greenbutterfly - stock.adobe.com

Cato claims first for AI-driven networking, security incident detection and response

Artificial intelligence option from Cato enhanced to detect and identify the root cause of networking incidents and to reduce outages from hours to minutes

Cato Networks has expanded its security-trained artificial intelligence (AI) platform to help network operations centres (NOCs) realise the value of a true secure access service edge (SASE) platform, with teams able to work smarter, faster and more proactive than ever with the addition of network incident detection and response tools.

Putting the launch into context, the SASE technology provider cited the Uptime Institute study Annual outages analysis 2023: the cause and impacts of IT and datacentre outages showing that network and connectivity-related incidents accounted for nearly a third of IT outages and 53% of major outages caused by third-party IT providers.

Moreover, Cato noted that even with its technology, and in particular its managed private backbone, network outages and slowdowns can occur in the last mile in customer networks. In added that diagnosing network incidents requires NOC teams to sift through and correlate a flood of network alerts. Too often, said Cato, outages begin as unreported line degradations or occur after hours, extending their impact on the organisation.

Cato believes the expansion of its SASE Cloud platform represents an industry-first AI-driven networking and security incident detection and response. With Network Stories for Cato extended detection and response (XDR), AI algorithms instantly identify outages in customer networks and conduct root cause analysis. The result is that NOC and security operations centre (SOC) teams “have a common platform for improved collaboration and channel partners can quickly bring NOC-as-a-service (NOCaaS) offerings to market”.

In its recent 2023 SASE adoption survey, the company found as many as 82% of respondents indicated that security and networking teams were consolidating or had a management directive to improve collaboration, while 82% of respondents indicated that security and networking teams were consolidating or had a management directive to improve collaboration.

With network stories for Cato XDR, AI algorithms trained for threat detection now collect and analyse network signals and incidents to identify the root cause behind blackouts, downed links, BGP session disconnects, SLA issues, and other network incidents. Cato said its AI “triages those incidents by criticality, empowering network operations teams to focus critical resources on an organisation’s most important cases”.

Once NOC teams act, Cato provides them with a set of incident response tools. Generative AI summarises network stories into human-readable explanations. Cato Playbooks enable NOC teams to understand what happened and how to remediate those incidents.

Cato said that when its support team adopted networks stories, last-mile packet loss identification became nearly instantaneous, instead of customers taking several days to report an outage. The average root cause analysis time is said to have dropped.

Root-cause analysis conducted in one area benefits the other. Collaboration is improved by sharing a common toolset, speaking a common language, and having a common reference point. With Cato RBAC+ rules, fine-grained access controls enable IT to determine what information and capabilities team members can view and change.

“In an environment where any part of the network might be a key component of the security infrastructure, and any anomalous event could require a comprehensive network and security response, the convergence of the NOC and the SOC makes more sense than ever,” said John Burke, CTO of industry consultancy Nemertes.

Cato Networks CEO and co-founder Shlomo Kramer added: “With our converged security and networking platform, we leverage advances in one domain, in this case security, to help another domain – networking.”

Read more about SASE

Read more on Software-defined networking (SDN)