Welcome!

Microservices Expo Authors: Chris Schwarz, Pat Romanski, Todd Matters, Elizabeth White, ManageEngine IT Matters

Related Topics: @CloudExpo, Microservices Expo, @BigDataExpo

@CloudExpo: Article

The Human Body and @Cisco's #DataCenter Automation | @CloudExpo #AI #ML

How self-defense and self-healing capabilities of our human body is similar to firewalls and intelligent monitoring capabilities

Disclaimer : I am an IT guy and my knowledge on human body is limited to my daughter's high school biology class book and information obtained from search engines. So, excuse me if any of the information below is not represented accurately !

The human body is the most complex machine ever created. With a complex network of interconnected organs, millions of cells and the most advanced processor, human body is the most automated system in this planet. In this article, we will draw comparisons between the working of a human body to that of a data center. We will learn how self-defense and self-healing capabilities of our human body is similar to firewalls and intelligent monitoring capabilities in our data centers. We will draw parallels between human body automation to data center automation and explain different levels of automation we need to drive in data centers. This article is divided into four parts covering each of body main functions and drawing parallels on automation

Have you ever felt sick? How do you figure out that you are going to get sick and you need to call it a day. Can you control how fast your heart should beat or can you control your breath as per your wish? Human body is the most automated system we have in the entire universe. It's the most advance machine with the fastest microprocessor and a lightning network which powers us every day. There is lot to learn on how the architect of our body has designed our body and how using the same design principals we should automate the data center of the future.

Human body compare

The fundamental principal of automation is to use the data to do intelligent analytics that enables us to take action. When we are about to fell sick, our body gives us some indicators (alerts) which tells us things are not going per plan and we need to take action. Such indicators can be in the form of developing fever or chills, feeling cold, or having pain. Once we get these alerts either we take action, i.e., take medication or we let our body self-heal if the alert is not to worry about, e.g., a small cut.

Our body like our systems (compute, network, etc.) have a way to read these alerts and take appropriate actions. In addition, our body has tremendous and most advance security system always working to defend ourselves from various malicious attacks!  An example when the virus strikes the human body, it attacks the body cellular structure and begins to destroy it. Our body defense mechanism immediately sends white blood cells to attacks the invading virus and tries to destroys it. All this happens 24x7 and without us telling our body to do so! If the body fails to defend on its own then it gives signals to help it out and that is when we either go to a doctor to get us some medicine or take some other external remedies to help our body. Now imagine if we can develop similar advanced security system to defend our data centers from all the attacks. There are several things we can learn from how our body works and incorporate the same in creating highly automated data center of the future. Let's examine each of the body systems and how we can leverage it for our benefit. While this is not biology lesson it is time to go back to your school days.

The Immune System
This is perhaps the most intelligent and automated system in our body and most relevant to the way we should automate our data center security. Our immune (security) system is a collection of structures and processes who job is to protect against disease or other potentially damaging foreign bodies.  These diseases and/or foreign bodies is equivalent to virus, malware or other type of security threats we see in our data center.  Our immune system consists of various parts (hardware) and systems (software) which allows our body to self-defend and self-heal against attacks, which happens 24x7.

Immune

Image courtesy:Flexablog.com

There are six main components of our immune system.

  1. Lymph Nodes: This is a small bean shape structures that produce and store cells to fight infection and diseases. Lymph nodes contains lymph, a clear liquid that carries those cells to various parts of our body.
  2. Spleen: This is located on your left-hand side of your body under your ribs and above your stomach. The spleen contains white blood cells that fight infection
  3. Bone-Marrow: The yellow tissue in the center of bones that produced white blood cells
  4. Lymphocytes: These small white blood cells play a large role in defending the body against disease. The two types of lymphocytes are B-cells, which make antibodies that attack bacteria and toxins, and T-cells, which help destroy infected or cancerous cells
  5. Thymus: Responsible to trigger and maintain production of antibodies
  6. Leukocytes: These are disease fighting white blood cells that identifies and eliminates pathogens

Together all the above components make up our immune system. Think these of various security devices like physical access card readers, firewalls, anti-virus software, anti-spam and other security mechanism we deploy in our data center. The immune system can be further divided in two systems.

The Innate Immune System
The innate immune response is the first step in protecting our bodies from foreign particles. It is an immediate response that's "hard-wired" into our immune system. It's a generalized system which protects against any type of virus attacks and not tied to specific immunity. For example, general barriers to infection include:

  • Physical (skin, mucous, tears, saliva, and stomach acid)
  • Chemical (specific proteins found in tears or saliva that attack foreign particles)
  • Biological (microbiota or good bacteria in the gut that prevents overgrowth of bad bacteria)

The innate immune system is general i.e. anything that is identified as a foreign or non-self becomes target for the innate immune system

The Adaptive Immune Response
The innate immune response leads to the pathogen-specific adaptive immune response. While this response is more effective, it takes time to develop-generally about a week after the infection has occurred. This system is called adaptive because it's a self-learning system which adapts itself to new threats and creates a self-defense mechanism to neutralize such threats in the future much faster. A good example we all know from birth is vaccinations. We are injected with a weakened or dead virus to enable our body learn on how to defend against a particular type of virus. Our body then remembers this all its life and protects us 24x7 from this particular virus.

Thus, the immune system is both reactive and adaptive. It reacts when a pathogen enters our body to neutralizes it, it also is constantly learning and adapting to new threats. It's also intelligent to know what is self - Anything naturally in the body, e.g., our own cells to non-self-Anything that is not naturally present in the body. The system also is a quick reacting system and has inbuilt messaging system which passes signal from one cell to another to act on incoming threat all at lightning speed. In addition, its layered security system with multiple types of cells playing particular role to defend. While some cells are located at the entry point of our body like mouth, nose, ear, etc., and act as security guards, others are located in our circulatory systems or in our bone marrow and gets released as and when required.

Enough of biology. Let's get into our IT world. Imagine our data center having similar innate and adaptive capabilities. The innate or generalized security systems are our firewalls, emails scanners etc. which can neutralize generalized threats in our data center. They are not tied to specific threats like DoS or Dirty cow type OS vulnerability. These systems are continuously watching for any threats and neutralizes once they find known and familiar threats. E.g. email spam filters, anti-virus software, etc.  Much like our body has physical, chemical and biological defense layers, our data center needs to have different security layers to product us from various types of attacks. At a minimum, we four level of security in our DC. Physical security (Access card readers, Security guards), network security (DNS, DMZ/Internal, Firewalls), component level (Compute, Storage) and application level (email, OS, Java, Oracle, etc.). There are lot of technologies available today which provides various layers of security including those provide by industry leaders like Cisco.

While we have innate defense capabilities, what we need to protect us against increasing sophistication of attacks is the adaptive self-defense capabilities. The system should self-learn various signatures and patterns from past attacks and can automatically create self-healing code (white blood cells) to defend against new threats. In other words, systems should be able to self-heal itself. Such a system will create new defense signatures based on previous attacks and adapt to new type of attacks.

Humans intervene only when the system fails to do its job. Let's take an example. Let us assume a new type of virus is released, it's an enhanced version of previously known virus, so the signature is different. If the virus pattern is not known, humans have to develop anti-virus signatures and then update anti-virus software to fix the exposure. This is like taking an external dose of antibiotics to heal your body. This can take days if not weeks to get the updated software from vendor and apply it across all vulnerable systems. Now what if we have systems in the future which can create required antibiotics on its own and try to fix the exposure? Such systems much like our body learns from previous attacks, modify its current software to adapt to new threat and tries to defend itself all without human intervention! Seems unreal. Our body is capable for doing this with to do this with 75% or more success rate. Can we aim for 80%?

Another capability we need in our data center is the self-healing capability. Much like how a human body detects abnormalities in the human body and attacks the problem without asking for your permission J, data center security mechanism as well as fault detection system should work in similar way. Imagine your body waiting for your instruction to defend from invading virus!! What if you were sleeping. When an abnormality is detected in the data center, we need to act immediately. Today, while many of data center security products are designed to detect malicious attacks and take appropriate action without human intervention, we need to extend this inside every component (compute/storage/network) in the data center. We should have intelligence at every layer to protect against increasing form of attacks and everything needs to be connected together. An end point device which detected a threat can alert all the security components at all layers about incoming threat. Each system notifies other systems on the status of threat and there is constant communication between fire-walls, compute, storage system based on type and level of attack.

As an example, imagine we discover a new super critical vulnerability in our operating system which allows an authorized user to get root privileges. Today in most enterprises it takes weeks if not days to detect and remediate the vulnerability. In tomorrow's world system should be smart enough to take detect such gaps and apply the fix immediately. Why wait when we know waiting can have adverse impact on our business and yes did I mentioned it should be done without downtime to business. After all your body does not need downtime to fix YOU.

To summarize we need following capabilities for our data center security

  1. Multi-layered inter-connected security system. There should be common messaging bus between different infrastructure components to detect and notify status of threats
  2. Should be both innate and adaptive to react to different type of threats
  3. Self-learning with self-healing capabilities.  Should continuous learn and adapt to new threats
  4. Ability to react at the speed of light

In the next article, we will focus on the body's nervous system, which is the most complex but also the most intelligent sensor system in the planet.

Until next time....

More Stories By Ashish Nanjiani

Ashish Nanjiani is a Senior IT Manager within Cisco IT managing Cisco worldwide IT data centers as an operations manager. With 20 years of IT experience, he is an expert in data center operations and automation. He has spoken in many inter-company events on data center automation and helps IT professionals digitize their IT operations. He is also an entrepreneur and has been successfully running a website business for 10+ years.

Ashish holds a Bachelor of Science degree in Electrical and Electronics and a Masters in Business Administration. He is a certified PMP, Scrum master. He is married and has two lovely daughters. He enjoys playing with technology during his free time. ashish.nanjiani@gmail.com

@MicroservicesExpo Stories
"Tintri focuses on the Ops side of the DevOps, which basically is pushing more and more of the accessibility of the infrastructure to the developers and trying to get behind the scenes," explained Dhiraj Sehgal of Tintri in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
For most organizations, the move to hybrid cloud is now a question of when, not if. Fully 82% of enterprises plan to have a hybrid cloud strategy this year, according to Infoholic Research. The worldwide hybrid cloud computing market is expected to grow about 34% annually over the next five years, reaching $241.13 billion by 2022. Companies are embracing hybrid cloud because of the many advantages it offers compared to relying on a single provider for all of their cloud needs. Hybrid offers bala...
@DevOpsSummit at Cloud Expo taking place Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center, Santa Clara, CA, is co-located with the 21st International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is ...
You know you need the cloud, but you’re hesitant to simply dump everything at Amazon since you know that not all workloads are suitable for cloud. You know that you want the kind of ease of use and scalability that you get with public cloud, but your applications are architected in a way that makes the public cloud a non-starter. You’re looking at private cloud solutions based on hyperconverged infrastructure, but you’re concerned with the limits inherent in those technologies.
The reality of data ubiquity is here—data is buried in operational statistics, machine logs, stacks of overflowing tickets and customer details, among other things. How can any user get valuable information amid this rapid influx of data? Imagine a situation where your firm’s revenue takes a hit owing to an unexpected failure in some business process. It would be a nightmare for IT admins to sift through the interminable piles of data to deduce exactly why and where the problem occurred. To sav...
For organizations that have amassed large sums of software complexity, taking a microservices approach is the first step toward DevOps and continuous improvement / development. Integrating system-level analysis with microservices makes it easier to change and add functionality to applications at any time without the increase of risk. Before you start big transformation projects or a cloud migration, make sure these changes won’t take down your entire organization.
What's the role of an IT self-service portal when you get to continuous delivery and Infrastructure as Code? This general session showed how to create the continuous delivery culture and eight accelerators for leading the change. Don Demcsak is a DevOps and Cloud Native Modernization Principal for Dell EMC based out of New Jersey. He is a former, long time, Microsoft Most Valuable Professional, specializing in building and architecting Application Delivery Pipelines for hybrid legacy, and cloud ...
21st International Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Me...
"We are a monitoring company. We work with Salesforce, BBC, and quite a few other big logos. We basically provide monitoring for them, structure for their cloud services and we fit into the DevOps world" explained David Gildeh, Co-founder and CEO of Outlyer, in this SYS-CON.tv interview at DevOps Summit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
Cloud Expo, Inc. has announced today that Andi Mann and Aruna Ravichandran have been named Co-Chairs of @DevOpsSummit at Cloud Expo Silicon Valley which will take place Oct. 31-Nov. 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. "DevOps is at the intersection of technology and business-optimizing tools, organizations and processes to bring measurable improvements in productivity and profitability," said Aruna Ravichandran, vice president, DevOps product and solutions marketing...
There's a lot to gain from cloud computing, but success requires a thoughtful and enterprise focused approach. Cloud computing decouples data and information from the infrastructure on which it lies. A process that is a LOT more involved than dragging some folders from your desktop to a shared drive. Cloud computing as a mission transformation activity, not a technological one. As an organization moves from local information hosting to the cloud, one of the most important challenges is addressi...
SYS-CON Events announced today that CA Technologies has been named "Platinum Sponsor" of SYS-CON's 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. CA Technologies helps customers succeed in a future where every business - from apparel to energy - is being rewritten by software. From planning to development to management to security, CA creates software that fuels transformation for companies in the applic...
In the decade following his article, cloud computing further cemented Carr’s perspective. Compute, storage, and network resources have become simple utilities, available at the proverbial turn of the faucet. The value they provide is immense, but the cloud playing field is amazingly level. Carr’s quote above presaged the cloud to a T. Today, however, we’re in the digital era. Mark Andreesen’s ‘software is eating the world’ prognostication is coming to pass, as enterprises realize they must be...
Both SaaS vendors and SaaS buyers are going “all-in” to hyperscale IaaS platforms such as AWS, which is disrupting the SaaS value proposition. Why should the enterprise SaaS consumer pay for the SaaS service if their data is resident in adjacent AWS S3 buckets? If both SaaS sellers and buyers are using the same cloud tools, automation and pay-per-transaction model offered by IaaS platforms, then why not host the “shrink-wrapped” software in the customers’ cloud? Further, serverless computing, cl...
Hybrid IT is today’s reality, and while its implementation may seem daunting at times, more and more organizations are migrating to the cloud. In fact, according to SolarWinds 2017 IT Trends Index: Portrait of a Hybrid IT Organization 95 percent of organizations have migrated crucial applications to the cloud in the past year. As such, it’s in every IT professional’s best interest to know what to expect.
A common misconception about the cloud is that one size fits all. Companies expecting to run all of their operations using one cloud solution or service must realize that doing so is akin to forcing the totality of their business functionality into a straightjacket. Unlocking the full potential of the cloud means embracing the multi-cloud future where businesses use their own cloud, and/or clouds from different vendors, to support separate functions or product groups. There is no single cloud so...
The taxi industry never saw Uber coming. Startups are a threat to incumbents like never before, and a major enabler for startups is that they are instantly “cloud ready.” If innovation moves at the pace of IT, then your company is in trouble. Why? Because your data center will not keep up with frenetic pace AWS, Microsoft and Google are rolling out new capabilities. In his session at 20th Cloud Expo, Don Browning, VP of Cloud Architecture at Turner, posited that disruption is inevitable for comp...
Companies have always been concerned that traditional enterprise software is slow and complex to install, often disrupting critical and time-sensitive operations during roll-out. With the growing need to integrate new digital technologies into the enterprise to transform business processes, this concern has become even more pressing. A 2016 Panorama Consulting Solutions study revealed that enterprise resource planning (ERP) projects took an average of 21 months to install, with 57 percent of th...
In 2014, Amazon announced a new form of compute called Lambda. We didn't know it at the time, but this represented a fundamental shift in what we expect from cloud computing. Now, all of the major cloud computing vendors want to take part in this disruptive technology. In his session at 20th Cloud Expo, Doug Vanderweide, an instructor at Linux Academy, discussed why major players like AWS, Microsoft Azure, IBM Bluemix, and Google Cloud Platform are all trying to sidestep VMs and containers wit...
New competitors, disruptive technologies, and growing expectations are pushing every business to both adopt and deliver new digital services. This ‘Digital Transformation’ demands rapid delivery and continuous iteration of new competitive services via multiple channels, which in turn demands new service delivery techniques – including DevOps. In this power panel at @DevOpsSummit 20th Cloud Expo, moderated by DevOps Conference Co-Chair Andi Mann, panelists examined how DevOps helps to meet the de...