Brands

Hot News

AI Agents for Network and Security: Expectations vs Reality
Publish Time: 24 Sep, 2025

In this article, we examined engineers' expectations regarding AI agents for networking and security, as well as the availability of commercial and open-source AI agents or solutions.

What Is an AI Agent?

An AI agent is an autonomous software system that independently perceives, reasons, and acts to achieve specific goals. Unlike traditional software that follows fixed instructions, agents continuously monitor their environment, make dynamic decisions based on available information, and adapt their strategies through learning and experience. Modern AI agents utilize tools such as web search, APIs, code execution, and file manipulation to interact with external systems, enabling them to perform complex tasks-from network monitoring and troubleshooting to security analysis and threat response.

Design and Architecture

At the design and architecture stage, AI agent creators should decide the following:

  • Choose the AI framework.
  • Choose related AI model(s).
  • Design AI agent tools.
  • Gather and test information about databases, APIs, and MCP servers that are planned to be used.

Models for AI Agents

The LLM is a central controller, or "brain," for agents. It's a crucial element for the agents. So, which model should you choose? One of the ways to distinguish between the models is by using benchmarks. Benchmarks in AI are standardized tests designed to measure and compare the abilities of different models on specific tasks or a set of tasks.

Many of the most popular benchmarks typically chosen for model comparison don't include networking- or security-related questions.

One of the closest networking benchmarks that we've found is Network Operational Knowledge (NOK) benchmarking for LLMs (Dec 15, 2023). For security, there is the CTIBench benchmark. You can also find Foundation-Sec-8B, a model developed by Foundation AI at Cisco. Foundation-Sec-8B is an open-weight language model specialized for cybersecurity applications.

There are thinking models that ideally match the requirements for agents.

AI Reasoning and Thinking Models

  • Gemini 2.5 Pro (Deep Think).
  • GPT-5 Thinking.
  • Claude Sonnet 4.0 Thinking.
  • Claude Opus 4.1 Thinking.
  • Qwen3-235B-A22B-Thinking.

AI Agents: Expectations

Here are the results of surveys regarding "Which AI agents would you most want to find on Cisco DevNet Code Exchange?":

AI Agents on Cisco DevNet Code Exchange: Survey Results (September 2025).

Combined survey results (100 total votes):

  • Configuration automation: 37% - The top choice among the DevNet community, indicating strong demand for AI agents that can automate network configuration tasks and infrastructure management.
  • Network monitoring agents: 32% - Close second priority, showing engineers want AI-powered tools for network visibility, performance tracking, and operational insights.
  • Threat and vulnerability agents: 22% - Significant interest in AI agents focused on security monitoring, threat detection, and vulnerability assessment capabilities.
  • Code generation agents: 9% - Lowest priority, suggesting engineers are less interested in AI tools for writing code compared to operational automation.

The combined results from Cisco DevNet, LinkedIn, and X/Twitter surveys demonstrate a clear preference for operational AI agents over development-focused tools. With nearly 70% of votes going to configuration automation and network monitoring, the Cisco technical community prioritizes AI agents that solve real-world infrastructure challenges rather than code generation utilities. Twenty-two percent of votes went to AI agents focused on security.

Here are tasks that Network and Infrastructure engineers, SREs, and DevOps teams want to utilize an AI agent for within their workflows:

Average results of the offline surveys at Cisco DevNet Share Your Experience Zone (2024-2025).

AI Agents for Networking and Security: Open-Source and Commercial

There are open-source AI agents for networking that enable you to manage and troubleshoot network devices via natural language, automatically converting requests into safe CLI actions or gRPC/REST API calls. There are also agents that automate complex diagnostics and troubleshooting end to end. These agents validate intent, plan per-device investigations, execute commands across multiple devices, assess findings, and generate clear, memory-augmented reports.

We in Cisco DevNet gather open-source networking and security AI agents here: https://developer.cisco.com/codeexchange/search/?q=ai+agent. Soon, you will be able to find a separate section for MCP servers at DevNet Code Exchange.

And what can commercial companies offer?

Cisco has a Cisco AI Assistant that can work with various products and help analyze policies, automatically generate reports, and send notifications, among other tasks. Cisco AI Assistant is aware of the latest documentation and guides related to the products. Cisco is also developing AI Canvas, the first generative UI that unifies real-time telemetry, AI insights, and team collaboration across all IT domains in one intelligent workspace.

Here is a list of commercial companies that develop AI agents as products: AI Network Engineers from Nanites AI, DevAI, Copilot for Network Automation by Selector AI, and Aviz AI Agents.

Many commercial companies claim to offer multivendor support. The AI agents developed by commercial companies can perform everyday tasks, such as automatically verifying end-to-end pings, checking network compliance, generating audit reports on demand, validating firewall rules, and providing Level 1 support automation. They also offer advanced capabilities, including inventory insights that instantly access complete network data (devices, OS versions, hardware SKUs, ASICs, MAC addresses, and transceivers), as well as correlation and prediction for capacity and performance planning.

AI Agents: Security Concerns

As models evolve, concerns about accuracy and reliability decrease over time; meanwhile, security and compliance concerns increase. This is connected to widespread media coverage regarding model jailbreaking, prompt injection, and model poisoning.

AI agents can cause issues, provide incorrect instructions, or apply non-optimal configurations.

Possible AI agent errors can be connected with the following:

  • Incorrect agent thoughts based on information/errors received from services through REST APIs/WebSockets/CLI.
  • Hallucination.
  • Choosing the wrong tool.

Utilizing related AI security tools, guardrails, and selecting the appropriate models can help mitigate risks.

At the same time, AI agents can provide intelligent automated defense. Sometimes security specialists need an assistant to help react to incidents or gather and apply related policies and updates. Security engineers often lack sufficient time to review alerts, collect data from various sources, consider specific and historical context, and take appropriate action.

Want more AI content? Check out Cisco DevNet AI Hub: https://developer.cisco.com/site/ai/

No fiber? No problem! 3 Use Cases Wireless Backhaul Solves Easily The origins, impact and future of AI Agents: A conversation with David White
I’d like Alerts: