Modern networks have exploded in size and complexity, but most teams have not grown at the same pace. The result is too many devices, too many change windows, and not enough time. The latest Cisco switching platforms change this equation. They blend stronger hardware with AI-assisted operations so you can run faster, reduce risk, and free your team to build.
Below is a practical guide to what changed, why it matters, and how to put it to work in your environment today.
Why modernize now
Scale out without scaling headcount: Many practitioners report that their switch counts have grown four to five times over their tenure, while their teams did not. Modernized platforms are not only faster. They are easier to operate, change, and troubleshoot, which directly addresses the gap between device growth and staff capacity.
Move from reactive to proactive operations: AI-assisted tooling shifts work from “find and fix” to “predict, prevent, and accelerate the fix.” Features like automated patching, suspicious-activity isolation, and guided remediation help you contain issues before users feel them. That is critical as attackers also lean on AI to generate ransomware and novel attack patterns.
Security pressure at the edge and in the plant: Threats target not only data theft but also uptime. Embedded controls in the newest switches support Zero Trust patterns right at the access layer, so unknown or unhealthy devices get segmented automatically and cannot move laterally. That same approach now extends into OT environments where the stakes are physical.
AI for networking vs. networking for AI
The team draws a clean line between two ideas that often get blurred.
AI for networking: This is AI you use to run the network better: assistants for troubleshooting, diagnostics, change automation, and assurance. You do not need a GPU farm to unlock these capabilities. They are delivered through controller platforms and licenses you already use, like the Meraki dashboard and ThousandEyes.
Networking for AI: This is building the fabric that can carry AI workloads when you want them: higher-throughput access and core, modern ASICs, clean segmentation, and telemetry that will not throttle inference traffic. Cisco’s latest access and core platforms create the bandwidth headroom and east-west performance required when AI servers live on your network.
What’s new from Cisco that changes the game
Catalyst 9300-series update: 9350 at the access: At Cisco Live 2025, Cisco announced the 9350 for access, along with the 9600 in the core and new data center switches. The 9300-class evolution brings stronger ASICs, more bandwidth, and out-of-the-box integration with Meraki Dashboard to enable AI-assisted operations.
Catalyst 9600 and next-gen data center switching: Campus core and data center lines got the throughput and telemetry uplift to support modern segmentation and visibility patterns at scale. Expect easier rollouts, safer changes, and better assurance as you consolidate on fewer, more capable platforms.
Nexus 9300 with embedded DPU enablement: For environments preparing for AI-heavy east-west traffic, the latest Nexus 9300-class additions include embedded DPU enablement that aligns switching with accelerated compute architectures. This positions your fabric to move AI workloads without creating bottlenecks.
Day-0 through Day-N operations in one pane
Meraki Dashboard with an AI agent: You can integrate the new access platforms into the Meraki Dashboard and use an AI agent out of the box for guided troubleshooting, natural-language queries, and faster root-cause analysis. That is a gentler onramp for teams that want immediate value from AI without standing up new infrastructure.
Policy-driven configuration at scale: The painful days of per-device scripts and brittle rollouts are fading. Templates and intent let you standardize safely, keep clean configuration inventories, and automate common tasks so you ship more changes with less risk.
Always-current and always-secure: Automated patching and proactive isolation reduce exposure windows dramatically. If the platform sees suspicious behavior, it can quarantine the affected segment before a human would even be paged, which protects operations and keeps users productive.
Security by design, not bolt-on
Zero Trust at the access layer: Identity-based access and segmentation happen right at the switch port. Devices can be tagged with Security Group Tags immediately and restricted to only what they should reach. If a device does not meet posture or identity requirements, it does not get on. That is the practical heart of Zero Trust for campus.
AI-assisted detection and containment: Attackers use AI to build malware and launch campaigns. Your defense should do the same. With AI-driven analytics in the platform, you can spot anomalies faster, isolate them, and continue serving known-good traffic.
