F5 AI Gateway: Solving the Unique Challenges of AI Security and Delivery

Over the past year, we've learned a lot about generative AI. In particular, we've seen best practices for deployment patterns materialize, AI factories becoming a new data center building block, and the concerns about delivery and security of AI models and applications rise to the fore.

While it's true that AI applications are the "most modern of modern applications" and heavily rely on APIs, it is also true that AI applications bring unique challenges to the table with respect to security, monitoring, and delivery.

A significant challenge is due to the non-deterministic nature of AI applications. That is, inbound input and outbound responses vary greatly and evolve over time. AI applications can also pull in data from both structured and unstructured sources that can span multiple locations. Indeed, it was no surprise when we surveyed the market and found a robust mix of public cloud, on-premises, and hybrid deployment plans for AI.

The trouble with unstructured, unpredictable input and output is the difficulty inherent in determining whether a request or response contains sensitive or incorrect information. While API security and web application firewalls are often used for exactly this purpose, they operate on deterministic content. That is, the format and content of requests and responses are understood and therefore it is easier to detect malicious or sensitive content. With AI, though it leverages the same constructs as APIs and web applications, the content is highly variable, which makes it difficult to craft policies that scan or scrub requests and responses.

Implicit in that challenge is another: AI traffic must be monitored in both directions. This is particularly true given that a significant percentage of organizations plan to leverage AI as a service, such as ChatGPT, Azure, Google, or Hugging Face.