Self-driving Datacenter: Analytics

Similar documents
Cisco Tetration Analytics Demo. Ing. Guenter Herold Area Manager Datacenter Cisco Austria GmbH

Cisco Tetration Analytics

Cisco Tetration Analytics

Cisco Tetration Analytics + Demo. Ing. Guenter Herold Area Manager Datacenter Cisco Austria GmbH

PSOACI Tetration Overview. Mike Herbert

Title DC Automation: It s a MARVEL!

Tetration Analytics - Network Analytics & Machine Learning Enhancing Data Center Security and Operations

Cisco Tetration Analytics

The Why, What, and How of Cisco Tetration

Architectural overview Turbonomic accesses Cisco Tetration Analytics data through Representational State Transfer (REST) APIs. It uses telemetry data

Cisco Tetration Platform

Cisco Tetration Platform

Tetration Hands-on Lab from Deployment to Operations Support

2018 Cisco and/or its affiliates. All rights reserved.

Modelos de Negócio na Era das Clouds. André Rodrigues, Cloud Systems Engineer

Technologies for the future of Network Insight and Automation

Cisco Tetration Platform: Network Performance Monitoring and Diagnostics

主題 :Cisco Data Tetration Solution - 思科大數據維運解決方案 公司名稱 :Cisco Systems

Solution Overview Cisco Tetration Analytics and AlgoSec: Business Application Connectivity Visibility, Policy Enforcement, and Business-Based Risk and

Cisco Tetration Application Segmentation

Cisco IT Tetration Deployment, Part 1 of 2

Build application-centric data centers to meet modern business user needs

Storage Networking Strategy for the Next Five Years

Cisco Cloud Strategy. Uwe Müller. Leader PreSales Cloud & Datacenter Germany

Exploring Cloud Security, Operational Visibility & Elastic Datacenters. Kiran Mohandas Consulting Engineer

Cisco SDN 解决方案 ACI 的基本概念

Cisco Tetration Analytics, Release , Release Notes

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

Module Day Topic. 1 Definition of Cloud Computing and its Basics

Getting Started with AWS Security

Data Center and Cloud Automation

The Intent based Data Center. Kim In-Sook Manager, ASEAN Data Center Architect Team Jan 11, 2018

Modernize Your IT with FlexPod. NetApp & Schneider Electric

Network Visibility and Segmentation

DevOps CICD PopUp. Software Defined Application Delivery Fabric. Frey Khademi. Systems Engineering DACH. Avi Networks

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

CISCO CLOUD. Multi Cloud Management Multi Cloud Reference Architecture Multi Cloud Capability Map CiscoCloud CiscoCloud v Competition

Best Practices in Securing a Multicloud World

A10 HARMONY CONTROLLER

SYMANTEC DATA CENTER SECURITY

Intelligent Edge Protection

NFV Infrastructure for Media Data Center Applications

DC: Le Converged Infrastructure per Software Defined e Cloud Cisco NetApp - Softway. Luigi MARCOCCHIA SOFTWAY

Popular SIEM vs aisiem

Pasiruoškite ateičiai: modernus duomenų centras. Laurynas Dovydaitis Microsoft Azure MVP

2018 Cisco and/or its affiliates. All rights reserved. Cisco Public

SECURING THE MULTICLOUD

Video-Aware Networking: Automating Networks and Applications to Simplify the Future of Video

Exam C Foundations of IBM Cloud Reference Architecture V5

Evolution of the Data Center

Cisco Cloud Application Centric Infrastructure

Solution Overview Gigamon Visibility Platform for AWS

Microsoft Security Management

The Next Opportunity in the Data Centre

CHARTING THE FUTURE OF SOFTWARE DEFINED NETWORKING

Cisco ONE Enterprise Cloud Suite

Cisco SAN Analytics and SAN Telemetry Streaming

Cisco CloudCenter Solution with Cisco ACI: Common Use Cases

Cisco Application Centric Infrastructure

Cisco Unified Data Center Strategy

Achieving Digital Transformation: FOUR MUST-HAVES FOR A MODERN VIRTUALIZATION PLATFORM WHITE PAPER

Cisco Application Centric Infrastructure

Cisco Enterprise Cloud Suite Overview Cisco and/or its affiliates. All rights reserved.

