How SASE uses AI
SASE, or secure internet service edge, is a rapid expansion cloud-based system that provides networking and security. Business spending on SASE is projected to increase from around $5 billion in 2021 to nearly $7 billion this year, according to Gartner predictions. Furthermore, according to Gartner, by 2025, more than 50% of organisations would have adopted SASE, up from less than 5% in 2020.
SD-WAN, firewall-as-a-service (FWaaS), secure web gateway (SWG), cloud access security broker (CASB), and zero trust network access are the five main components of the SASE stack (ZTNA).
Scaling back on false positive notifications
The Institute of Southern Nevada was obliged by the epidemic to support more than 40,000 people. Furthermore, educators and personnel from distant areas had to assist them. Many firms have selected SASE since it enables easy deployment and scaling.
As the university’s chief experience officer, Mugunth Vaithylingam. He believes that enhanced security was a welcome addition, particularly the AI’s ability to reduce false-positive warnings.
Vaithylingam demonstrates that misleading alerts, which used to overwhelm us, are removed by AI at Open Systems (our SASE provider). “Now, my network system and security staff can focus on their responsibilities with a great deal more efficiently, rather than being overloaded and occasionally immobilised by all these alarms.
Network analysis and repair
Organizations are advancing toward autonomous networks that use AI and machine Learning to make choices. A SASE configuration might employ automated network traffic analysis, for instance.
AI-powered SD-WAN can detect traffic peaks to prevent performance problems. According to Gartner Skorupa, it can signal that a business needs to order more capacity for a specific node or branch or adjust its traffic steering policy. They might redirect traffic from that link, allowing them access to greater bandwidth.
Preventing future problem
Predictive maintenance is another application of AI, according to Skorupa. According to him, a branch is using predictive analytics to analyse an SD-WAN device. It demonstrates that the optical transmitter has been showing behaviours that suggest a failure is imminent. Yes, please allow computer algorithm to get in touch with the equipment support team to arrange for a specialist to come out and fix the problem.
The AI function of preventive analytics has gained a lot of momentum. It is the most prominent application of AI in manufacturing, according to McKinsey’s 2021 State of AI study, which has been issued in December. In a report issued by Persistence Market Research, it was claimed that machine learning, predictive analytics, and AI are driving the rise of system performance monitor.
Analytics of user and entity behaviour
Suppliers of SASE have far greater access to data. This gives them a beginning for how users should interact with each other in a network. Additionally, it can aid in authenticating users and spotting questionable behaviour.
From a network perspective, there is a necessity for ensuring the identity of the entities connecting to it, according to Trent Fierro, senior sales manager for cloud and AIOps marketing at Aruba (a Hewlett Packard Enterprise).
According to Fierro, AI models can swiftly identify the kind and location of endpoints that are linked to a specific network. Furthermore, they may profile each user who connects to the internet and give security experts a complete picture of the network. Aruba is home to telemetry systems from more than 120,000 sites and 120 million clients. It also has nearly 2 million infrastructure equipment from which it can train its models.
Anomaly detector is a type or machine-learning algorithm that detects activity not in line with the norm. It’s one the most common uses of AI in cybersecurity. It can be extremely useful when used against large cybersecurity- and networking data sets by SASE vendors.
Aaron Sant Miller (data scientist, Booz Allen Harris) says AI can be incredibly valuable in detecting behaviors that aren’t intrinsically good or bad. He states that once the results have been provided to analysts, they can look at the information and decide whether there has been a malicious threat.
But, not all anomalous behavior can be easily classified.
Sant-Miller says that anomaly detection systems are often unable to detect abnormal behavior because most of these behaviors are benign and not inherently malign. This can lead to false positive rates for analysts and fuel distrust in AI.
He also said that the behavior of a network is determined by its configuration. For example, an AI capability built for one network’s data can be used on another network to produce false alarms.
The real AI benefits are yet to come
Ron Howell, Capgemini Americas’ managing architect and engineer for SD-WAN/SASE, believes that the real value of AI in SASE applications will be realized later when vendors can offer full-stack visibility of their systems.
He says that AI within SASE is dependent on how the SASE solution is chosen and used. “Proactive visibility” is the key.
He says that companies need to be observable in all aspects of the network, security and applications stack. A few SASE vendors have begun to add AI capabilities to AIOps, measurement. Many of the SASE solutions, however, are not ready to support AI or full-stack observability.
He says that AI is still in its infancy in nearly every SASE solution. He says that the long-term potential of an end-to-end proactive secure network as a service is what he believes.
However, the AI-powered decision making is still a difficult task for enterprises. He says that enterprises cannot afford downtime when things go wrong. “AI is valuable but we still need engineers who can make solid decisions.”
To comment on top-of-mind topics, join the Network World Facebook and LinkedIn communities