Welcome!

@CloudExpo Authors: Kevin Benedict, Kevin Jackson, Liz McMillan, Elizabeth White, Yeshim Deniz

Related Topics: @CloudExpo, Microservices Expo, @BigDataExpo

@CloudExpo: Article

The Human Body and @Cisco's #DataCenter Automation | @CloudExpo #AI #ML

How self-defense and self-healing capabilities of our human body is similar to firewalls and intelligent monitoring capabilities

Disclaimer : I am an IT guy and my knowledge on human body is limited to my daughter's high school biology class book and information obtained from search engines. So, excuse me if any of the information below is not represented accurately !

The human body is the most complex machine ever created. With a complex network of interconnected organs, millions of cells and the most advanced processor, human body is the most automated system in this planet. In this article, we will draw comparisons between the working of a human body to that of a data center. We will learn how self-defense and self-healing capabilities of our human body is similar to firewalls and intelligent monitoring capabilities in our data centers. We will draw parallels between human body automation to data center automation and explain different levels of automation we need to drive in data centers. This article is divided into four parts covering each of body main functions and drawing parallels on automation

Have you ever felt sick? How do you figure out that you are going to get sick and you need to call it a day. Can you control how fast your heart should beat or can you control your breath as per your wish? Human body is the most automated system we have in the entire universe. It's the most advance machine with the fastest microprocessor and a lightning network which powers us every day. There is lot to learn on how the architect of our body has designed our body and how using the same design principals we should automate the data center of the future.

Human body compare

The fundamental principal of automation is to use the data to do intelligent analytics that enables us to take action. When we are about to fell sick, our body gives us some indicators (alerts) which tells us things are not going per plan and we need to take action. Such indicators can be in the form of developing fever or chills, feeling cold, or having pain. Once we get these alerts either we take action, i.e., take medication or we let our body self-heal if the alert is not to worry about, e.g., a small cut.

Our body like our systems (compute, network, etc.) have a way to read these alerts and take appropriate actions. In addition, our body has tremendous and most advance security system always working to defend ourselves from various malicious attacks!  An example when the virus strikes the human body, it attacks the body cellular structure and begins to destroy it. Our body defense mechanism immediately sends white blood cells to attacks the invading virus and tries to destroys it. All this happens 24x7 and without us telling our body to do so! If the body fails to defend on its own then it gives signals to help it out and that is when we either go to a doctor to get us some medicine or take some other external remedies to help our body. Now imagine if we can develop similar advanced security system to defend our data centers from all the attacks. There are several things we can learn from how our body works and incorporate the same in creating highly automated data center of the future. Let's examine each of the body systems and how we can leverage it for our benefit. While this is not biology lesson it is time to go back to your school days.

The Immune System
This is perhaps the most intelligent and automated system in our body and most relevant to the way we should automate our data center security. Our immune (security) system is a collection of structures and processes who job is to protect against disease or other potentially damaging foreign bodies.  These diseases and/or foreign bodies is equivalent to virus, malware or other type of security threats we see in our data center.  Our immune system consists of various parts (hardware) and systems (software) which allows our body to self-defend and self-heal against attacks, which happens 24x7.

Immune

Image courtesy:Flexablog.com

There are six main components of our immune system.

  1. Lymph Nodes: This is a small bean shape structures that produce and store cells to fight infection and diseases. Lymph nodes contains lymph, a clear liquid that carries those cells to various parts of our body.
  2. Spleen: This is located on your left-hand side of your body under your ribs and above your stomach. The spleen contains white blood cells that fight infection
  3. Bone-Marrow: The yellow tissue in the center of bones that produced white blood cells
  4. Lymphocytes: These small white blood cells play a large role in defending the body against disease. The two types of lymphocytes are B-cells, which make antibodies that attack bacteria and toxins, and T-cells, which help destroy infected or cancerous cells
  5. Thymus: Responsible to trigger and maintain production of antibodies
  6. Leukocytes: These are disease fighting white blood cells that identifies and eliminates pathogens

Together all the above components make up our immune system. Think these of various security devices like physical access card readers, firewalls, anti-virus software, anti-spam and other security mechanism we deploy in our data center. The immune system can be further divided in two systems.

The Innate Immune System
The innate immune response is the first step in protecting our bodies from foreign particles. It is an immediate response that's "hard-wired" into our immune system. It's a generalized system which protects against any type of virus attacks and not tied to specific immunity. For example, general barriers to infection include:

  • Physical (skin, mucous, tears, saliva, and stomach acid)
  • Chemical (specific proteins found in tears or saliva that attack foreign particles)
  • Biological (microbiota or good bacteria in the gut that prevents overgrowth of bad bacteria)

The innate immune system is general i.e. anything that is identified as a foreign or non-self becomes target for the innate immune system

The Adaptive Immune Response
The innate immune response leads to the pathogen-specific adaptive immune response. While this response is more effective, it takes time to develop-generally about a week after the infection has occurred. This system is called adaptive because it's a self-learning system which adapts itself to new threats and creates a self-defense mechanism to neutralize such threats in the future much faster. A good example we all know from birth is vaccinations. We are injected with a weakened or dead virus to enable our body learn on how to defend against a particular type of virus. Our body then remembers this all its life and protects us 24x7 from this particular virus.

Thus, the immune system is both reactive and adaptive. It reacts when a pathogen enters our body to neutralizes it, it also is constantly learning and adapting to new threats. It's also intelligent to know what is self - Anything naturally in the body, e.g., our own cells to non-self-Anything that is not naturally present in the body. The system also is a quick reacting system and has inbuilt messaging system which passes signal from one cell to another to act on incoming threat all at lightning speed. In addition, its layered security system with multiple types of cells playing particular role to defend. While some cells are located at the entry point of our body like mouth, nose, ear, etc., and act as security guards, others are located in our circulatory systems or in our bone marrow and gets released as and when required.

Enough of biology. Let's get into our IT world. Imagine our data center having similar innate and adaptive capabilities. The innate or generalized security systems are our firewalls, emails scanners etc. which can neutralize generalized threats in our data center. They are not tied to specific threats like DoS or Dirty cow type OS vulnerability. These systems are continuously watching for any threats and neutralizes once they find known and familiar threats. E.g. email spam filters, anti-virus software, etc.  Much like our body has physical, chemical and biological defense layers, our data center needs to have different security layers to product us from various types of attacks. At a minimum, we four level of security in our DC. Physical security (Access card readers, Security guards), network security (DNS, DMZ/Internal, Firewalls), component level (Compute, Storage) and application level (email, OS, Java, Oracle, etc.). There are lot of technologies available today which provides various layers of security including those provide by industry leaders like Cisco.

While we have innate defense capabilities, what we need to protect us against increasing sophistication of attacks is the adaptive self-defense capabilities. The system should self-learn various signatures and patterns from past attacks and can automatically create self-healing code (white blood cells) to defend against new threats. In other words, systems should be able to self-heal itself. Such a system will create new defense signatures based on previous attacks and adapt to new type of attacks.

Humans intervene only when the system fails to do its job. Let's take an example. Let us assume a new type of virus is released, it's an enhanced version of previously known virus, so the signature is different. If the virus pattern is not known, humans have to develop anti-virus signatures and then update anti-virus software to fix the exposure. This is like taking an external dose of antibiotics to heal your body. This can take days if not weeks to get the updated software from vendor and apply it across all vulnerable systems. Now what if we have systems in the future which can create required antibiotics on its own and try to fix the exposure? Such systems much like our body learns from previous attacks, modify its current software to adapt to new threat and tries to defend itself all without human intervention! Seems unreal. Our body is capable for doing this with to do this with 75% or more success rate. Can we aim for 80%?