ThousandEyes for end-to-end assurance: Deep visibility into path, performance, and user experience lets you correlate issues across campus, WAN, SaaS, and internet. Pairing that visibility with access-layer segmentation shortens mean time to innocence across teams.
OT is the next frontier
From “delicate and crucial” to observable and protected: Many OT networks remain fragile and isolated because downtime risks are so high. With modern embedded features in switching and controller-delivered visibility, you can converge prudently and gain the reliability and containment that OT has lacked.
Cyber Vision puts eyes on industrial estates: Cyber Vision extends discovery, monitoring, and assurance into plants and utilities, bringing the same level of network visibility that IT teams expect. It is licensed as an add-on, and if you already buy into ThousandEyes tiers, Cyber Vision rides alongside.
Real-world stakes: Oil and gas, municipal water, power generation, and even nuclear all depend on sensors and controllers working as intended. Failure is not just a ticket. It is a safety event. Modern segmentation, monitoring, and embedded controls lower that risk materially.
Common myths to clear up
“We need on-prem GPUs to use AI features”: Not for AI for networking. These features are delivered in the platform licenses and dashboards you already consume. You can adopt AI-assisted operations without deploying new AI hardware.
“A one-for-one switch swap is enough”: If your business needs and attack surface are growing, a like-for-like replacement keeps you on the back foot. You want the features that change outcomes: proactive security, automation, segmentation, and telemetry that help you move faster and safer.
A practical crawl-walk-run roadmap
Crawl: baseline and quick wins: Start by meeting your teams where they are. Turn on controller integrations that give you immediate value, such as AI triage in the Meraki Dashboard and ThousandEyes for assurance. Establish a current inventory and configuration baseline so you can automate safely.
Walk: automate and segment: Shift common changes into templates and intent. Enforce identity-based access at the edge with SGTs so untrusted devices are contained by default. Make patching a continuous process instead of a quarterly scramble, and use AI-assisted anomaly detection to clamp down on talkative ports and bandwidth spikes before they ripple.
Run: AI-ready fabric and OT expansion: Roll in 9350 access and 9600 core where you need the capacity and features, and align data center switching to support accelerated, east-west traffic patterns. Extend visibility into plants with Cyber Vision and apply the same Zero Trust patterns you perfected in campus.
Business outcomes to measure
MTTR and ticket deflection: Track the time saved when AI handles triage, isolates suspicious behavior, and guides fixes. Look for fewer escalations and faster closure across both campus and OT sites as visibility and segmentation take hold.
Security risk reduction: Measure patch compliance windows, the percentage of devices that are unknown or non-compliant at the edge, and the containment time for anomalies. Use these numbers to communicate risk reduction in board-friendly language.
Agility and cost efficiency: Count changes per engineer, time to deploy a new site, and the number of “truck rolls” avoided because guided fixes and remote isolation handled the issue. The theme is simple: more outcomes per person.
How Presidio helps
Advisory and design: We align use cases with architecture across campus, data center, WAN, and OT. The first step is clarifying whether you are pursuing AI for networking, networking for AI, or both, and then mapping the shortest path to value.
Deployment and migration: Our teams deliver low-risk cutovers, policy and template rollouts, and user-first change management. We set you up to operate from a single pane so you get the benefits on day one, not six months in.
Managed operations and continuous improvement: Once live, we help you keep posture strong, data clean, and automation humming. As Cisco ships new capabilities, we make sure you are taking advantage of them without adding overhead.
Putting it all together
The story here is not “new boxes,” it is a new operating model. Cisco’s latest platforms deliver the hardware headroom you expect, but the real shift is in how you run the network. With AI-assisted operations, embedded Zero Trust, and controller-driven automation, you make a growing estate feel smaller and safer.
And you do not have to boil the ocean. Start where you are. Turn on the licenses and dashboards you already own. Prove the value in one part of the estate, then scale confidently into core, data center, and plant. The payoff is a network that moves at the speed of your business, not the other way around.
This article was inspired by an episode of The Digital Decode with Presidio’s Andy Richter, Mark Cardwell, and Britny Bolton, hosted by Allec Brust.