Leveraging Software-Defined Storage to Meet Today and Tomorrow s Infrastructure Demands

Qualys Cloud Platform

Cisco Cloud Architecture with Microsoft Cloud Platform Peter Lackey Technical Solutions Architect PSOSPG-1002

Optimizing Pulse Secure Access Suite with Pulse Secure Virtual Application Delivery Controller solution

Capgemini Dynamic Services

Accelerate your Software Delivery Lifecycle with IBM Development and Test Environment Services

Fujitsu World Tour 2018

The threat landscape is constantly

SAP and SAP HANA on VMware

Fast IT - Policy Driven Infrastructure for the Intercloud World

Cisco Virtual Networking Solution for OpenStack

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Windows Azure Services - At Different Levels

Cisco Container Platform

Modern Data Warehouse The New Approach to Azure BI

BUILDING AN ON-PREM APPLICATION-AWARE CLOUD

NTT Com Press Conference March 1, 2016 #enterprisecloud

RA-GRS, 130 replication support, ZRS, 130

Adobe Digital Marketing s IT Transformation with OpenStack

Delivering Intent for Data Center Networking

ENTERPRISE-GRADE MANAGEMENT FOR OPENSTACK WITH RED HAT CLOUDFORMS

Intelligent WAN: Leveraging the Internet Secure WAN Transport and Internet Access

SIEM Product Comparison

Introducing Cisco Network Assurance Engine

Cisco Application Centric Infrastructure (ACI) Simulator

DevNet Technical Breakout: Introduction to ACI Programming and APIs.

BUILDING the VIRtUAL enterprise

Secure Access - Update

Stop Cyber Threats With Adaptive Micro-Segmentation. Chris Westphal Head Of Product Marketing

70-532: Developing Microsoft Azure Solutions

Docker Universal Control Plane Deploy and Manage On-Premises, Your Dockerized Distributed Applications

Merging Enterprise Applications with Docker* Container Technology

Developing Microsoft Azure Solutions (70-532) Syllabus

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

The Emerging Role of a CDN in Facilitating Secure Cloud Deployments

Evolution of Data Center Security Automated Security for Today s Dynamic Data Centers

VxRail: Level Up with New Capabilities and Powers GLOBAL SPONSORS

Transcription:

Self-driving Datacenter: Analytics George Boulescu Consulting Systems Engineer 19/10/2016

Alvin Toffler is a former associate editor of Fortune magazine, known for his works discussing the digital revolution, communication revolution, and technological singularity

Define Security The conscious or unconscious acceptance of a risk in relation of the probability of this becoming to be reality in a delta Time

Datacenter Evolution

Datacenter Evolution

We Are at the Cusp of a Major Shift TRADITIONAL DATA CENTRE CLOUD DATA CENTRE HYBRID CLOUDS Adoption Curve We are here Efficiency AUTOMATION IT as a Service IaaS PaaS SaaS XaaS Flexible Consumption Models CONSOLIDATION VIRTUALISATION EFFICIENCY SIMPLICITY SPEED DIGITAL EXPERIENCES 2000 2010 2015 The Next 5+ Years 6

Modern data centers are getting increasingly complex Big and fast data Hybrid cloud Rapid app deployment Increase in east-west traffic Expanded attack surface Open source Zero trust model Multi cloud orchestration Application portability Continuous development Application mobility Micro services

What if you could actually look at every data packet header that has ever traversed the network without sampling? 8

ACI Architecture Analytics POLICY ACI Intent (May) Traffic Analysis Lots of Data Configuration Analysis Very Large State- Space Analytics (Did) ADM Security Forensics Guarantees Compliance Consistency Assurance (Can) 9

Tetration Analytics Platform Every Packet, Every Flow, Every Speed Network Pervasive Policy Visibility Cisco Tetration Analytics and Forensics Compliance Application Insight 10

Cisco Tetration Analytics Application Policy Automated Forensics: Policy Insights Simulation Whitelist Policy Every Packet, Compliance and Impact Generation Every Flow, and Assessment Every Speed Auditability 11

Cisco Tetration Analytics Pervasive Sensor Framework Provides correlation of data sources across entire application infrastructure Enables identification of point events and provides insight into overall systems behavior Monitors end-to-end lifecycle of application connectivity 12

Application Discovery and Endpoint Grouping BM BM Bare-metal,, & switch telemetry BM Cisco Nexus 9000 Series Network-only sensors, host-only sensors, or both (preferred) BM BM Brownfield Bare-metal & telemetry Cisco Tetration Analytics Platform BM BM Bare metal and BM BM BM On-premises and cloud workloads (AWS) telemetry (AMI ) Unsupervised machine learning Behavior analysis BM BM 13

Whitelist Policy Recommendation Application Discovery WebTie r AppTier DB Tier Storage Storage Whitelist Policy Recommendation (Available in JSON, XML, and YAML) Policy Enforcement (Future Roadmap) 14

Real-Time and Historical Policy Simulation BM BM BM Cisco Tetration Analytics Platform Validating policy impact assessment in real time Simulating policy changes over historic traffic View traffic outliers for quick intelligence Audit becomes a function of continuous machine learning 15

Policy Compliance BM BM Cisco Tetration BM BM Analytics Platform Identify policy deviations in real-time Review and update whitelist policy with one click Policy lifecycle management 16

Tetration Analytics Servers Network flows Buffer Stats Application Dependency Application Performance Automation & Compliance Enforcement Infrastructure Behavioral Anomalies Ecosystem Partners Process User Compute Application Insights Policy Forensics Network Tetration Analytics Engine PB Scale Secure Appliance 17

