About AIOps Insights
Firewalls are a critical component of any organization's network security architecture. As organizations expand and the threat landscape evolves, managing these firewalls becomes complex. Organizations must continuously update rules and configurations to adapt to new threats, network changes, and compliance requirements, which presents significant challenges. Improper management can lead to security gaps and vulnerabilities. These issues pose risks to an organization's network security.
To effectively address these challenges, a new approach to firewall management is required. This is where AIOps becomes essential. AIOps leverages artificial intelligence (AI) and machine learning (ML) to streamline and enhance firewall management and network security.
![]() Note |
Currently, the AIOps features are available only for Firewall Threat Defense devices that are managed by Cloud-Delivered Firewall Management Center. For on-premises FMC-managed Firewall Threat Defense devices, selective AIOps capabilities like Policy Analyzer and Optimizer are accessible via cloud-assist. |
AIOps' key functionalities include:
-
Policy Anomaly Detection: Analyzes firewall policies and detects misconfigurations or anomalies before they impact performance or security.
-
Feature Adoption Insights and Best Practice Recommendations: Provides insights into the level of feature adoption and suggests best practices to optimize security configurations.
-
Operational Insights: Evaluates device readiness for software upgrades, suggests compatible versions, and helps plan upgrades to maintain consistency, stability, and compliance across deployments.
-
Critical Alerts: Filters and prioritizes the most urgent security events, helping you focus on critical issues.
AIOps' key features include:
-
AIOps Insights: Provides detailed information on all insights. You can view all anomalies categorized by Severity and Type.
-
Policy Analyzer and Optimizer: Analyzes security policies, detects anomalies, and provides recommendations on remediations that can be performed to optimize the policies, thereby improving the firewall performance.
-
Best Practices and Recommendations: Generates detailed assessment reports that highlight failed checks against Cisco Secure Firewall best practices and provides actionable recommendations to resolve issues, ensuring optimal firewall performance.
-
Feature Adoption: Provides insights into the features that are adopted and the percentage of adoption to modify the usage pattern and achieve optimal security. Analyze the adoption rate of different features to improve usage patterns and enhance security measures.
-
Software Upgrade Planner: Provides upgrade suggestions for your devices through a centralized dashboard. The dashboard displays the current and suggested versions and details about security vulnerabilities and bug fixes.
-
Configuration Settings: Provides the ability to configure thresholds for AIOps features and enable or disable insight preferences. You can customize these settings to suit your specific needs.
The AIOps Summary Dashboard
The AIOps Summary dashboard provides a consolidated view of all insights across your environment. You can assess areas that need attention and drill down into details for deeper analysis. Filter insights by time range, severity, and status.
-
Insights visualization panel: Displays the total number of insights, organized by severity and type.
-
The inner ring summarizes insights by status and severity.
-
The outer ring represents insight categories. Selecting a category displays related details.
-
-
Insights by device: Click on a device to view insights.
-
Insights by priority: Expand the section to view all devices with related insights.
-
Use the icons at the top right of the page for additional actions:
-
AIOps Insights: Navigate to the view of all AIOps insights.
-
Settings: Navigate to configure preferences and thresholds for insights.
-
Insight Statuses and Transitions
This table outlines the possible insight statuses, their descriptions, transitions, and examples.
Status |
Description |
Transition |
Triggered by |
Example |
---|---|---|---|---|
Active |
|
– |
System |
Upgrade options suggested for Firewall Threat Defense. |
Resolved |
|
Active to Resolved: After you fix the issue and the system confirms it in the next check. |
|
Overlapping firewall rules corrected by the user. |
Not Applicable (N/A) |
|
Active to Not Applicable |
System |
|
AIOps Licensing Requirements
If you have licenses for the Secure Firewall Management Center, you can access AIOps by enabling AIOps Insights in your tenant. The initial version of AIOps is included as part of your firewall license and is granted on a per-device basis.
Prerequisites to Use AIOps
-
Ensure that you have access to a Security Cloud Control tenant where AIOps Insights is enabled and Cloud-Delivered Firewall Management Center is provisioned.
-
Ensure that you have configured the thresholds and preferences for the AIOps features.
-
You must have Super Admin or Admin user roles to opt in or opt out of AIOps Insights in your tenant.