NetOne Systems teams up with Augtera for ONUG NetSecOps POC

NetOne Systems is participating in the ONUG fall 2021 proof of concept session tomorrow. We are showcasing a practical illustration of how machine learning can enhance NetSecOps workflows to better protect cloud infrastructure. For this proof of concept we have integrated Cloudflare, Augtera Network AI and NetOne Cloud Controller. 

As more users and applications shift from controlled to uncontrolled facilities, enterprises today are looking for better ways to create predictable performance and security. This requires early detection of both network misbehavior and security incidents as well as auto-remediation of such incidents.

Early detection requires the continuous real-time monitoring of network and security events and metrics. The challenge with existing monitoring systems stems from two problems:

  • First, processing and interpreting the myriad of ingested telemetry sources and types, especially as the scale of the network and security infrastructure dramatically increases
  • Second, establishing a relevant rule or threshold for alerts to minimize false positives and yet detect actual operational issues. This is not feasible particularly as distributions and patterns vary across metrics and across the infrastructure.

When NetOne sought to demonstrate a practical example of NetSecOps for the ONUG fall 2021 we needed a flexible and scalable AI platform that would learn from patterns and be able to autonomously detect security events from Cloudfare’s security logs. We chose Augtera Network AI’s anomaly detection capabilities and integrated Cloudflare security logs with Augtera to solve this challenge.

We wrote an adapter to convert Cloudflare logs into syslog and ingested the resulting real-time syslog data into Augtera. Augtera machine learning is used to learn from Cloudfare security logs in real time. We will be demonstrating a scenario where a user’s credentials are compromised, resulting in unusual patterns in Cloudflare logs. We will show how Augtera detects this anomaly in real-time and how Augtera notification service sends a syslog message to the NetOne Cloud Controller. We will further demonstrate how NetOne auto-remediation software revokes the user credentials to fix the problem.  

To participate in the NetOne ONUG proof of concept presentation click here.