineering (UCS, X-Series composability), borrows GPU silicon (NVIDIA) and storage (partners). Each on-prem vendor retains authority in their heritage domain. Cisco's heritage is networking, but UCS — now in its M8 generation with purpose-built AI servers — has matured from 'networking company does compute' to a genuine multi-tier AI compute platform. The X-Series disaggregated GPU architecture is Cisco's compute contribution that has no direct equivalent from Dell or HPE.
The UCS X-Series composable architecture is Cisco's most underappreciated Layer 0 capability. The X580p + X-Fabric model — dynamically provisioning GPU resources to compute nodes, independently managing CPU and GPU lifecycles, NVLink Bridge support within a blade chassis — applies the same disaggregation principle that defined UCS from inception. If GPU lifecycle velocity continues to outpace CPU lifecycle velocity (which it will), the ability to upgrade GPUs without replacing the compute node is a genuine operational and CapEx advantage. No other blade vendor offers this. The C885A M8 with AMD MI300X/MI350X support is worth tracking. If AMD Instinct gains enterprise traction, Cisco is one of two on-prem vendors (alongside HPE) positioned to offer both NVIDIA and AMD in the same dense-GPU server platform. Dell's AMD support is under separate 'Dell AI Platform with AMD' branding — a different SKU family, not GPU optionality within the same chassis. The Cisco AI Grid reference design for service providers (Cisco Mobility Services Platform + NVIDIA RTX PRO Blackwell GPUs) is a unique go-to-market that no other assessed vendor offers. Dell, HPE, and VAST target enterprises and neoclouds. Cisco targets enterprises, neoclouds, AND the service provider edge — leveraging telco relationships that predate the AI era. If edge inference becomes a significant workload category, Cisco's service provider footprint is a distribution advantage that pure-compute vendors cannot match. The energy efficiency story is worth noting: nearly 70% improvement with liquid cooling and advanced optics. At hyperscale, energy efficiency is a buying criterion that often outranks raw performance — and it plays to Cisco's infrastructure engineering strengths. The multi-vendor storage partner model (VAST, NetApp, Pure Storage, Hitachi Vantara, Nutanix) within AI PODs is structurally different from Dell's single-vendor storage story (PowerScale/ObjectScale/Exascale). The reference architecture model gives enterprises storage vendor choice — but it also means Cisco cannot optimize the compute-to-storage integration path the way Dell can with Exascale or VAST can with DASE.
Durable, governed data foundation — the Governance Catalog that Layer 2C queries
VAST Data Platform running on Cisco UCS C225 M8 servers (designated EBOX). VAST DASE architecture provides shared-everything model with NVMe-over-Fabrics, global namespace, and ACID guarantees. Managed through Cisco Intersight alongside compute and networking. VAST was recognized at VAST Forward 2026 for its Cisco partnership. The customer buying a Cisco Secure AI Factory gets VAST storage as a validated, integrated component — Cisco delivers the capability even though VAST provides the IP.
Cisco AI PODs validate multiple storage partners: VAST Data (primary/deepest integration), NetApp, Pure Storage, Hitachi Vantara, and Nutanix. The enterprise retains storage vendor choice — a structural advantage of the reference architecture model over Dell's single-vendor storage story (PowerScale/ObjectScale) or VAST's vertically integrated approach. Each storage partner brings its own governance metadata model, meaning Layer 1A governance capabilities vary by storage choice.
Zero-trust, ransomware-resilient storage security and inline network security. Cisco Secure AI Factory security principles applied to the data layer. Isovalent provides eBPF-based runtime security for containerized AI workloads. Hybrid Mesh Firewall extends policy enforcement to BlueField DPUs at the storage server level. Security is Cisco-owned and layered on top of whichever storage partner the enterprise selects — consistent security posture regardless of storage choice.
Cisco + NVIDIA + VAST validated as one of the first NVIDIA AI Data Platform reference designs. NVIDIA provides the reference architecture standard; Cisco provides networking and compute; VAST provides the data platform.