Tetration Analytics Architecture Overview Data Collection Analytics Engine Visualization and Reporting Host Sensors Tetration Telemetry Web GUI Network Sensors Cisco Nexus 92160YC-X Cisco Nexus 93180YC-EX Cisco Tetration Analytics Platform REST API 3rd-Party Metadata Sources Configuration Data Push Events 18

Pervasive Sensors Host Sensors NW Sensors 3 rd Party Linux Windows Server Bare Metal (Linux and Windows Server) Hypervisors Containers Nexus 9200-X Nexus 9300-EX Geo Whois IP Watch Lists Load Balancers Available at FCS Next Generation 9K switches Future releases 3rd party Data Sources ü Low CPU Overhead (SLA enforced) ü Highly Secure (Code Signed, Authenticated) ü Low Network Overhead (SLA enforced) ü Every flow (No sampling), NO PAYLOAD 19

Traditional Monitoring Is Showing Its Age Not suited for Modern Network and Security Operations Where Data Is Created Where Data Is Useful SNMP SNMP Server Non Real time Syslog CLI Syslog Collector Scripts Storage & Analysis Strong burden on backend Normalize different encodings, transports, data models, timestamps 20

Streaming Telemetry is a game changer Monitoring becomes a big data problem Where Data Is Created Where Data Is Useful Removing limitations and complexity Real time Streaming paradigm Dense Sensor Framework Increased Data Granularity Update on every event Multiple Data Sources Volume Scale of Data Velocity Analysis of Streaming Data Variety Different Forms of Data Big Data and Machine Learning Problem 21

Why Multiple Sensors? Example monitoring temperature in a room Lamp Sensor Plug Sensor Heater 22

Tetration Sensors Locations 9732C-EX LC Hardware Sensor Packet and Flow Events Buffer and Switch State Software Sensor Processes & Socket Packet and Flow Events 92160CY-X 93180Y-EX HYPERVISOR HYPERVISOR HYPERVISOR Tetration Cluster 23

Hardware Sensor Embedded Module (Flow Cache) Nexus 92160CY-X Nexus 93180Y-EX & 9732C-EX Line Cards Extracts Meta-Data from the forwarding pipeline No latency impact, no performance impact Flow Cache PRX LUA LUB LUC 24

Software Sensor Not in the data path Sits in User Space Designed by Kernel Developers Secure Code Signed SLA Enforcement CPU and BW throttling FCS availability Windows 2008 / 2008 R2 / 2012 / 2012 R2 Linux RedHat (5.3+, 6.x) CentOS (5.11+, 6.x) Ubuntu (12.04, 14.04, 14.10) Tetration Sensor libpcap Application Network Stack Driver NIC 25

Methods to deploy the sensor 26

Coming soon to a GitHub near you github.com/datacenter 27

Tetration Analytics Architecture Overview Data Collection Analytics Engine Visualization and Reporting Host Sensors Tetration Telemetry Web GUI Network Sensors Cisco Nexus 92160YC-X Cisco Nexus 93180YC-EX Cisco Tetration Analytics Platform REST API 3rd-Party Metadata Sources Configuration Data Push Events 28

The Analytics Cluster Components Front End Compute (Data Cleaning and Hadoop Based Platform Self managed One touch deployment Analytics) Caching (Search) Tiered System Heavy Compute for Machine Learning Caching for light speed queries Extensibility (future) Long Term Storage Messaging Bus API Access (Data Lake) 29

The Analytics Cluster Appliance The Analytics Cluster operates as an appliance Avoids the need for in house Big Data, Analytics expertise Supported by Cisco TAC Self Monitoring The cluster leverages a sensor architecture to track it s state and provides event based notifications for Software upgrades and full install are all automated 30

FCS Analytics Cluster Configurations 4 x 3-Phase PDU 22.5 KW Peak Power 4 x 1-Phase PDU 11.5 KW Peak Power 31

Options for Future Cluster Models 32

Analytics Engine The Platform Front End Compute (Data Cleaning and Hadoop Based Platform Self managed One touch deployment Analytics) Caching (Search) Tiered System Heavy Compute for Machine Learning Caching for light speed queries Extensibility (future) Long Term Storage Messaging Bus API Access (Data Lake) 33

Front End GUI, RESTful API, Messaging BUS Servers hosting front end processes GUI and Operational Interfaces RESTful API (post FCS) Messaging BUS (post FCS) 34

ACI Architecture ACI Intent (May) Traffic Analysis Lots of Data Configuration Analysis Very Large State- Space Analytics (Did) ADM Security Forensics Guarantees Compliance Consistency Assurance (Can) 35

Summary Pervasive flow Ready-to-use Self-monitoring and Open platform and Accelerated telemetry that solution to address eliminate the need northbound APIs adoption and supports critical data center for enable transparent comprehensive infrastructure for operational in-house big data integration Solution multiple data use cases expertise support with centers at scale Services 36

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback