April 12, 2024 Update: We have completed the acquisition of Isovalent. Welcome to Cisco!


When you think about software networking, at its core, it has two basic functions: (1) send traffic from A to B as quickly and efficiently as possible, and (2) move traffic from A to B but NOT to X, Y, or Z. Software-Defined Networking (SDN) separates these two functions, allowing the hardware to perform the first task, while the second task of network policy enforcement is performed in software.

This simple concept becomes a lot trickier though in today’s environment of distributed applications, virtual machines, containers, and cloud assets. Applications may have little to no insight into the underlying infrastructure, leaving a gap in visibility and security. So, how does the security team ensure visibility and proper security controls while not hindering networking and application performance? How do you bring networking and security closer together so that you protect workloads no matter where they run?

That’s where eBPF comes in. It is an open source technology that allows sophisticated software programs to program the heart of the operating system – known as the kernel – without actually changing the heart of the operating system. This is incredibly powerful because it unlocks security, observability, and networking functionality at the kernel-level that was not possible before.

Today, Cisco is excited to announce our intent to acquire Isovalent, Inc., founded by creators of eBPF and the team
behind the creation of Cilium and Tetragon, the leading cloud native solutions leveraging eBPF technology.

Cisco became an investor in Isovalent as part of their Series A funding round in 2020. At the time, Cilium was already used for cloud native connectivity and the default in managed Kubernetes offerings for several major public cloud providers including Google Kubernetes Engine, Google Anthos, and Amazon EKS Anywhere.

Cilium gained high-adoption with hyperscalers and cloud providers because of its unparalleled visibility into the behavior and communication of cloud native applications and seamless ability to define the policy of a software-defined network. Since 2020, Isovalent has continued to innovate, recently introducing Cilium Mesh to allow for the easy connection of Kubernetes clusters with existing infrastructure across hybrid clouds, as well as Tetragon, their open source security application.

Tetragon provides security controls to protect workloads as they run by gathering detailed information about the application’s internal processes and how they behave on the network. This broad insight provides the highest form of protection for workloads running on any cloud. Tetragon also includes important compliance capability and integration with tools cloud providers and enterprises use to monitor and remediate security incidents.

What’s Next

As we look ahead, Cisco is focused on helping customers address these visibility and security challenges through the Cisco Security Cloud, an AI-driven, cloud-delivered, integrated security platform for organizations of any shape and size. A credible hybrid, multicloud network security capability is fundamental to easing operational complexity for our customers. The Cisco Security Cloud does this by making it easier to define and enforce policies from a single cloud-delivered console across both hybrid and multi-cloud environments.

Cisco is committed to Cilium and Tetragon as open source projects and intends to create an independent advisory board to help steer Cisco’s contributions to these important efforts in a way that is aligned with the needs of the open source community.  Together, Cisco and Isovalent will build on the power of Cilium and Tetragon to create multicloud security and networking capabilities that are truly unique, Cisco will continue offering and enhancing Isovalent Enterprise for Cilium to customers. Isovalent’s Cilium Mesh complements Cisco software-defined networking solutions and together would give customers seamless and secure networking from the branch office to the data center, to the public cloud, using one continuous mesh. Hardware acceleration of networking functions will ensure that the already performing eBPF platform will continue to lead the industry. By leveraging the threat intelligence of Cisco Talos and Cisco’s increasingly powerful security analytics capability, Cisco and Isovalent will together build leading-edge protection for any workload on any cloud.

Cisco and Isovalent are excited to drive the next generation of cloud networking and security innovation based on open source technology. We look forward to continuing to work with CNCF and other open source communities to provide our customers with the best possible technology and products.

We look forward to welcoming the Isovalent team once the acquisition closes and, together, defining the future of multicloud networking and security.



Tom Gillis

Senior Vice President and General Manager

Security Business Group