Applying the litmus test — what does the enterprise get when it asks Cisco for a 4+1 AI infrastructure? — the answer is clear: the Cisco Secure AI Factory delivers a complete data foundation. VAST Data Platform provides AI-optimized storage with DASE architecture, global namespace, and ACID guarantees. NetApp, Pure Storage, Hitachi Vantara, and Nutanix are validated alternatives. The customer gets Layer 1A capability through Cisco's go-to-market. The DAPM classification (Delegated) captures the structural reality: Cisco delivers the solution, the storage partner provides the IP. This is the same pattern as Dell's Trust3 AI partnership at Layer 1A — Dell delivers governance but Trust3 AI provides the capability. The customer buying Dell doesn't experience Trust3 AI as a gap. The customer buying Cisco shouldn't experience VAST storage as a gap either. Where Cisco's Layer 1A is genuinely thinner than Dell's or HPE's is governance metadata. Dell's MetadataIQ indexes billions of files across PowerScale/ObjectScale with automated classification, tagging, and metadata enrichment — Dell-owned IP. HPE's Data Fabric provides policy-based data placement with lineage tracking — HPE-owned IP. Cisco has no equivalent Cisco-owned metadata or governance capability. The governance metadata available depends entirely on which storage partner the enterprise selects. With VAST, the enterprise gets VAST Catalog. With NetApp, different governance primitives. Cisco adds consistent security across all of them (Hypershield, Isovalent) but does not add a Cisco-owned governance layer above the storage partner. The 4+1 model defines Layer 1A as the 'Governance Catalog that Layer 2C queries.' The catalog exists in the Cisco Secure AI Factory — it's provided by the storage partner. Cisco does not own that catalog, which means Cisco's future Layer 2C ambitions depend on a partner's metadata model. Dell and HPE can build from their own metadata to their own control plane. Cisco would need to build from VAST's metadata to Cisco's control plane — a cross-vendor integration that neither party has announced. The multi-vendor storage model is both a strength and a structural constraint. Strength: the enterprise retains storage vendor choice, avoiding single-vendor lock-in at the data layer. Constraint: Cisco cannot optimize the compute-to-storage-to-governance integration path the way Dell can with Exascale + MetadataIQ or VAST can with DASE + Catalog. Each storage partner brings its own data architecture, its own metadata model, and its own governance surface — Cisco must integrate across all of them rather than optimizing for one.
High for storage platform and governance metadata, low for data security. The enterprise buying a Cisco Secure AI Factory inherits the storage partner's data architecture decisions — VAST's DASE model, NetApp's ONTAP model, or Pure's Purity model depending on selection. Cisco contributes consistent security posture across all storage choices (Hypershield, Isovalent, Hybrid Mesh Firewall) but does not contribute governance metadata, data classification, or compliance tagging above the storage partner. Comparison: Dell borrows Layer 1A governance judgment from Trust3 AI (a specific partner function) but retains storage platform judgment (PowerScale, ObjectScale, MetadataIQ are Dell IP). HPE retains both storage platform (Alletra) and governance (Data Fabric) judgment. Cisco borrows the storage platform from partners but retains the security layer — structurally higher borrowed judgment than Dell or HPE at Layer 1A, but the customer still receives a complete solution.
The strategic question is whether Cisco intends to remain storage-agnostic (a networking company that partners with storage vendors) or will eventually acquire or build storage capability. The VAST partnership depth suggests the former — but the competitive pressure from Dell's Exascale and HPE's Alletra may eventually force the question. Cisco's absence from the storage market is also why VAST ships CNode-X through Cisco as an OEM partner. The relationship is complementary, not competitive: Cisco needs VAST for data, VAST needs Cisco for networking and enterprise distribution. Dell is notably absent from VAST's OEM partner list precisely because Dell and VAST compete at Layer 1A.
Low-latency retrieval for RAG — vector/hybrid search, context windows
VAST InsightEngine on Cisco UCS C845A M8 servers (first VAST Certified CNode-X platform). Real-time vector embedding and retrieval for RAG and agentic workflows. Integrates with NVIDIA NIM microservices for AI-native retrieval. Automates embedding, indexing, and retrieval pipelines. Marketed as reducing RAG pipeline latency from minutes to seconds. This is a validated component of the Cisco Secure AI Factory — the customer asking Cisco for RAG capability receives InsightEngine as part of the delivered solution.
Silicon One G300 Intelligent Collective Networking directly impacts retrieval latency and throughput. The 33% network utilization improvement and 28% job completion time improvement are not just training metrics — they affect how quickly GPU compute accesses storage-side vector indexes. Cisco's networking fabric is the enabling layer that makes VAST's retrieval performance achievable at scale. Lossless, low-latency Nexus 9000 fabric with up to 800G bandwidth between compute and storage tiers.
NVIDIA AI Data Platform reference design validates the Cisco + VAST retrieval architecture. NeMo Retriever provides embedding models and reranking. Same NVIDIA retrieval stack available to Dell and HPE — the differentiation is in the validated integration, not the NVIDIA components.
Applying the customer litmus test: the enterprise asking Cisco for RAG and retrieval capability receives VAST InsightEngine as a validated component of the Secure AI Factory. The retrieval function is delivered. The DAPM classification (Delegated) captures that the retrieval IP belongs to VAST. Cisco's Retained contribution at Layer 1B is the networking fabric that makes high-performance retrieval possible — lossless connectivity between GPU compute nodes and VAST storage with predictable latency. This is not the retrieval capability itself, but it is the enabling condition. The Cisco + NVIDIA + VAST data platform is marketed as 'the first enterprise architecture unifying compute, fabric, and storage into a single, validated platform to accelerate RAG' — and the validated integration is genuine, even though each component has a different owner. Where Cisco is thinner than Dell at Layer 1B: Dell has Data Analytics Engine with its own MCP Server (Feb 2026), blurring the 1A/1B boundary with search, analytics, and orchestration surfaced as a single queryable service — Dell-owned IP. HPE has Data Fabric with integrated vector search capabilities. Cisco's Layer 1B retrieval is entirely partner-provided. If the enterprise selects a storage partner other than VAST (NetApp, Pure Storage, etc.), the Layer 1B retrieval story changes entirely — each partner brings different retrieval capabilities, and Cisco provides no Cisco-owned retrieval abstraction above them. The network-to-retrieval performance correlation is an underappreciated Cisco contribution. When Nexus One's AI Job Observability shows that retrieval latency degraded because of network congestion on a specific path between compute and storage tiers, that's retrieval-relevant intelligence that no storage vendor can provide independently. Cisco sees the network between the GPU and the data — VAST sees the data, NVIDIA sees the GPU, Cisco sees the fabric connecting them.
