The impact of AI on application delivery and security is as confusing as a quantum mechanics thought experiment.
Without rehashing Schrödinger’s famous cat in simultaneous quantum states thought experiment, there seems to be similar confusion regarding what, exactly, the impact of generative AI will be on application delivery and security.
This stems primarily from two core characteristics of AI applications:
- They are modern applications
- They are heavily dependent on APIs
This leads to the conclusion that, for the most part, application delivery and security are not really all that affected by generative AI. After all, the same API security services can be used to protect AI APIs, and the tech stack still includes the same old protocols that can be defended by DDoS protection and a good old WAF. Concerns about bots? Bot defense has that covered, too.
Are there new capabilities needed for API security? Yes, some. Specifically, around the shift to sharing unstructured data. Do application delivery services (like load balancing) need to evolve to deal with AI inferencing peculiarities? Yes, some. But the services themselves are still pretty much…the same.
But—and here’s where the second of our quantum states comes in—deploying AI applications generally means a change in architecture. So, AI changes everything and nothing at the same time.
After all, AI inferencing servers are not just web servers or app servers and are generally following an architectural pattern that expands the modern application architecture with a new tier dedicated to AI inferencing. Without rehashing the details, here’s a refresher on the evolution of application architectures:
There are a whole lot of changes in the components within that modern application—and where they reside—that change application delivery a whole lot more than application security.
For example, when we look at the possible insertion points for application delivery and security, we can see that points deeper in the architecture are less likely to need what are traditionally “front door” services. Those are capabilities like global server load balancing, DDoS protection, and multicloud networking. So, at the front door, nothing really changes all that much.
But that inferencing tier? It’s going to need load balancing, and not just load balancing but intelligent load balancing. That’s application delivery. An AI gateway that can monitor and protect outbound AI traffic is probably a good idea here, too, as well as a whole lot of security services. In fact, a market survey we did earlier this year told us exactly which services folks want to use and where they want to deploy them. When it comes to delivery and security at the “North-South AI” insertion point they want:
- 44% AI gateway
- 21% API security
- 13% Load balancing
- 29% Bot defense
Now, those same services are desired at the “North-South Front Door” insertion point, too, but at different rates. And the deeper into the AI inferencing tier you go, the fewer services are needed, and yet it is those services that will be impacted most by the need to adjust algorithms, monitoring, and routing to address the differences that exist in that tier. The service may be the same—it’s good old load balancing—but its capabilities will evolve to meet the unique needs of AI factories.
And that’s where the confusion comes in, I think. The market understands that AI applications are modern applications that depend on APIs. That means the market is quite capable of recognizing that existing application delivery and security services are going to work just as well for AI as they do for other modern applications and APIs.
But the market also understands that AI is changing their architecture and introducing new insertion points where those services might be better deployed. And that’s the biggest change caused by AI: architecture.
That’s not a small thing. Architectural changes impact everything from application delivery and security to monitoring, automation, and networking. It means that even if the application delivery and security services don’t change that much, where and how they’re deployed changes a lot.
Getting that right is an important part of readiness to scale AI in a meaningful way.
About the Author
Related Blog Posts
At the Intersection of Operational Data and Generative AI
Help your organization understand the impact of generative AI (GenAI) on its operational data practices, and learn how to better align GenAI technology adoption timelines with existing budgets, practices, and cultures.
Using AI for IT Automation Security
Learn how artificial intelligence and machine learning aid in mitigating cybersecurity threats to your IT automation processes.
The Commodification of Cloud
Public cloud is no longer the bright new shiny toy, but it paved the way for XaaS, Edge, and a new cycle of innovation.
Most Exciting Tech Trend in 2022: IT/OT Convergence
The line between operation and digital systems continues to blur as homes and businesses increase their reliance on connected devices, accelerating the convergence of IT and OT. While this trend of integration brings excitement, it also presents its own challenges and concerns to be considered.
Adaptive Applications are Data-Driven
There's a big difference between knowing something's wrong and knowing what to do about it. Only after monitoring the right elements can we discern the health of a user experience, deriving from the analysis of those measurements the relationships and patterns that can be inferred. Ultimately, the automation that will give rise to truly adaptive applications is based on measurements and our understanding of them.
Inserting App Services into Shifting App Architectures
Application architectures have evolved several times since the early days of computing, and it is no longer optimal to rely solely on a single, known data path to insert application services. Furthermore, because many of the emerging data paths are not as suitable for a proxy-based platform, we must look to the other potential points of insertion possible to scale and secure modern applications.