Versa bolsters data protection, AI-powered operations in SASE upgrade

Versa has added to the AI features of its flagship VersaONE Universal SASE Platform to better protect enterprise assets and help customers improve network and security operations.

Built on the Versa Operating System, the VersaONE platform includes secure access service edge (SASE) elements such as SD-WAN, secure web gateway, cloud access security broker (CASB), zero trust network access (ZTNA), and firewall-as-a-service. Common platform capabilities include shared AI engines and a zero-trust foundation, according to Versa.

AI-enhanced DLP capabilities and inline CASB

VersaONE Release 23.1.1 includes improved data loss prevention tools, such as AI-enhanced Optical Character Recognition (OCR) to examine images and documents, and AI-enabled workflows to protect any sensitive data and set policies about who can access that data, Dogu Narin, vice president of products for Versa, told Network World.

With generative AI, users can import and share all types of images and data through a PDF file, Word, Excel or other applications. And that means security teams need more granular controls over what’s being shared, Narin said. Traditional inspection and rule-based DLP controls often lack the visibility and context that are required to keep up with AI, Nari said.

The features also strengthen the Versa GenAI Firewall, which proactively limits certain AI usage and manages exposure to unvetted applications, Versa stated.

“Versa’s new capabilities in AI-powered DLP takes data protection beyond contextual DLP by embedding advanced machine learning directly into the SASE fabric. Deployed as containerized microservices, the new ML analysis engine runs locally on SASE gateways—ensuring sensitive data never leaves your infrastructure,” wrote Versa’s Shubham Sangle, product manager, and Anusha Vaidyanathan, senior director of product management, in a blog post about the new features of VersaONE.

Docker-containerized ML models execute data discovery and classification locally, maintaining data sovereignty while scanning file repositories, SaaS applications, and inline traffic flows, the authors stated.

“Versa DLP uses advanced transformer models and fine-tuned Large Language Models (LLMs) to detect sensitive information across diverse document types and formats. Unlike traditional pattern matching, VersaONE applies contextual and behavioral analysis using spatial and temporal signals to differentiate legitimate data use from potential breaches,” the authors wrote. “This context-aware approach reduces false positives and dynamically applies predefined, policy-driven protections without disrupting normal business workflows.”

In addition, the new version of VersaONE supports inline CASB that inspects traffic and can enforce security policies in real-time. “AI applications are getting updates pretty quickly, or new applications are coming to life, so customers need to be able to detect them quickly and reliably, according to Narin.

Inline CASB lets customers detect these activities, classify them, and apply the right sort of policies onto them. It’s also used for user activity management purposes, Narin said. “For instance, we can say this user is allowed to post certain types of information onto this tool, but another user may not—we can detect many details around how users are using company information,” Narin said.

Versa Verbo, a zero-trust co-pilot

The company has also enhanced VersaONE’s Model Context Protocol server, which allows LLM-powered assistants such Claude, ChatGPT, Gemini, Microsoft Copilot, or internally developed copilots to query Versa systems by accessing Versa APIs. The idea is to make it easier for NetOps and SecOps teams to quickly get answers to security and network issues—without having to switch between multiple tools or consoles, according to Versa.

The company has now integrated the MCP server with Versa’s AI-powered co-pilot, Verbo, to help customers more quickly identify network problems, facilitate troubleshooting, and recommend actions with conversational access to guidance without switching tools.

“The agentic architecture introduced in the 23.1.1 release includes documentation agents, debugging agents, tool-calling agents, and MCP agents. The debugger agent operates on structured operational rulebooks built by subject matter experts. These rulebooks codify deterministic troubleshooting workflows, providing reliability and predictability that traditional probabilistic AI systems cannot guarantee,” wrote Sridhar Iyer, Versa’s director of ML/AI, in a blog post outlining the new capabilities.

For automated and simplified observability, “Verbo also now integrates with Versa Behavioral Insights (VBI), enabling AI-powered event correlation, anomaly detection, alert compression, and guided troubleshooting,” Iyer wrote. “VBI processes telemetry and logs into structured archives, which are analyzed for behavioral patterns and predictive insights. These insights are routed into Verbo to generate contextual responses and guided remediation steps. This creates an automated AI operations framework connecting detection, correlation and resolution.”

Expanded operating system support

The new VersaONE release adds support for Ubuntu 22.04 and Linux kernel 6.8, improving compatibility with current systems-on-a-chip (SOC)-based hardware from AMD, Intel and others, Versa stated. “Because SoCs are common in network appliances, edge platforms, and AI inference devices—and Ubuntu 22.04 has become a standard baseline across modern AI ecosystems—this enables reliable AI-driven classification, anomaly detection, and contextual analysis for use cases such as data loss prevention and observability,” Versa stated.

Market trends and directions

Market research company Frost & Sullivan has noted the increasing integration of AI-driven automation and zero-trust principles into SD-WAN and other converged networking and security offerings.

“The concept of a self-protecting network is gaining traction in SD-WAN architectures, driven by the integration of AI and ML,” Frost & Sullivan wrote in its recent SD-WAN Infrastructure report. “In an era where AI is reshaping threats and defenses, leveraging these technologies for network security is no longer optional; it’s a strategic necessity. SD-WAN vendors are increasingly embedding AI/ML capabilities to enable intent-based networking, which automates routine operational tasks, enforces dynamic policies, monitors performance against defined benchmarks, and proactively identifies and mitigates anomalies.”

“Versa is advancing its AI strategy through the development of VersaAI, a framework that extracts actionable insights from its platform by leveraging a comprehensive dataset spanning the entire infrastructure. This enables enhanced network and security performance, secure GenAI capabilities, and real-time threat detection,” the report stated. “Versa’ integrated platform architecture, where all networking and security functions operate in a single software stack with multitenancy, is a distinctive advantage in the SD-WAN and SASE landscape. Frost & Sullivan views Versa’s unified approach as a strategic differentiator, enabling simplified policy management and providing consolidated visibility for network operations centers and security operations centers.”