High for retrieval logic, low for retrieval-enabling networking. All retrieval and context management intelligence is provided by VAST (InsightEngine) and NVIDIA (NeMo Retriever, AI Enterprise). Cisco provides the networking substrate that determines retrieval performance characteristics — and that substrate is Cisco-owned IP with genuine impact on retrieval latency and throughput. The structural comparison: Dell borrows retrieval acceleration from NVIDIA (cuVS, NeMo Retriever) but retains the storage platform on which retrieval operates (PowerScale). Cisco borrows both retrieval logic (VAST InsightEngine) and retrieval acceleration (NVIDIA) but retains the networking fabric that connects them.
The network-as-retrieval-enabler framing is worth developing further. In a disaggregated architecture where GPU compute and vector storage are on separate server tiers connected by fabric, the network IS part of the retrieval path. Cisco's ability to correlate network telemetry with retrieval latency via Nexus One and Splunk is a genuine observability advantage — one that could feed Layer 2C placement decisions about which compute-to-storage path to use for a given retrieval workload. The VAST InsightEngine as first VAST Certified CNode-X platform on Cisco UCS C845A M8 (with RTX PRO 6000 acceleration) represents the deepest Cisco-VAST integration point. This is where the partnership moves from 'VAST storage on Cisco servers' to 'VAST compute-storage fusion on Cisco infrastructure' — closer to a joint product than a validated configuration.
ETL/ELT, feature engineering, data preparation for AI workloads
VAST DataEngine executes serverless functions directly where data lives — 'bringing compute to the data.' SyncEngine indexes and synchronizes data from external sources, triggering enrichment pipelines automatically. Both are delivered as part of the Cisco Secure AI Factory with VAST Data. The customer asking Cisco for data pipeline capability receives these as validated components.
Silicon One G300 Intelligent Collective Networking optimizes data flow across the AI cluster. The network fabric is the physical data movement layer — every byte of training data, every embedding pipeline, every model checkpoint traverses Cisco's switching fabric. Lossless, low-latency networking with up to 800G bandwidth is a prerequisite for high-throughput data pipelines. Cisco's contribution to Layer 1C is the movement infrastructure, not the pipeline logic.
Assessment pending
Applying the customer litmus test: the enterprise asking Cisco for data pipeline capability receives VAST DataEngine and SyncEngine as validated components of the Secure AI Factory. The pipeline function is delivered. DAPM classification (Delegated) captures the authority structure. Cisco has no proprietary data pipeline, ETL, or feature engineering tools — and this is consistent with Cisco's architectural identity. Cisco has never been a data management software company. Dell's Dataloop-powered Data Orchestration Engine is notable precisely because it's Dell's first proprietary software asset in the data lifecycle. HPE's Data Fabric provides policy-based data placement. IBM has watsonx.data with Confluent streaming. Cisco's equivalent is the validated partner integration. Cisco's Retained contribution at Layer 1C is the networking fabric that data pipelines traverse. In a disaggregated AI architecture, data movement between storage tiers, GPU compute, and model serving endpoints is constrained by network bandwidth and latency. Silicon One G300's Intelligent Collective Networking — the 33% utilization improvement and 28% job completion time improvement — directly accelerates data pipeline throughput. This is an infrastructure contribution, not a software contribution, but it's a real one. The Splunk data ingestion and processing capabilities could theoretically extend into data pipeline territory — Splunk already handles high-volume data streams for observability. But Splunk is positioned as an observability and security platform, not an AI data pipeline tool. No Cisco signals suggest this expansion.
High for pipeline logic, low for data movement infrastructure. All data pipeline orchestration, serverless execution, and data synchronization judgment is provided by VAST (DataEngine, SyncEngine) or by the enterprise's own tooling. Cisco provides the networking fabric that determines data movement performance — Cisco-owned IP that directly impacts pipeline throughput. If the enterprise selects a storage partner other than VAST, the Layer 1C story changes significantly. NetApp, Pure Storage, and Hitachi Vantara each have their own data movement capabilities, none validated at the same depth as VAST within the Cisco AI POD architecture.
The networking-as-data-movement framing is structurally consistent across Layers 1A, 1B, and 1C. At each data layer, Cisco's Retained contribution is the networking fabric that connects and enables partner-provided data capabilities. This is not a gap in the customer experience — the customer gets a complete data plane. It is a structural characteristic of Cisco's reference architecture model: Cisco owns the connectivity, partners own the data logic. This pattern has a Layer 2C implication. If Cisco ever builds a control plane that makes placement decisions about data (where should this data live, how should it move, which pipeline should process it), that control plane would need to integrate with multiple storage partners' data APIs. Dell's hypothetical control plane only needs to integrate with Dell's own storage. Cisco's hypothetical control plane needs to be multi-vendor by design — which is harder to build but potentially more valuable in heterogeneous enterprise environments.
Resource scheduling, GPU allocation, infrastructure lifecycle management
Cloud-based infrastructure management for UCS compute, Nexus networking, and VAST storage lifecycle. Policy-driven server profiles, firmware management, and workload optimization. Manages the chassis and networking — comparable to Dell's OpenManage Enterprise but with stronger networking integration. Does not manage GPU workload scheduling directly.
Unified management plane for data center networking. AI Job Observability correlates network telemetry with AI workload behavior. AgenticOps-powered autonomous network operations. The AI-aware network management capability is Cisco-unique — no other vendor correlates network health with GPU job completion at this level of integration.
Agent-driven IT operations across networking, security, and observability. Cross-domain telemetry from Cisco Networking, Security Cloud Control, Nexus One, Splunk, and ThousandEyes. Agentic Workflows and AI Canvas for troubleshooting and automation. Deep Network Model provides system-wide awareness. Extends from cloud to on-premises to air-gapped industrial environments.
Policy enforcement across network switches, workloads, and NVIDIA BlueField DPUs. Extends security policy to the GPU server level. This is a Layer 0/2A security function — infrastructure-level policy enforcement that operates below the application runtime.
GPU scheduling, resource allocation, and workload orchestration. Same NVIDIA dependency as Dell and HPE at this layer. Cisco does not own GPU-aware scheduling primitives.
Enterprise AI software platform providing GPU drivers, container runtime, and validated AI frameworks. Licensed separately from Cisco infrastructure.
Cisco's Layer 2A is networking-centric: Intersight manages the infrastructure fleet, Nexus One manages the AI network, AgenticOps provides agentic IT operations. These are genuine Cisco-owned capabilities with no equivalent in Dell's or HPE's stack in terms of network-to-GPU observability correlation. But GPU-aware scheduling and workload orchestration — the core Layer 2A functions — are NVIDIA-controlled (GPU Operator, Run:ai, AI Enterprise). This is the same gap Dell and HPE face. The enterprise using Cisco AI PODs schedules GPU workloads through NVIDIA's stack, not through Cisco's. The AgenticOps framework is architecturally interesting because it applies agentic AI to IT operations itself — using AI agents to manage the infrastructure that runs AI agents. No other on-prem vendor has an equivalent agent-driven IT operations model. But AgenticOps manages infrastructure operations (networking, security, observability), not AI workload placement. It's a Layer 2A operational capability, not a Layer 2C governance capability. Nexus One's AI Job Observability deserves specific note: correlating network telemetry with AI job behavior is a genuine signal that could feed Layer 2C placement decisions. If the network can tell you that a training job's completion time degraded because of network congestion on a specific spine switch, that's placement-relevant intelligence. Whether this signal is consumed by any placement logic today is not evident.
Moderate. Cisco retains infrastructure management and network orchestration judgment (Intersight, Nexus One, AgenticOps). GPU workload scheduling judgment is borrowed from NVIDIA (Run:ai, GPU Operator), same as Dell and HPE. The AI Job Observability capability reduces borrowed judgment marginally — Cisco can see network-to-GPU correlations that NVIDIA's orchestration layer may not surface. But seeing the problem and acting on it are different functions. Cisco sees; NVIDIA schedules.
AgenticOps' cross-domain telemetry — ingesting signals from networking, security, and observability into a single agentic decision surface — is the closest thing to a unified operations control plane in the on-prem assessment series. HPE's GreenLake Intelligence is comparable but serves a different function (infrastructure operations vs. networking operations). The question is whether AgenticOps evolves from operational automation into policy-driven governance.
Model serving, agent execution, inference APIs, distributed inference
Industry-first AI security solution for securing AI models, agents, applications, and infrastructure. Integrates NVIDIA NeMo Guardrails for AI application security. Secures NVIDIA OpenShell agent development platform with controls and guardrails to govern agent and claw actions. Model validation, prompt injection defense, data leakage prevention, bias detection. Spans Layer 2B (runtime security) and Layer 2C (agent governance). This is Cisco's most differentiated Layer 2B contribution — no other infrastructure vendor has an equivalent AI-specific security product.
