3 days ago
How AI is driving the convergence of networking and security
AI is rewriting the rules around networking and security. Data-intensive AI workloads are placing significant demands on network infrastructure. At the same time, AI is becoming both a weapon for threat actors and a potential target for attacks. New approaches and new solutions are needed if enterprises are to prosper in the AI era.
The impact of AI cannot be overestimated. It is acting like a new kind of gravity, pulling together the previously distinct worlds of networking and security, while reshaping traffic flows across every network layer. We have become accustomed to the changes that AI is bringing about within the data center, and the overheads it is placing on data center infrastructure. But it is now apparent that its influence is being felt much more widely, reshaping requirements across the entire ICT landscape, from the WAN down to the campus.
AI is turning security on its head, believes Mauricio Sanchez, Senior Director of Enterprise Security and Networking Research with independent analyst firm Dell'Oro Group: "AI has been transforming the hacker community, enabling even mediocre players to become super hackers," he believes. "The positive aspects of AI are being turned on their head and used for evil."
Add in the perennial demand of enterprises for five nines of uptime, and a cogent argument is emerging for a convergence of networking and security: "Network operations and security operations can simply no longer exist in parallel silos," notes Sanchez.
Enterprises are all at different stages on this journey, working out how to unite AI with converged networking and security at their own pace. Some are simply applying AI to legacy network and security operations. "They are finding, as they try to move on from this point, that they are getting into what I would call AI-strained infrastructure," says Sanchez. "This is where administrators are sweating bullets, not really empowered or able to react appropriately."
Some progressive companies are in a better place than this when it comes to embracing AI and bringing it to bear on both networking and security, according to Dell'Oro's findings, moving towards what Sanchez describes as the AI augmented-network stage. "Beyond that is a level where both infrastructural change and operational change lead to an AI-empowered network that is being run cleanly and efficiently, able to use AI and serve AI applications well," he concludes. "That is the objective over the next five years for many enterprises."
New challenges, new solutions
To further explore these themes, Sanchez was invited by Unified SASE as a Service provider Aryaka to join a 'fireside chat'. Along with Sanchez was Renuka Nadkarni, Chief Product Officer, Aryaka and Kevin Deierling SVP Marketing, Networking, NVIDIA.
All three agree that AI is changing cybersecurity in many different ways. "AI is using a ton of data, and that creates some opacity," observes NVIDIA's Deierling. "It's hard to see what's happening when AIs are talking to other Ais, and that creates new challenges."
Agility and flexibility are essential responses: "The amount of data that's being created by AI is massive, and the networking performance needed is incredible," he says. "We're shipping 400 gigabit per second networks today, moving to 800 gigabits per second, with 1.6 terabits right around the corner. You can't just statically create a set of rules and hope for the best. It's about being dynamic and responsive in the face of all these new challenges."
Nadkarni of Aryaka believes it all comes down to an age old problem, that of reconciling performance with security: "Back in the day, you had separate networking and security teams making separate decisions," she points out. "The security people were often getting in the way of the business, with frequent conflict between the two. Now our customers are migrating heavily towards a converged networking and security play. And it's not easy, because the whole industry has been divided into networking vendors and security vendors. The whole unified SASE as a service that we are trying to bring to the table was architected from the start to bring things together."
An added challenge, according to Nadkarni, is that AI introduces a certain amount of undeterministic behaviour, both on the networking and the security side: "Customer network architecture and network design used to be about a point to point link," she says. "It was deterministic, because people would typically buy from service providers in increments of 10 Mbps or 100 Mbps, defined as between offices and data centers. But now users are everywhere. Applications are hosted in public clouds, accessed via SaaS. We're seeing a lot of AI applications coming in as SaaS. Traffic patterns have changed drastically, but the need for security is something that hasn't changed."
AI has certainly spelled the end for the static workloads of yesterday where it was easy for networking and security managers to keep tabs on what is happening. In an era of agentic AI workflows, where AIs are talking to Ais, and then interacting with humans, the pace has picked up and complexity can be overwhelming, often at the expense of security.
Deierling says that to assist here, NVIDIA has developed a platform called Morpheus that characterizes behaviours: "It characterizes devices as well as people, and we developed a digital fingerprint using AI to do that," he explains. "We stream the data in real time to these powerful AI engines that can detect anomalous behaviours. If suddenly a human being is firing passwords at the speed of a computer, we can detect that in real time and actually isolate that traffic. We accelerate things with our networking hardware, and we stream telemetry data so we can perform AI very quickly. And then we provide those solutions to partners to build something that customers can use."
Nadkarni says Morpheus works well with Aryaka's platform: "In most security implementations, you take a subset of your traffic and share it with a security vendor," she says. "But if you already knew what traffic needed to be processed you wouldn't need to do that. Because of Morpheus, we have the ability to process all traffic through our system, and we don't have to make choices."
She invites a comparison between the fast-evolving AI we see today and the recent emergence of DevSecOps: "It touches so many aspects of a customer's activities. Many of our customers are telling us they are creating an AI adoption team. We advise them to break down the problem into smaller pieces. Identify all the stakeholders who are accountable for it. For example, who owns the data? Security of data is really important when it comes to AI."
AI is here, it's massive and it's going to transform every industry, concludes Deierling: "Every enterprise should focus on their core expertise, and use AI to accelerate that," he advises. "AI is fast, and it uses huge amounts of data. It's a different type of challenge than what we've seen, but I agree with Renuka that it's an evolution of DevSecOps. Call it AISecOps. You need to protect models, you need to protect data, you need to protect users."
Nadkarni believes we are in 'very exciting times': "We've already seen adoption of cloud, and of different SaaS applications," she says. "AI will have a bigger impact than that. But as Kevin was saying, enterprises should focus on the most important things for their business and then leverage the latest AI technologies that are available, as well as make sure that their network is modernized. It's the industry's job to focus on providing the best technology, offering the best solutions, making it easier to adopt AI and go through the changes that are coming. It's a privilege to be around at this time, seeing all the benefits of this new technology as they unfold."
Sanchez from Dell'Oro Group concludes with the advice that all enterprises go back to basics, focussing on things like visibility: "In order to do that, they need to have the right infrastructure in place, the right foundational elements, because you can't build a strong house on weak foundations," he claims. "Don't try to figure this out for yourself. There are smart people, from companies like NVIDIA and Aryaka, that can help on this journey to make sure that that you don't stumble."
