For every organization, the requirements for network security and access are constantly evolving. The recent pandemic served to accelerate many of those requirements. Additionally, external threats evolve and multiply as well. An automatic system that offers policy-centric insights, anomaly identification, potential courses of action, and remediation recommendations is a key to enable the fast, agile, and accurate policy adjustments that are required to address the above-described security requirements at an increasing pace. Techniques are presented herein that solve the aforementioned problem by applying distributed behavioral anomaly detection that feeds into a centralized policy distribution system to provide a policy self-correction mechanism. Aspects of the presented techniques look into all of the policy and configuration components, such as objects, rules, routing, and more. Further aspects of the presented techniques leverage machine learning (ML) capabilities.

Creative Commons License

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.