CISCO
Threat Defense for Cloud Networks
As Lead Product Designer, I guided Cisco's transition from appliance-based firewalls to cloud-native security, creating a unified threat prevention experience that served both small-to-medium businesses and enterprise customers. Through research-driven design and systematic iterations, I delivered a layered architecture that achieved 65% adoption across target segments while establishing a scalable foundation for Cisco's security portfolio.
Goals
Create an intuitive security experience that serves both resource-constrained SMBs and sophisticated enterprise teams
Build user confidence in cloud-based firewall infrastructure to enable seamless adoption and trust for future scalability
Establish reusable design patterns and component systems that can extend across Cisco's cloud security product family
Role
Lead Product Designer
Scope
UX Strategy, User Research, Interaction Design, Information Architecture, Design Systems, Cross-functional Leadership
Collaborators
Product, Research, Customer Success, and Engineering
Timeline
Q3 2021 - Q1 2022
BACKGROUND
The Shift to Cloud Security
As businesses rapidly moved to cloud-first and hybrid work models, Cisco recognized that traditional appliance-based firewalls were becoming obsolete. The market demanded scalable, cloud-native security solutions that could serve the growing SMB segment while maintaining enterprise-grade capabilities.
Business Need
Modernize cyber threat management to reduce customer complexity while capturing growing cloud security market share and maintaining competitive leadership.
User Need
IT teams needed to escape the operational burden and inflexibility of hardware-based firewalls that required constant manual maintenance and couldn't adapt to modern business demands.
PROBLEM
The challenge
Legacy firewall systems force organizations into rigid configurations that either overwhelm less technical teams or restrict advanced users, creating a fundamental mismatch between security tool design and real-world IT capabilities. This drives poor adoption, misconfiguration risks, and ultimately weaker security outcomes.
RESEARCH
Approach & Key Insights
I led a dual-track discovery and validation process to understand the divergent needs of SMB and enterprise users, shaping both UX strategy and product architecture. User research surfaced key nuances:
Confidence drives adoption
Fear of misconfiguration outweighs desire for features
Control requires transparency
Advanced users need explainable decisions to build trust.
Preview builds trust
Simulation mode was universally desired security decisions before enforcement.
Design Principles
Based on research insights and cross-functional alignment with PM and Engineering, I established three core principles to guide all design decisions:
Complexity should match user capability
Interfaces should adapt to user expertise rather than forcing all users through the same workflows.
Trust is earned through transparency
Users need to understand how and why security decisions are made before they'll adopt and rely on the system.
Confidence comes from comprehension
Users should understand system behavior and consequences before making any irreversible decisions.
DESIGN CHALLENGE
How might we
Design a cloud-native Intrusion Prevention System (IPS) experience that empowers both resource-constrained SMB teams and sophisticated enterprise specialists without compromising security effectiveness for either group?
IDEATION
Workflow Mapping
I mapped the security configuration journey for both personas, identifying critical decision points where SMBs needed simplicity and enterprises needed control.
Strategy
Rather than designing separate experiences for the two user groups, I developed a three-tier system that scales complexity based on user actions.
Trust Layer
Global recommendations and one-click deployment
Learning Layer
Simulation mode and explainable decisions
Control Layer
Granular customization and advanced features
Feature Design
I designed three core features that work together to serve both user groups within a unified experience.
Smart Defaults
Pre-configured security rules based on industry best practices that eliminate SMBs' fear of misconfiguration. SMB teams can deploy with confidence knowing they're immediately protected, while enterprise users can treat these as starting points for further customization based on organizational needs.
Simulation Mode
Safe preview environment where users can test security configurations and see potential impacts before enabling live enforcement. This addresses the universal "what if I break something?" anxiety by making security decisions reversible and understandable for both novice and expert users.
Progressive Customization
Layered interface that adapts to user expertise and security requirements. Enterprise users can access granular rule customization, policy exceptions, and advanced controls that align with their organizational security posture, while keeping these options hidden from SMB users who prefer simpler workflows.
USER TESTING
User Validation
I tested the core concepts with both SMB and enterprise users, which confirmed our layered approach was working and helped fine-tune interface details before launch.
Key Validations
• Simulation mode addressed the trust barrier across both user groups
• Smart defaults gave SMBs the confidence to deploy quickly
• Enterprise users appreciated having advanced options available without being forced into complexity
Key Challenge Identified
Users found the experience fragmented across configuration, customization, and reporting workflows. Future improvements could focus on designing stronger navigational bridges and workflow transitions to create better cross-section continuity.
FINAL DESIGN
The MVP
The MVP delivers a core security management flow that serves both user types within a single interface, eliminating the traditional trade-off between simplicity and control in security tools. By building confidence through safe experimentation and smart defaults, the design enables faster adoption while maintaining the advanced capabilities that security professionals require.
IMPACT
The Results
The cloud-native IPS launched successfully with strong adoption across both target segments, validating the unified design approach and establishing new patterns for Cisco's security portfolio.
65%
adoption rate within first release cycle
60%
of enterprise users actively customized detection rules
12%
revenue contribution to Cisco Security within 6 months
68%
of enterprise users used simulation before deployment
LEARNINGS
What I learned
Design systems can flex for user value
Creating new interaction models for dual audiences meant extending beyond established components.
Strong partnerships unlock better solutions
Taking time to understand constraints and build trust with collaborators resulted in more innovative product decisions.
Workflow continuity needs intentional design
Users experienced fragmentation across product areas; future iterations could implement seamless transitions.
Enterprise adoption happens progressively
Users build confidence through exploration rather than upfront complexity choices.