The complexity of communications networks has undoubtedly been increasing in recent years, and it’s a trend that shows no signs of changing any time soon. We see this with the increased use of public and private clouds, hybrid clouds, and multiclouds, as well as the exponential rise in new applications and IoT devices, not to mention the huge (mixed) networks formed by private and public networks, BYOD, and so forth. At the same time, pressure on IT personnel to keep the network up and running and fault free, ready to support new applications, and offering the best possible user experience will continue to grow, as the digital transformation turns the network into the backbone of business.
SD-WAN networks were born to facilitate the work of IT personnel and adapt the network to meet these requirements. They abstract, automate, and facilitate a large part of the network management tasks that usually constitute a major drain on IT resources.
But while it’s true that SD-WAN is a great help for network administrators and improving the user experience, SD-WAN still entails a lot of risks and difficulties due to changing application and security challenges. For example, according to some studies 30% of IT staff spend at least one day a week troubleshooting, while 90% of the time it takes to resolve a problem is spent identifying the root cause.
Artificial Intelligence – AI
Luckily, we have another solution to improve this situation: Artificial Intelligence – AI. A well-trained AI allows for instant conclusions, so that, for example, users/ports can be blocked when a security threat is detected, or the SD-WAN configuration can be adjusted in the event of an issue with user experience (cognitive-SDWAN). This is not a new concept; as early as 2019, Gartner introduced the CARTA (Continuous Adaptive Risk and Trust Assessment) environment where security systems can adjust themselves based on network information. This same philosophy is now being applied to SD-WAN networks. The term XDR (Extended Detection and Response), a forerunner of CARTA, was coined by Palo Alto Networks in 2018 to define a security environment capable of learning from predefined rules that are executed based on knowledge gained from network visibility (both traffic and infrastructure).
The application of XDR to AI to solve the kinds of problems and attacks that plague IT staff daily means a huge reduction in incident resolution time and therefore a better user experience. It also frees up IT to focus on more high value tasks that improve the network – and consequently business.
Improve the network. Improve business.
Three things are required for this:
- Feed the AI with as much network data (traffic and infrastructure) as possible for it to gain the maximum amount of knowledge.
- Train the AI properly to acquire useful information based on network usage patterns.
- SD-WAN system (including security) with sufficient automation capabilities to react to decisions taken by the AI/XDR system.
Obviously, this can cause reluctance initially given that no Artificial Intelligence system (not even the most advanced and best trained) is completely foolproof. Therefore, a phase was envisaged (at least initially) whereby the AI systems detect potentially problematic situations and suggest actions for IT operators, who would be ultimately responsible for acting on the network.
SD-WAN fits XDR/AI
At Teldat, we apply XDR and AI-based self-healing techniques in our security solutions and SD-WAN. For this we rely on tools that integrate perfectly with both, on the one hand feeding the XDR and AI systems from both the Network Traffic Analysis systems (be.Analyzer) and the security tools (be.Safe) and from the SD-WAN Controller (be.SDWAN). On the other hand, both the security (be.Safe) and SDWAN (be.SDWAN) elements have complete API-based systems to react to actions generated by XDR and AI, either by adding dynamic security rules or by modifying the SD-WAN configuration. Specifically, the Teldat SD-WAN solution is based on a centralized, hierarchical data model, which fits perfectly with the XDR/AI architecture, since unlike other SD-WAN solutions, global network changes can be made through a simple API action.