AI-driven Networking and Security Incident Detection and Response

Cato AI now detects and identifies root cause of networking incidents, reducing outages from hours to minutes.

  • 8 months ago Posted in

Cato Networks has added network incident detection and response tools to the Cato SASE Cloud platform. With Network Stories for Cato XDR, advanced AI algorithms instantly identify outages in customer networks and conduct root cause analysis. Network operations centre (NOC) and security operations centre (SOC) teams now have a common platform for improved collaboration and channel partners can quickly bring NOC-as-a-service (NOCaaS) offerings to market.

"With our converged security and networking platform, we leverage advances in one domain, in this case security, to help another domain -- networking," says Shlomo Kramer, CEO and co-founder of Cato Networks. "Our security-trained AI has now been expanded to help NOC teams become smarter, faster, and more proactive than ever. This is the value of a true SASE platform."

Element Solutions, Inc. (ESI), a leading specialty chemicals company, relies on Cato SASE Cloud to connect and secure 118 locations and cloud instances, and nearly 4,000 remote users with Cato’s NGFW, threat prevention (NGAM, SWG, and IPS), and application protection (CASB).

“We’re very excited about what we’re seeing in Cato’s Network Stories. It’ll save us the time normally spent hunting around other tools and that’s a big deal,” says Brandon Benchley, senior network engineer at ESI. The company’s three-person network team is responsible for all site designs, deployments, switches, and upgrades. “We handle all the network operations, engineering, and planning for locations and Azure. It’s a lot. Cato Network Stories should solve a key pain point for us.”

Cato Network Stories: Slashing Downtime for Enterprises Everywhere

Network outages continue to disrupt enterprise operations. Network and connectivity related accounted for nearly a third of IT outages and 53% of major outages caused by third-party IT providers*. Even with Cato and its managed private backbone, network outages and slowdowns can occur in the last-mile or customer networks.

Diagnosing network incidents requires NOC teams to sift through and correlate a flood of network alerts. Too often, outages begin as unreported line degradations or occur after hours, extending their impact on the organisation.

With Network Stories for Cato XDR, AI algorithms trained for threat detection now collect and analyse network signals and incidents to identify the root cause behind blackouts, downed links, BGP session disconnects, SLA issues, and other network incidents. Cato AI triages those incidents by criticality, empowering network operations teams to focus critical resources on an organisation's most important cases.

Once NOC teams act, Cato provides them with a complete set of incident response tools. Generative AI summarises Network Stories into human-readable explanations. Cato Playbooks enable NOC teams to understand what happened and how to remediate those incidents.

When Cato Support adopted Networks Stories last-mile packet loss identification became nearly instantaneous, instead of customers taking several days to report an outage. The average root cause analysis time dropped by 30% to under 35 minutes.

Cato: The First SASE-based Platform for SOC and NOC Teams

Cato enables tighter SOC-NOC collaboration, improving efficiency and service quality. In Cato's recent 2023 SASE Adoption Survey, 82% of respondents indicated that security and networking teams were consolidating or had a management directive to improve collaboration.

"In an environment where any part of the network might be a key component of the security infrastructure, and any anomalous event could require a comprehensive network AND security response, the convergence of the NOC and the SOC makes more sense than ever," writes John Burke, CTO of Nemertes, an industry consultancy.

With Cato, the root-cause analysis conducted in one area benefits the other. Collaboration is improved by sharing a common toolset, speaking a common language, and having a common reference point. With Cato RBAC+ rules, fine-grained access controls enable IT to determine what information and capabilities team members can view and change.

Ransom attacks in the cloud are a perennially popular topic of discussion in the cloud security...
Talent and training partner, mthree, which supports major global tech, banking, and business...
Cloud-native organisations to gain full understanding over every identity in the cloud, secured...
MSSPs identify regulatory compliance as additional factor as organisations seek to shift...
Orange Business (Norway), a global leader in digital services, has selected ARMO’s advanced...
Gigamon and Exclusive Networks have expanded their existing distribution partnership, broadening...
Trustwave and Cybereason have announced a definitive merger agreement offering a comprehensive and...
FortiDLP’s unified approach to data protection enables enterprise organizations to anticipate and...