Open-source framework that automates security governance for agentic AI. Admission control: scans skills, MCP servers, plugins, and code before they run. Observe mode (log without blocking) and action mode (block HIGH/CRITICAL findings). Integrates with NVIDIA OpenShell as the sandbox runtime. Splunk Observability Cloud dashboards for monitoring. Apache 2.0 licensed. Plans to integrate with NVIDIA OpenShell as the sandbox to eliminate manual steps and accelerate secure agent deployment.
eBPF-based runtime security for containerized AI workloads. Deep kernel-level visibility into container behavior, network flows, and system calls. Part of the Secure AI Factory security stack. Runtime enforcement, not runtime execution — secures the container environment, does not provide the model-serving or agent execution runtime.
Tracks performance, cost, quality, and behavior of LLM and agentic applications in Splunk Observability Cloud. Visualizes agent workflows. Integrating with Cisco AI Defense for risk mitigation (bias, hallucinations, data leakage, prompt injection). GA February 2026. Galileo acquisition (expected Q4 FY2026) will add real-time guardrails, 20+ evaluation metrics including hallucination detection and context adherence, full ADLC coverage.
Agent runtime and sandboxed execution environment. Cisco AI Defense integrates with OpenShell to add security governance. The runtime is NVIDIA's; the security layer is Cisco's.
Containerized model serving and commercial AI platform. Same dependency as Dell and HPE.
Distributed inference framework with KV-aware routing. Performance optimization, not policy-driven placement.
Runtime safety boundaries integrated into Cisco AI Defense. Cisco extends NeMo Guardrails with its own AI Defense policy enforcement.
Cisco does not own the core agent runtime, model-serving runtime, or distributed inference framework — same structural position as Dell and HPE at Layer 2B. The NVIDIA NemoClaw/OpenShell stack provides execution; Cisco provides security governance around it. But Cisco's security contribution at Layer 2B is the most comprehensive of any infrastructure vendor assessed. AI Defense is not a rebranded NVIDIA capability — it's Cisco-developed AI-specific security that integrates with NVIDIA's runtime. DefenseClaw is open-source admission control for agent capabilities. Isovalent provides kernel-level container security. Splunk AI Agent Monitoring provides behavioral observability. Together, these constitute a 'trust layer' for AI execution that no other infrastructure vendor matches. The Galileo acquisition is strategically significant: it extends Splunk from infrastructure observability into AI agent evaluation, covering the full Agent Development Lifecycle (ADLC) — prompt optimization, model selection, production monitoring, and guardrail enforcement. Post-Galileo, Cisco will have the most comprehensive AI observability stack of any infrastructure vendor. The distinction the 4+1 model draws: security constrains what agents CAN'T do. Runtime governs what agents DO. Governance determines what agents SHOULD do. Cisco has the first. NVIDIA has the second. Nobody fully has the third.
Moderate but inverted from Dell's pattern. Dell borrows runtime judgment from NVIDIA and security judgment from partners (CrowdStrike, Fortanix, F5). Cisco borrows runtime judgment from NVIDIA but retains security judgment entirely — AI Defense, DefenseClaw, Isovalent, and Splunk AI Agent Monitoring are all Cisco IP. The enterprise inherits NVIDIA's runtime decisions but Cisco's security decisions. Post-Galileo, the observability judgment becomes even more Retained: Cisco will own infrastructure observability (Splunk), network observability (ThousandEyes, Nexus One), and AI agent observability (Galileo + AI Agent Monitoring) in a single platform.
Peter Bailey (SVP/GM Cisco Security): 'We have this opportunity to be a trust layer, not just for network activity, but actually what's happening at the application layer, at the workload layer, between agents, between workloads, between data.' This is a Layer 2B/2C strategic claim — Cisco as the trust layer that wraps around other vendors' execution layers. DefenseClaw's open-source model is strategically similar to AGNTCY: Cisco open-sources the agent security framework, building community adoption and standards influence, while retaining the commercial AI Defense product. Open-source for influence, commercial for revenue.
Policy-driven placement and resource coordination — the Autonomy Layer
Agent identity as first-class non-human identities. Duo Directory registers agents as distinct identity objects mapped to human owners with group-based policy enforcement. Per-action least-privilege enforcement. Lifecycle visibility for agent onboarding and decommissioning. Cisco Identity Intelligence provides continuous inventory of active AI agents — including shadow agents never registered with IdP. Architectural advantage: Cisco spans both identity and network, surfacing agents that communicate across infrastructure even without IdP registration.
Open-source infrastructure for multi-agent systems: agent discovery (Open Agent Schema Framework / DNS-like agent directory), agent identity (cryptographic verification across organizational boundaries), agent messaging (SLIM — Secure Low-Latency Interactive Messaging, quantum-safe), agent observability (end-to-end across multi-agent, multi-vendor workflows). Originally open-sourced by Cisco Outshift (March 2025), donated to Linux Foundation (July 2025) with Dell, Google Cloud, Oracle, Red Hat as formative members. 75+ supporting companies. Critical context: AGNTCY is one component within a larger standards convergence, not the defining standard itself. The Agentic AI Foundation (AAIF), formed December 2025, is the umbrella — analogous to CNCF for cloud-native. AAIF's founding projects are MCP (Anthropic), AGENTS.md (OpenAI), and goose (Block). Platinum members are AWS, Anthropic, Block, Bloomberg, Cloudflare, Google, Microsoft, OpenAI. Cisco is a Gold member of AAIF, not Platinum. A2A (Google) reached v1.0 and joined the broader LF agentic ecosystem. AGNTCY sits as complementary infrastructure beneath these protocols — the plumbing (discovery, identity, messaging, observability) that MCP and A2A need but don't provide themselves. AAIF is already called 'the fastest-growing project in Linux Foundation history' with 190 members by May 2026 — more than double CNCF's membership at the same stage. Microsoft explicitly draws the Kubernetes parallel: 'Just as Kubernetes needed RBAC and admission controllers to be enterprise-ready, agentic systems need governance primitives.' AGNTCY contributes some of those primitives. It does not define the ecosystem.
Secures multi-agent systems with controls for agent discovery, behavioral guardrails, and policy enforcement. Integrates with NVIDIA OpenShell for sandbox governance. Combined with Duo Agentic Identity, provides: which agents exist (discovery), who they are (identity), what they can access (authorization), what they do (monitoring), and what they can't do (guardrails). This is the closest thing to an agent governance stack in Cisco's portfolio.
AI Agent Monitoring in Splunk Observability Cloud for production agent behavior tracking. Galileo acquisition adds real-time guardrails, hallucination detection, context adherence, chunk attribution — 20+ evaluation metrics across the full ADLC. The Futurum Group positioned Splunk post-Galileo as 'an AI-era control plane candidate, concentrating network, security, and AI agent behavior telemetry in a single vendor.' Whether telemetry concentration constitutes a control plane is the open question.
All Layer 2C components are Cisco IP or Cisco-originated open standards. NVIDIA does not control agent identity, governance policy, or observability in Cisco's stack. This is the same pattern as Google's Layer 2C — the intelligence governance layer is vendor-owned, not NVIDIA-dependent.
Applying the 'Routing Is Not Reasoning' test from the 4+1 model: • Duo Agentic Identity = identity management (which agents exist and what they can access) • AI Defense = constraint enforcement (what agents cannot do) • DefenseClaw = admission control (what agent capabilities are approved to run) • AGNTCY = infrastructure primitives (how agents discover, authenticate, and message each other) • Splunk + Galileo = observability and evaluation (what agents are doing and how well) None of these provides policy-driven decisions about where compute runs relative to data, which model serves which request, or how cost/compliance/latency are arbitrated in real time. Cisco's Layer 2C is the most comprehensive SECURITY and OBSERVABILITY story of any vendor assessed — but security and observability are not the same as governance and placement. The AGNTCY positioning requires careful calibration. The K8s analogy applies to the broader Agentic AI Foundation (AAIF) — the Linux Foundation umbrella with MCP (Anthropic), AGENTS.md (OpenAI), goose (Block) as founding projects, and AWS/Google/Microsoft/Anthropic/OpenAI as Platinum members. AAIF is 'the fastest-growing project in Linux Foundation history' with 190 members and more than double CNCF's early-stage membership. AGNTCY is one project within this ecosystem — important infrastructure (discovery, identity, messaging, observability) that MCP and A2A need but don't provide. But Cisco is a Gold member of AAIF, not Platinum. The ecosystem-defining standards (MCP, A2A) were originated by Anthropic and Google respectively, not Cisco. AGNTCY contributes the plumbing beneath the protocols — valuable, but not the protocols themselves. The structural comparison: • Google has a productized Layer 2C control plane (Agent Identity + Gateway + Registry + Orchestration + Observability + Memory Bank) AND originated A2A • IBM has cross-framework agent governance (watsonx Orchestrate) + cross-platform model governance (watsonx.governance) • VAST has PolicyEngine + Polaris for data-plane governance • Cisco has agent identity + agent security + agent observability + open infrastructure primitives (AGNTCY) — but no agent orchestration, no model routing, no placement reasoning Cisco is building the trust layer and contributing to the infrastructure standards layer. The question the 4+1 model poses is whether trust (can this agent be trusted to act?) plus interoperability standards (can agents discover and talk to each other?) is sufficient without governance (should this agent act here, now, with this data, on this model?). Trust and interoperability are necessary for governance. They are not governance. However, Cisco's Layer 2C position is stronger than Dell's (Absent) and arguably stronger than HPE's (Delegated to Kamiwaza). Cisco owns genuine Layer 2C primitives — they just don't compose into a placement engine yet.
Low for the functions Cisco provides. All Layer 2C components are Cisco IP or Cisco-originated open standards. No NVIDIA dependency, no partner dependency for identity, security, or observability at this layer. But 'low borrowed judgment for partial Layer 2C' is structurally different from 'low borrowed judgment for complete Layer 2C.' VAST has low borrowed judgment for a comprehensive (if captive) Layer 2C. Cisco has low borrowed judgment for agent trust functions — but the placement, routing, and governance functions are Absent, not borrowed. The enterprise architect using Cisco for Layer 2C gets strong agent identity and security with zero borrowed judgment. They do not get agent orchestration, model routing, or policy-driven placement from anyone — Cisco or otherwise.
The Futurum Group's framing of post-Galileo Splunk as 'an AI-era control plane candidate' is the most explicit analyst validation of Cisco's Layer 2C potential. The path from candidate to actual control plane requires composing identity (Duo) + security (AI Defense) + observability (Splunk/Galileo) + networking intelligence (Nexus One AI Job Observability) into a single decision surface that makes placement and governance decisions. The pieces exist. The composition does not. This is the inverse of Dell's position: Dell has no pieces. Cisco has pieces without composition. VAST has composition without openness. Google has composition with captivity. The AAIF ecosystem is the right frame for understanding where agentic governance standards are heading. Microsoft's explicit Kubernetes parallel — 'Just as Kubernetes needed RBAC and admission controllers to be enterprise-ready, agentic systems need governance primitives and those primitives belong in the open' — validates the 4+1 model's Layer 2C thesis. The governance primitives Microsoft references are exactly what Layer 2C defines. AAIF is building the open-standards foundation for Layer 2C; the question is whether any vendor productizes it as a coherent control plane. Cisco's strategic position within AAIF: contributor of infrastructure plumbing (AGNTCY), commercial implementer of trust functions (AI Defense, Duo, Splunk), Gold-tier member. This is a meaningful position — but it's one contributor among 190 members, not the ecosystem definer. Anthropic (MCP) and Google (A2A) contributed the foundational protocols. Cisco contributed the infrastructure layer beneath them. The analogy: Google contributed Kubernetes; Cisco contributed something more like the CNI (Container Network Interface) or service mesh layer — essential infrastructure, but not the orchestration standard itself. The commercial bet: if AAIF standards mature into the enterprise agentic governance stack, Cisco's commercial products (AI Defense for security, Duo for identity, Splunk for observability, DefenseClaw for admission control) become the enterprise implementation layer on top of open standards — the Red Hat model applied to agentic infrastructure. That's a credible business model if the standards achieve adoption. Cisco survey data: 55% of organizations have agentic AI running as pilots or in production (Jan 2026). Only 4% are fully confident in full-scale deployment. 59% cite security concerns as the biggest barrier. Cisco is positioned to address the security barrier. The governance barrier — which the 4+1 model argues is structurally different — is what AAIF and AGNTCY are attempting to address at the standards level.
AI-powered business capabilities — business logic, workflow automation
Reference architecture that partners build on. VAST Data (storage), NVIDIA (compute/runtime), and a growing ecosystem of security partners integrated into AI Defense. The Secure AI Factory is a validated framework, not a walled garden — partners provide application logic, Cisco provides infrastructure and security.
Splunk Enterprise Security TDIR platform. Splunk Observability Cloud. These are Layer 3 security applications that run on Cisco's own infrastructure. Splunk's installed base provides a distribution channel for AI capabilities — existing Splunk customers can adopt AI Agent Monitoring without new vendor relationships.
AI Defense, Duo, SecureX, Umbrella, Talos threat intelligence — the security product portfolio that Cisco positions as the 'trust layer' for enterprise AI. Each product addresses a specific security function; together they constitute a security application suite that sits alongside (not above) AI applications from other vendors.
Execution surface for AI applications on Cisco infrastructure. NVIDIA provides the application runtime; Cisco provides the infrastructure substrate and security layer.
Cisco's Layer 3 is structurally different from Dell's, HPE's, or the hyperscalers'. Dell has a broad ISV ecosystem (OpenAI, Palantir, Google, ServiceNow, SpaceXAI). HPE has Unleash AI with 26+ curated ISV partners. AWS and Google have thousands of ISV applications. Cisco's Layer 3 is narrower — the Secure AI Factory is a reference architecture that partners build on, not an application marketplace. Cisco's strongest Layer 3 asset is Splunk — an established platform with deep enterprise penetration that is being extended into AI observability and security. Splunk's competitive advantage at Layer 3 is distribution: enterprises already running Splunk can adopt AI Agent Monitoring, AI Defense integration, and Galileo evaluation capabilities within their existing observability investment. The strategic comparison with Dell at Layer 3: Dell's ecosystem is load-bearing (ISV partners provide infrastructure-level functions the platform lacks). Cisco's ecosystem is enabling (partners build applications on Cisco's infrastructure substrate). Cisco's Layer 3 partnerships are less about filling platform gaps and more about extending the reference architecture to specific use cases. The Cisco 360 Partner Program (launched January 2026) structures partner engagement around the Secure AI Factory, with role-based training paths, dCloud demo environments, and NVIDIA compute training alongside Cisco networking and security training. This is a go-to-market capability, not a technology capability.