Another capability we need in our data center is the self-healing capability. Much like how a human body detects abnormalities in the human body and attacks the problem without asking for your permission J, data center security mechanism as well as fault detection system should work in similar way. Imagine your body waiting for your instruction to defend from invading virus!! What if you were sleeping. When an abnormality is detected in the data center, we need to act immediately. Today, while many of data center security products are designed to detect malicious attacks and take appropriate action without human intervention, we need to extend this inside every component (compute/storage/network) in the data center. We should have intelligence at every layer to protect against increasing form of attacks and everything needs to be connected together. An end point device which detected a threat can alert all the security components at all layers about incoming threat. Each system notifies other systems on the status of threat and there is constant communication between fire-walls, compute, storage system based on type and level of attack.

As an example, imagine we discover a new super critical vulnerability in our operating system which allows an authorized user to get root privileges. Today in most enterprises it takes weeks if not days to detect and remediate the vulnerability. In tomorrow's world system should be smart enough to take detect such gaps and apply the fix immediately. Why wait when we know waiting can have adverse impact on our business and yes did I mentioned it should be done without downtime to business. After all your body does not need downtime to fix YOU.

To summarize we need following capabilities for our data center security

  1. Multi-layered inter-connected security system. There should be common messaging bus between different infrastructure components to detect and notify status of threats
  2. Should be both innate and adaptive to react to different type of threats
  3. Self-learning with self-healing capabilities.  Should continuous learn and adapt to new threats
  4. Ability to react at the speed of light

In the next article, we will focus on the body's nervous system, which is the most complex but also the most intelligent sensor system in the planet.

Until next time....

More Stories By Ashish Nanjiani

Ashish Nanjiani is a Senior IT Manager within Cisco IT managing Cisco worldwide IT data centers as an operations manager. With 20 years of IT experience, he is an expert in data center operations and automation. He has spoken in many inter-company events on data center automation and helps IT professionals digitize their IT operations. He is also an entrepreneur and has been successfully running a website business for 10+ years.

Ashish holds a Bachelor of Science degree in Electrical and Electronics and a Masters in Business Administration. He is a certified PMP, Scrum master. He is married and has two lovely daughters. He enjoys playing with technology during his free time. [email protected]

@CloudExpo Stories
DevOps at Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 21st Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to w...
SYS-CON Events announced today that Massive Networks will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Massive Networks mission is simple. To help your business operate seamlessly with fast, reliable, and secure internet and network solutions. Improve your customer's experience with outstanding connections to your cloud.
"We want to show that our solution is far less expensive with a much better total cost of ownership so we announced several key features. One is called geo-distributed erasure coding, another is support for KVM and we introduced a new capability called Multi-Part," explained Tim Desai, Senior Product Marketing Manager at Hitachi Data Systems, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
FinTechs use the cloud to operate at the speed and scale of digital financial activity, but are often hindered by the complexity of managing security and compliance in the cloud. In his session at 20th Cloud Expo, Sesh Murthy, co-founder and CTO of Cloud Raxak, showed how proactive and automated cloud security enables FinTechs to leverage the cloud to achieve their business goals. Through business-driven cloud security, FinTechs can speed time-to-market, diminish risk and costs, maintain continu...
There is a huge demand for responsive, real-time mobile and web experiences, but current architectural patterns do not easily accommodate applications that respond to events in real time. Common solutions using message queues or HTTP long-polling quickly lead to resiliency, scalability and development velocity challenges. In his session at 21st Cloud Expo, Ryland Degnan, a Senior Software Engineer on the Netflix Edge Platform team, will discuss how by leveraging a reactive stream-based protocol,...
DX World EXPO, LLC., a Lighthouse Point, Florida-based startup trade show producer and the creator of "DXWorldEXPO® - Digital Transformation Conference & Expo" has announced its executive management team. The team is headed by Levent Selamoglu, who has been named CEO. "Now is the time for a truly global DX event, to bring together the leading minds from the technology world in a conversation about Digital Transformation," he said in making the announcement.
In his session at 20th Cloud Expo, Mike Johnston, an infrastructure engineer at Supergiant.io, discussed how to use Kubernetes to set up a SaaS infrastructure for your business. Mike Johnston is an infrastructure engineer at Supergiant.io with over 12 years of experience designing, deploying, and maintaining server and workstation infrastructure at all scales. He has experience with brick and mortar data centers as well as cloud providers like Digital Ocean, Amazon Web Services, and Rackspace. H...
Internet of @ThingsExpo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 21st Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago. All major researchers estimate there will be tens of billions devic...
"The Striim platform is a full end-to-end streaming integration and analytics platform that is middleware that covers a lot of different use cases," explained Steve Wilkes, Founder and CTO at Striim, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
Everything run by electricity will eventually be connected to the Internet. Get ahead of the Internet of Things revolution and join Akvelon expert and IoT industry leader, Sergey Grebnov, in his session at @ThingsExpo, for an educational dive into the world of managing your home, workplace and all the devices they contain with the power of machine-based AI and intelligent Bot services for a completely streamlined experience.
With tough new regulations coming to Europe on data privacy in May 2018, Calligo will explain why in reality the effect is global and transforms how you consider critical data. EU GDPR fundamentally rewrites the rules for cloud, Big Data and IoT. In his session at 21st Cloud Expo, Adam Ryan, Vice President and General Manager EMEA at Calligo, will examine the regulations and provide insight on how it affects technology, challenges the established rules and will usher in new levels of diligence...
SYS-CON Events announced today that Calligo has been named “Bronze Sponsor” of SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Calligo is an innovative cloud service provider offering mid-sized companies the highest levels of data privacy. Calligo offers unparalleled application performance guarantees, commercial flexibility and a personalized support service from its globally located cloud platfor...
SYS-CON Events announced today that Calligo, an innovative cloud service provider offering mid-sized companies the highest levels of data privacy and security, has been named "Bronze Sponsor" of SYS-CON's 21st International Cloud Expo ®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Calligo offers unparalleled application performance guarantees, commercial flexibility and a personalised support service from its globally located cloud plat...
What sort of WebRTC based applications can we expect to see over the next year and beyond? One way to predict development trends is to see what sorts of applications startups are building. In his session at @ThingsExpo, Arin Sime, founder of WebRTC.ventures, discussed the current and likely future trends in WebRTC application development based on real requests for custom applications from real customers, as well as other public sources of information.
SYS-CON Events announced today that SkyScale will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. SkyScale is a world-class provider of cloud-based, ultra-fast multi-GPU hardware platforms for lease to customers desiring the fastest performance available as a service anywhere in the world. SkyScale builds, configures, and manages dedicated systems strategically located in maximum-securit...
21st International Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Me...
SYS-CON Events announced today that DXWorldExpo has been named “Global Sponsor” of SYS-CON's 21st International Cloud Expo, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Digital Transformation is the key issue driving the global enterprise IT business. Digital Transformation is most prominent among Global 2000 enterprises and government institutions.
SYS-CON Events announced today that Datera, that offers a radically new data management architecture, has been named "Exhibitor" of SYS-CON's 21st International Cloud Expo ®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Datera is transforming the traditional datacenter model through modern cloud simplicity. The technology industry is at another major inflection point. The rise of mobile, the Internet of Things, data storage and Big...
"With Digital Experience Monitoring what used to be a simple visit to a web page has exploded into app on phones, data from social media feeds, competitive benchmarking - these are all components that are only available because of some type of digital asset," explained Leo Vasiliou, Director of Web Performance Engineering at Catchpoint Systems, in this SYS-CON.tv interview at DevOps Summit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
"Outscale was founded in 2010, is based in France, is a strategic partner to Dassault Systémes and has done quite a bit of work with divisions of Dassault," explained Jackie Funk, Digital Marketing exec at Outscale, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.