At its core, a firewall is a defend that protects your community from malicious site visitors. Sounds easy, however those that work with firewalls each day know the truth: A median firewall has 1000’s of guidelines governing how site visitors needs to be dealt with, lots of which can be outdated, redundant, or contradictory. In actual fact, a Cybersecurity Insiders report revealed that 58% of organizations have greater than 1,000 firewall guidelines, however we all know of consumers with extremely advanced environments the place their firewall guidelines quantity within the tens of millions. Not solely is that this a complexity concern, however a safety threat. Gartner asserted that misconfigurations would trigger 99% of all firewall breaches by way of 2023.
It’s no shock, then, that after we spoke to our prospects, there have been a couple of challenges we heard time and again: (1) Checking configuration particulars is tough, (2) Troubleshooting is tough, (3) Optimizing the ruleset is tough. So, after we set to work on our AI Assistant for Firewall, these had been the three use instances we targeted on: help (coverage identification and reporting), increase (troubleshooting) and automate (coverage lifecycle administration).
Constructed inside Cisco’s cloud-delivered Firewall Administration Heart (cdFMC) and leveraging the newest massive language fashions (LLMs), we created a generative device designed to simplify firewall administration for each seasoned admins and novice customers. Using superior pure language processing (NLP) and machine studying (ML), it gives solutions in seconds reasonably than forcing an administrator to spend their time sorting dependencies, community maps, and documentation. A change ticket that may have taken two hours to shut previously, could be resolved in a fraction of the time — we’re speaking minutes — because of the context-based AI.
Under are a couple of examples of the Cisco AI Assistant for Safety in motion.
Help coverage identification and reporting
Think about this state of affairs: Somebody from the SecOps group reaches out to the firewall admin as a result of they’ve observed suspicious exercise. It seems some knowledge is being exfiltrated from SalesApp, representing a possible knowledge breach. Going ahead, SecOps desires all outbound site visitors to be blocked from this software.
To start out, the firewall admin desires to know what insurance policies are already in place for SalesApp. With the AI Assistant, the admin doesn’t need to kind by way of 1000’s of current guidelines manually, however as an alternative, they’ll ask the AI Assistant and get the reply in seconds.
Now that they’ve seen the prevailing insurance policies in place, they’ll ask the AI Assistant so as to add a rule blocking outbound site visitors. The AI Assistant recommends a rule, which could be authorized earlier than being applied.
Increase troubleshooting
Subsequent, let’s think about your firewall rule engine retains restarting for an unknown cause. The assistant can detect this concern and suggest decision steps – on this case, updating the Vulnerability Database (VDB). Not solely does this get rid of the necessity to search by way of documentation or create a assist ticket, however the Assistant is taking proactive actions.
Automate coverage lifecycle administration
Lastly, the coverage evaluation and optimization options constructed into the AI Assistant can discover duplicates and recommend a plan of action to assist with coverage hygiene. On common, our prospects discovered that 29.7% of their guidelines want adjustment. For one buyer, that equaled over 17,000 guidelines.
Assuming an admin may manually discover and resolve these points inside one hour at $56/hr, this group stands to avoid wasting $971,040 over handbook optimization efforts and eight.3 years of time.
Optimize by way of suggestions
To supply the very best quality expertise for purchasers, we’re additionally targeted on optimizing the AI Assistant by way of user-provided suggestions — serving to the AI Assistant be taught and enhance over time.
Extra AI improvements forward
The AI assistant is greater than only a comfort; it represents a paradigm shift in how we configure, handle, and guarantee efficacy for firewalls — the true spine of community safety.
Whereas that is the primary occasion of the AI Assistant for Safety, it received’t be the final. We’re injecting Generative AI and unifying telemetry throughout all Cisco Safety options to create a simpler expertise and safeguard our buyer’s enterprise.
The Cisco AI Assistant for Safety can be Typically Accessible (GA) for our Firewall prospects within the Spring of 2024 for free of charge through the cloud-delivered Firewall Administration Heart (FMC) and increasing to different administration instruments sooner or later. Be taught extra about how the AI Assistant for Safety works with our Firewall.
We’d love to listen to what you assume. Ask a Query, Remark Under, and Keep Related with Cisco Safety on social!
Cisco Safety Social Channels
Share:
