At its core, a firewall is a shield that protects your network from malicious traffic.
But those who work with firewalls every day know the reality: An average firewall has thousands of rules governing how traffic should be handled, many of which may be outdated, redundant, or contradictory.
A Cybersecurity Insiders report revealed that 58% of organizations have more than 1,000 firewall rules, but we know of customers with highly complex environments where their firewall rules number in the millions.
When we got to work on our AI Assistant for Firewall, those were the three use cases we focused on: assist, augment and automate.
Built inside Cisco's cloud-delivered Firewall Management Center and leveraging the latest large language models, we created a generative tool designed to simplify firewall management for both seasoned admins and novice users.
A change ticket that might have taken two hours to close in the past, can be resolved in a fraction of the time - we're talking minutes - thanks to the context-based AI. Below are a few examples of the Cisco AI Assistant for Security in action.
Imagine this scenario: Someone from the SecOps team reaches out to the firewall admin because they've noticed suspicious activity.
To start, the firewall admin wants to understand what policies are already in place for SalesApp.
With the AI Assistant, the admin doesn't have to sort through thousands of existing rules manually, but instead, they can ask the AI Assistant and get the answer in seconds.
Now that they've seen the existing policies in place, they can ask the AI Assistant to add a rule blocking outbound traffic.
The AI Assistant recommends a rule, which can be approved before being implemented.
Next, let's imagine your firewall rule engine keeps restarting for an unknown reason.
The assistant can detect this issue and recommend resolution steps - in this case, updating the Vulnerability Database.
Not only does this eliminate the need to search through documentation or create a support ticket, but the Assistant is taking proactive actions.
Lastly, the policy analysis and optimization features built into the AI Assistant can find duplicates and suggest a course of action to help with policy hygiene.
To provide the best quality experience for customers, we are also focused on optimizing the AI Assistant through user-provided feedback - helping the AI Assistant learn and improve over time.
More AI innovations ahead. The AI assistant is more than just a convenience; it represents a paradigm shift in how we configure, manage, and ensure efficacy for firewalls - the true backbone of network security.
While this is the first instance of the AI Assistant for Security, it won't be the last.
The Cisco AI Assistant for Security will be Generally Available for our Firewall customers in the Spring of 2024 at no cost via the cloud-delivered Firewall Management Center and expanding to other management tools in the future.
Learn more about how the AI Assistant for Security works with our Firewall.
This Cyber News was published on feedpress.me. Publication date: Wed, 06 Dec 2023 00:13:05 +0000