Introducing FortiAIOPs 2.0
FortiAIOps (Fortinet’s Artificial Intelligence engine for Network Operations) has been a mainstay at Mobility Field Day since it was first introduced. This year, at Mobility Field Day 9 (#MFD9), Fortinet announced a newly architected version 2.0 that brings together the best of troubleshooting from their Wireless Management product together with the AI/ML-assisted insights already in FortiAIOps.
The goal is to deliver a single pain of glass (SpoG). The spelling of ‘‘Pain” was intentional and there seems to be a renewed interest across the industry to merge products, platforms, and dashboards into what is marketed as a SPoG or single pane of glass. Some vendors do a good job of this, while others simply add tabs with separate logins while calling all tabs within a single web browser a SPoG. Fortinet falls into the former category and does a good job of delivering a seamless SPoG.
It is unreasonable to expect everyone to be an expert; however, business continues to demand faster root cause analysis and issue resolution. To assist in this endeavour, the key features of FortiAiOps 2.0 include:
- Troubleshooting Tools: FortiAIOps 2.0 provides various tools to identify and resolve network issues quickly. These tools analyze network data, detect anomalies, and pinpoint potential problems, allowing network administrators to take corrective actions promptly.
- Network Insights: The solution offers valuable insights into network performance and security. It collects and analyzes data from different network devices and applications, providing a holistic view of the network environment. This information helps identify bottlenecks, security vulnerabilities, and other issues that may impact network performance.
- Automation: FortiAIOps 2.0 leverages artificial intelligence (AI) and machine learning (ML) technologies to automate network operations. It can automate repetitive tasks, such as network device configuration and troubleshooting, freeing up valuable time for network administrators to focus on more strategic activities.
- Predictive Analytics: The solution utilizes predictive analytics to anticipate and prevent potential network problems. FortiAIOps 2.0 can identify and alert administrators about potential issues before they impact network performance or security by analysing historical data and patterns.
- Integration and Collaboration: FortiAIOps 2.0 integrates with other Fortinet products and third-party tools, allowing for seamless collaboration and information sharing across different network management platforms. This integration streamlines workflows and enhances the overall network management experience.
Overall, FortiAiOps 2.0 aims to simplify network management, improve network performance, and enhance security by combining troubleshooting tools, network insights, automation, predictive analytics, and integration capabilities.
To match the needs of different-sized customer networks, flexible licenses are available to meet what customers want in three sizes: low, medium, and high. There is a lightweight cloud model for smaller customers. There is stackable licensing and enforcement based on extension devices (APs and switches) counted plus a gateway for SD-WAN.
During the #MFD9 presentation, Fortinet showcased the metrics and dashboards that could be displayed in the SPoG which was repeatedly referred to as Insights. Some examples of the insights available included:
- Clients up/down/connected state
- Firmware version
- License compliance add columns
- CPU/memory utilization
- Number of sessions
- Wireless retries and throughput
- Channel utilization
- Number of clients
- Station-specific details
- Device time
- Health metrics
- Performance over time
- DPI (deep packet inspection)
- Destination address
- Matched policies
- Logs
Other tools that could be invoked manually, with plans to automate as regular tests, included:
- VLAN probe – validate DHCP is providing addresses on defined test VLAN(s)
- Spectrum Analysis
- Duty cycle
- Pattern detection (fingerprinting)
- Uses dedicated scanning radio to avoid client impact
- Cable tests from switch ports to determine if the cable is good or bad
- Port flapping
- Is the switch flapping?
- Tx/Rx packet loss
Fortinet presented a tour of the SPoG dashboard, highlighting insight after insight, many of which were displayed on a graph or chart to display performance and behaviour over time.
Insights are one of those key terms that all vendors claim but their implementation of such terms really differentiates one vendor from another. The term ‘insights’ ranks right up there with other loosely defined buzzwords like ‘cloud’, ‘artificial intelligence’, and ‘machine learning’. Some vendors are even required to mention these terms a minimum number of times during each presentation or keynote.
I would argue that none of the ‘Insights’ shown during this presentation aligned with what I would call insights. For me, an insight would be a suggestion or recommendation provided by the system. Displaying meaningful data in a convenient and intuitive format is very helpful, but humans must still make the insight, as opposed to the system. Features like VLAN Probe, SpecA, and Cable tests are very useful, but we are still the ones making any insights after analyzing output from these tools or displays. Detailed log messages are also available, but we were not shown any specific examples of logs analyzed to correlate events on a timeline with insights into client or network issues. Data required for humans to make these insights is very accessible within the dashboard, it’s just that I think referring to this data as insights gleaned from an AI engine is a bit of a stretch.
In the theme of troubleshooting, Fortinet also listed their ability to:
- Issue CLI commands from the dashboard
- TAC debug command – issue typical debug dumps asked for by TAC
- Sort lists into top 5 impacted…
- Wireless Sensor – for continuous probing and WLAN testing
While these are good features to include, they fall into the category of matching what already exists in the competition. Don’t get me wrong, these are welcomed features on the wireless side of the house and while they certainly aid network practitioners in reducing the time for root cause analysis and issue resolution, I would not categorize them as AI. Customers who have already selected Fortinet as a single vendor for their SD-WAN, wired, and wireless needs have much to look forward to with FortiAIOps 2.0.
At the time of this announcement, FortiAIOps 2.0 is available as a VM with support for ESX, KVM, and Hyper-V with plans to release dedicated hardware in 2H23.
Slàinte!
Resources
Mobility Field Day 9 Website
Announcing v2.0 of Fortinet’s AIOps Solution, Combining Troubleshooting Tools with Network Insights