Cisco just made enterprise IT infrastructure agent-manageable. Cloud Control — launched June 2 at Cisco Live — puts networking, security, compute, and observability under a unified interface that humans and AI agents share from the same workspace. The headline feature for developers: native Model Context Protocol support, which means your agents can talk to Cisco’s enterprise estate the same way they talk to any other MCP-compatible tool. Global availability lands in July. If you manage infrastructure at scale, this is worth 10 minutes of your attention.
What Cisco Actually Shipped #
Cloud Control enters Controlled Availability in the US as a single pane of glass across Cisco’s portfolio — networking, security, compute, observability, and collaboration — without replacing the underlying product consoles. Meraki still runs Meraki. Intersight still manages UCS. Cloud Control adds a unified data layer, shared context, and a common action surface on top. The data is already there; Cisco is just making it jointly accessible to humans and agents for the first time.
The platform is included with eligible Essential and Advantage tier subscriptions — no separate purchase, no new budget cycle. If your enterprise is already on Cisco’s subscription stack, you can request Controlled Availability access now.
AI Canvas: Where the Actual Work Happens #
The centerpiece capability is AI Canvas — a multiplayer workspace where operators and AI agents investigate incidents together in real time. Drop in a prompt, and Canvas dispatches specialized sub-agents across domains in parallel: one on network topology, one on compliance, one on security posture. They correlate findings, surface a unified picture, and propose next steps. Multiple operators can join the same session. Context — decisions, evidence, approved actions — persists across shift changes and escalations.
Cisco’s own scenario illustrates the value clearly: an overnight compliance agent scans a fleet of switches, flags firmware exposed to a critical vulnerability, prepares a remediation runbook, validates the plan against live topology, checks policy boundaries, and queues the action for human approval. The morning operator opens Canvas, reviews the work, approves. The agent executes. The site returns to green. No console-hopping, no manual correlation, no 3am page requiring a human to do detective work from scratch.
That pattern — agent does the discovery, human provides the sign-off, agent executes — is the practical definition of AgenticOps. Not autonomous for its own sake, but fast enough to match the threat landscape.
MCP as Enterprise Infrastructure: The Developer Angle #
The more interesting development for developers is what Agent Builder does with the Model Context Protocol. The capability, shipping as part of Cloud Control Studio in late 2026, lets you build custom agents that connect to 50+ third-party platforms — AWS, Google, Microsoft, ServiceNow, PagerDuty, Wiz, Slack, and more — via native connectors or MCP. For any tool with an API that lacks a native connector, you can write your own MCP server.
The security layer is significant: Cisco AI Defense scans every third-party MCP server for vulnerabilities before it ever reaches builders. The scanner uses YARA rules for fast pattern detection, LLM-powered semantic analysis to catch mismatches between a tool’s documented behavior and its actual code, and Cisco’s proprietary threat intelligence. They’ve also published the MCP Scanner as open source — meaning the same supply chain auditing capability is available to any team evaluating MCP servers, not just Cisco customers.
This is what MCP adoption at enterprise scale actually requires. The protocol is sound; the risk surface is third-party server quality. Cisco is the first major vendor to ship a scanner specifically targeting that gap, and open-sourcing it raises the baseline for the entire ecosystem.
The Quantum-Safe Roadmap #
Cloud Control also surfaces Cisco’s commitment to quantum-safe communications across the majority of its core portfolio by December 2026. Quantum Ready Assessments via Cisco IQ — globally available in July — identify which assets are most exposed to harvest-now-decrypt-later attacks and prescribe a remediation sequence. For enterprises handling sensitive long-lived data, this is the first concrete implementation roadmap from a major networking vendor on post-quantum readiness.
The Honest Assessment #
A few things to be clear-eyed about. The “human-in-the-loop” model Cisco leads with is table stakes, not a differentiator — every enterprise agentic platform ships this because fully autonomous agents acting on production infrastructure isn’t commercially viable yet. The real test will be whether approval workflows are fast enough to close the response gap. An agent that identifies a critical vulnerability at 3am and waits six hours for a sign-off hasn’t solved the speed problem; it’s just distributed the alert.
The naming is also a miss. “Cisco Cloud Control” sounds like a 2019 dashboard product. The platform’s actual scope — cross-domain agentic orchestration, MCP integration, multiplayer investigation, quantum-safe infrastructure, open-source security tooling — warrants something sharper. Cisco’s engineering team built something ambitious; the brand doesn’t reflect it.
That said, Futuriom calls this the moment agentic operations got enterprise validation — and that’s right. When Cisco commits to something, the 80% of enterprise IT running on Cisco infrastructure has to pay attention. The question is whether the approval workflows keep pace with the threats they’re designed to address.
What to Do Now #
If you’re on Cisco subscriptions at Essential or Advantage tier, request Controlled Availability access at cloud.cisco.com. Evaluate the AI Canvas workflow against your highest-frequency incident patterns — firmware compliance and vulnerability remediation are the two scenarios Cisco has documented best. For teams already building MCP-based agent workflows, the Agent Builder roadmap is worth tracking closely as the late-2026 Cloud Control Studio release will determine how well the custom agent layer performs in practice.