Palo Alto Networks Adds AI to Automate SASE Admin Operations
Whether one pronounces SASE as “sassy” or “sayce,” a secure access service edge is IT that is fast becoming central to enterprise systems as increasing amounts of data come into them from a multiplicity of channels. SASE is used to distribute wide-area network and security controls as a cloud service directly to the source of connection at the edge of the network rather than to a data center.
As its contribution to managing this tangle of virtual wires, Palo Alto Networks this week revealed new capabilities to update its Prisma SASE platform by — you guessed it — adding AIOps to automate these operations and make them more efficient. The company describes this as the industry’s first “natively integrated Artificial Intelligence for IT Operations” for SASE, because it brings together what normally are best-of-breed components (SDN, zero trust security, software-defined secure web gateway) into the same centralized package.
The new features enable organizations to automate their increasingly complex IT and network operations center (NOC) functions, Palo Alto Networks VP of SASE Marketing Matt De Vincentes told The New Stack.
“You can mix and match these components from multiple different vendors, and you get a potential stack when you have these capabilities kind of integrated together,” De Vincentes said. “But increasingly, we’re seeing a movement toward what we call single-vendor SASE, which is all of these capabilities brought together by a single thing that you can simplify. That’s exactly what we’re doing.
“So all of the capabilities that a customer would need to build out this SASE deployment they can get through a single (SaaS) service. Then on top of that, with one vendor you can bring all the data together into one single data lake — and do some interesting AI on top of that.”
Palo Alto Networks calls this Autonomous Digital Experience Management (ADEM), which also provides users end-to-end observability across their network, De Vincentes said. Since ADEM is integrated within Prisma SASE, it does not require additional appliances or agents to be deployed, De Vincentes said.
Capabilities that AIOps for ADEM provides are, according to De Vincentes:
- proactively remediates issues that can cause service interruption through AI-based problem detection and predictive analytics;
- isolates issues faster (reduced mean time to repair) through an easy-to-use query interface; and
- discovers network anomalies from a single dashboard.
PA Networks also announced three new SD-WAN (software-defined wide-area network) features for users to secure IoT devices, automate branch management, and manage their SD-WAN via on-premises controllers. Capabilities, according to the company, include:
- Prisma SD-WAN Command Center provides AI-powered and segment-wise insights and always-on monitoring for network and apps for proactive problem resolution at the branch level.
- Prisma SD-WAN with integrated IoT security enables existing Prisma SD-WAN appliances to help secure IoT devices. This enables accurate detection and identification of branch IoT devices.
- On-Prem Controller for Prisma SD-WAN helps meet customer regulatory and compliance requirements and works with on-prem and cloud controller deployments.
Users can now elect to deploy Prisma SD-WAN using the cloud-management console, on-prem controllers, or both in a hybrid scenario, the company said.
All new capabilities will be available by May 2023, except the Prisma SD-WAN Command Center, which will be available by July, the company said.