Cato adds AI-driven XDR to SASE to reduce network outages

Cato Networks announced the availability of AI-powered tools that aim to more quickly identify outages and conduct root-cause analysis as part of its extended detection and response (XDR) and cloud-based secure access service edge (SASE) solution.

Network Stories for Cato XDR, which is part of the Cato SASE Cloud platform, uses AI algorithms that are trained to analyze network signals and detect threats and security anomalies. The AI-powered tools evaluate the alerts to identify the root cause behind network blackouts, downed links, BGP session disconnects, and SLA-related incidents. Cato AI prioritizes network incidents to help IT teams focus their efforts on the most critical incidents first, reducing the impact of potential security threats. Using generative AI, Network Stories can summarize the analysis of network events and incidents into human-relatable explanations.

“With our converged security and networking platform, we leverage advances in one domain, in this case security, to help another domain – networking,” said Shlomo Kramer, CEO and co-founder of Cato Networks, in a statement. “Our security-trained AI has been expanded to help NOC [Network Operations Center] teams become smarter, faster, and more proactive than ever.”

According to Uptime Institute’s latest outages analysis, network and connectivity issues accounted for 31% of IT outages and 53% of third-party IT provider outages last year. By identifying the true source of incidents, network teams can more quickly fix the problems and mitigate security risks with Cato Network Playbooks, a set of workflows that include step-by-step instructions on how to resolve specific issues. For instance, examples of a Network Playbook include “Socket Link Down” and “BGP Session is Disconnected.”

Internally, Cato Support’s team used Network Stories and found that the process of last-mile packet loss identification “became nearly instantaneous” rather than it taking several days to report an outage, according to Cato. “The average root-cause analysis time dropped by 30% to under 35 minutes.”

Cato SASE Cloud runs on a private global backbone of more than 75 points of presence (PoPs) connected via multiple SLA-backed network providers. The PoPs software continuously monitors the providers for latency, packet loss, and jitter to determine in real-time the best route for every packet. Cato applies optimization and acceleration to all traffic going through the backbone to enhance application performance and the user experience. To ensure all locations benefit, Cato optimizes traffic from all the edges and toward all destinations—on premises and in the cloud.

The additional capabilities in Cato’s platform align with the growing trend of network and security teams tasked to collaborate more closely to improve performance and reduce security risk. The company conducted research that shows more companies are converging their network and security efforts. According to a Cato survey of 1,694 IT leaders worldwide, 44% of respondents said networking and security teams “must work together,” another 30% said they “must have shared processes,” and 8% reported that they were working to create one networking and security group.

Industry watchers have also recorded the trend in research. Enterprise Management Associates (EMA) surveyed 304 IT professionals in October 2023 and found that 86% of enterprises are seeing increased collaboration between their network and security teams, while 49% of those surveyed have either fully or partially converged networking and security groups into one group.

“We also saw in the research that successful partnerships drive reduced security risk, operational efficiency, and fast resolutions of problems both on the networking side and the security side, which are all good arguments for doing this systematically, carefully, and effectively,” said Shamus McGillicuddy, vice president of research at EMA, in an EMA webinar sharing the research.