Distributed across partners, which is architecturally appropriate at Layer 3. The structural observation: Cisco's borrowed judgment at Layer 3 is concentrated in two domains — AI runtime (NVIDIA) and data platform (VAST). The security and observability applications are Retained. The enterprise application use cases are partner-provided. The Splunk ecosystem (tens of thousands of enterprise customers, extensive app marketplace, active developer community) provides a distribution advantage for AI capabilities that pure-infrastructure vendors lack. Dell and HPE must sell AI capabilities to new buyer personas. Cisco can extend AI capabilities to existing Splunk and security customers.
The service provider go-to-market is unique to Cisco at Layer 3. Cisco AI Grid enables telcos to offer managed AI services to their enterprise customers using Cisco infrastructure. No other assessed vendor has a comparable service provider distribution channel for AI. If edge inference becomes a significant market, Cisco's telco relationships position it differently from every other vendor in the assessment. The $4,000 employee reduction (5% of ~86,000) alongside record revenue signals active reallocation toward AI infrastructure and security — Cisco is restructuring its workforce to match its strategic pivot, not cutting due to weakness.
Cisco is the only vendor in this assessment series whose AI infrastructure authority is anchored by networking and security — but the compute story has matured beyond that framing. Where Dell builds up from servers and storage, HPE from sovereign compute and owned networking, VAST from the data platform, and hyperscalers from managed services, Cisco builds outward from the network fabric and security posture, with a purpose-built GPU compute portfolio (C885A, C845A, X-Series X580p) that now competes directly with Dell and HPE at every AI workload tier. The Secure AI Factory with NVIDIA is a reference architecture, not a vertically integrated platform — and that distinction defines Cisco's entire 4+1 profile. The customer asking Cisco for an AI factory receives a complete solution: Cisco-owned networking and compute, Cisco-owned security and observability, and partner-delivered storage and data services through validated integrations.
Layer 0 is Cisco's strongest position with depth across both networking and compute. Cisco owns the network fabric (Silicon One G300, Nexus 9000/8000, Nexus Hyperfabric) and has built a three-tier GPU compute portfolio (C885A dense HGX for training, C845A modular MGX for inference, X-Series X580p for composable blade AI) that competes directly with Dell PowerEdge and HPE ProLiant. The X-Series disaggregated GPU architecture — independently managing CPU and GPU lifecycles via X-Fabric — is an architectural differentiator no other blade vendor matches. Cisco does not own storage; the AI POD storage story depends on partners (VAST Data primary, plus NetApp, Pure Storage, Hitachi Vantara, Nutanix), which is Delegated authority. This makes Cisco's Layer 0 the inverse of Dell's: Dell owns compute and storage but brands NVIDIA networking silicon. Cisco owns networking silicon and has purpose-built AI compute but depends on partners for the data foundation.
The security and observability layers are where Cisco makes its most differentiated claim. AI Defense, Duo Agentic Identity, DefenseClaw, Splunk Observability Cloud with AI Agent Monitoring, and the Galileo acquisition together represent the most comprehensive agent security and observability portfolio of any infrastructure vendor assessed. These capabilities span Layers 2A through 2C — and they constitute genuine Cisco-owned IP, not rebranded NVIDIA or partner technology. The structural question is whether security and observability are sufficient to constitute a control plane, or whether they remain constraint enforcement without placement reasoning.
The AGNTCY initiative — open-sourced by Cisco's Outshift incubator, donated to the Linux Foundation with Dell, Google Cloud, Oracle, and Red Hat as formative members — contributes infrastructure primitives (discovery, identity, messaging, observability) to the broader agentic standards ecosystem. AGNTCY sits within the Agentic AI Foundation (AAIF), the fastest-growing project in Linux Foundation history, where MCP (Anthropic), A2A (Google), AGENTS.md (OpenAI) define the foundational protocols. Cisco is a Gold member of AAIF, not a Platinum founder — the ecosystem-defining standards were originated by Anthropic, Google, and OpenAI, not Cisco. AGNTCY contributes essential plumbing beneath those protocols, and Cisco's commercial products (AI Defense, Duo, Splunk) could become the enterprise implementation layer if these open standards achieve adoption. But Cisco's position is contributor, not definer.
Cisco's ~$9B in projected FY2026 AI infrastructure orders, record $15.8B quarterly revenue, and hyperscaler design wins (Silicon One P200, G200) validate market traction. The Galileo acquisition and DefenseClaw open-source release signal an intent to own the AI agent trust layer. The 4+1 assessment reveals a vendor with genuine strength at Layer 0 (networking + compute), comprehensive security and observability across Layers 2A through 2C (all Cisco-owned IP), and partner-delivered data plane capabilities at Layers 1A through 1C that the customer receives as part of the Secure AI Factory solution. The structural gap is specific: Cisco has no proprietary data software (storage, retrieval, pipelines) and no policy-driven placement engine at Layer 2C. Cisco secures the AI Factory and contributes to the open standards that may define its governance. It does not yet govern the factory itself.