Cisco has introduced a significant update to its software-defined wide area network (SD-WAN) platform, version 26.1.1, focusing on stronger security controls and deeper integration of artificial intelligence to help enterprises manage the growing demands of modern applications. The release builds upon Cisco's broader Resilient Infrastructure initiative, first announced in November 2025, which aims to harden network devices by default, reduce attack surfaces, and improve threat detection and response across the product portfolio.
One of the central themes of the update is security. The new release introduces a centralized Insecure Configurations dashboard that gives network administrators a single, real-time view of all misconfigurations or outdated commands across the SD-WAN fabric. Cisco has categorized insecure commands into five areas: line transport (remote access methods), device server configurations, file transfer protocols, SNMP settings, and password management. During device boot or upgrade, any detected insecure configuration triggers an error message, and in the corresponding Cisco IOS XE 26.1.1 release, all insecure CLI commands are blocked by default. Enterprises that still rely on legacy commands must explicitly enable them using a special global configuration command. This approach forces organizations to consciously evaluate and justify any deviation from security best practices.
The security enhancements also extend to policy management. For organizations using Meraki SD-WAN sites, Cisco now allows firewall policies to be defined once at the organization level and applied across all locations, rather than requiring per-site configuration. This centralized approach simplifies management for distributed enterprises, reduces operational overhead, and ensures consistent enforcement of security policies. Additionally, the update improves Transport Layer Security (TLS) decryption capabilities, enabling up to 1.6 Gbps throughput on 100% HTTPS traffic on platforms such as the Catalyst 8375-G2 router, without creating performance bottlenecks.
On the artificial intelligence front, Cisco has added features to help customers identify, classify, and manage AI traffic. As enterprises deploy more AI-powered applications—ranging from large language models to real-time inferencing—the network must differentiate between business-critical AI workloads and less important uses. The new software automatically recognizes AI application traffic across cloud, edge, and hybrid environments. Organizations can then apply intent-based policies to prioritize critical AI traffic while governing non-critical usage. Security is built into this process: Zero Trust enforcement applies directly to AI traffic, and suspicious flows can be redirected to Cisco Secure Access for deeper inspection. The goal is to create a WAN that not only carries AI traffic but continuously optimizes and secures it as usage grows.
The update also enhances the natural language AI Assistant within the SD-WAN management interface. The assistant has been improved to handle troubleshooting issues more effectively, monitor network performance, search through documentation, and manage Technical Assistance Center (TAC) trouble ticket cases from a single tool. By consolidating operational troubleshooting and support case management, Cisco aims to reduce the time it takes to identify and resolve network problems. The AI Assistant leverages Cisco's broader AI infrastructure and can understand context, provide step-by-step remediation guidance, and even open or update TAC tickets on behalf of administrators.
From a historical perspective, Cisco's SD-WAN product line has evolved significantly since the company acquired Viptela in 2017. Over the years, Cisco has integrated SD-WAN with its broader networking, security, and cloud portfolios, including the recent addition of AI-driven insights and automation. The 26.1.1 release continues that trajectory by embedding security deeper into the network fabric and preparing the WAN for the AI era. As more traffic becomes encrypted and AI workloads become commonplace, the ability to inspect, classify, and secure traffic at scale becomes paramount. Cisco's approach of making security defaults stricter while providing flexible policy frameworks addresses the needs of both highly regulated industries and agile enterprises.
Another notable aspect of the release is the emphasis on operational simplicity. The centralized dashboards, org-wide group policies, and natural language AI interface all aim to reduce the manual effort required to manage complex networks. This is especially important for organizations with limited networking staff or those undergoing digital transformation. By automating the detection of insecure configurations and enabling policy consistency, Cisco helps network teams focus on strategic initiatives rather than routine maintenance.
Cisco also continues to align its SD-WAN platform with its Security Cloud and Secure Access services. The ability to redirect AI traffic for deeper inspection, coupled with the new TLS decryption capabilities, ensures that security does not come at the expense of performance. The Catalyst 8375-G2 router's ability to handle 1.6 Gbps of encrypted traffic demonstrates that strong security can coexist with high throughput.
In summary, Cisco SD-WAN 26.1.1 represents a comprehensive update that addresses two of the most pressing challenges in enterprise networking today: security and AI readiness. By defaulting to stricter security postures, providing centralized visibility into misconfigurations, and enabling intelligent traffic management for AI applications, Cisco is positioning its SD-WAN solution as a foundational component for secure, high-performance networks. The enhancements to the AI Assistant further streamline operations, making it easier for administrators to maintain and troubleshoot their networks. As enterprises continue to adopt AI and face evolving security threats, such capabilities become essential for maintaining competitive advantage and operational resilience.
Source: Network World News