Our first SecureDC twitter chat created some great industry dialog around security for Software Defined Networks (SDN) as well as using SDN to improve security. SDN is going through a similar hype cycle as seen with cloud and we feel that it’s important to focus more on education now and broader collaboration, so that users can benefit from the tremendous potential SDN holds.
More Education, Less Buzz
We kicked off our conversation by asking what are the most pressing issues around SDN were. @Joltsik, Principal analyst at Enterprise Strategy Group, felt that users are confused with so much buzz, yet there’s little in the way of education.
@Raj_Samani, Chief Innovation Office at the Cloud Security Alliance and CTO at McAfee, went one step further indicating that greater transparency is also needed. However, @Jgreene3rd, Technical Lead for Data Center Security Technologies at Intel, noted that the upside of buzz is that it drives greater demand for availability, which in turn fuels education.
SDN and Improving Security
@KenSBeck, Principal Engineer at the Cisco Security Technology Group Office of the CTO, led an interesting discussion on how APIs for programming the network at network speed will allow security intelligence to be much more dynamic and eventually part of the network itself. @shl_eax_1, Technical Lead Engineer at Cisco Security Technology Group Office of the CTO, further noted how global visibility of the network hastens the speed with which security issues get resolved.
@fsmontenegro elaborated on how SDN security can enable more intelligent, granular and efficient response, and that SDN improves security by adding policy exceptions at the network layer with redirect flow. @vernonxt, SVP for ICT Research at IDC, honed in on SDN enabling better policy management. @AndiMann, Vice President at CA Technologies, speculated with automation enabling embedded policy and preventing random changes, shouldn’t SDN be able to do the same.
SDN Impact on Regulatory Compliance
@alokmittal65, Chief of Staff for the Cisco Security Technology Group Office of the CTO, stressed the need for auditing, logging and monitoring of policy change events.
@Raj_Samani also noted that with greater proliferation of devices, the ability to achieve greater attestation on the endpoint becomes more challenging. @KenSBeck drew attention to leveraging network awareness of user, geo location, and device as contextual elements that can make attestations much more meaningful.
@KenSBeck, our host from the Office of the CTO at Cisco, closed with words of advice and a hint of what is in store.
Keep the dialog going! Follow us on @Secdatacenter #SecureDC and join the conversation on LinkedIn Secure Datacenter Trends. For additional SDN resources, be sure to register today for our SDN Learning Seminars.
Tags: Cisco, data center, SDN, security
Detours is a library offered by Microsoft Research for interception of functions on x86 and x64 platforms. It is sold for commercial use to various vendors that build products ranging from security to gaming applications.
Detours is often injected into most or all of the processes, either system-wide or in the context of the logged in user. The most common way this is done is through the AppInit_Dlls registry value. Because the injection is typically applied to a large number of processes running under various permissions, extra care must be taken to ensure the library and its usage are very carefully reviewed by engineers with a strong understanding of the implications of such wide hooking.
We have used this library in our own security products at Cisco (both CSA and AnyConnect) to provide certain security functions on the system. During one of our research projects earlier this year, we noticed a peculiar pattern on Windows systems where processes we were hooking had a change in the in-memory permissions, which marked the headers of the modules from the normal READ/EXECUTE to now include WRITE as well.
This was quite alarming to us, because a dll should not be writeable when loaded into memory. What was interesting, and led to clues of what might be the cause, was that it was only the dlls that had functions we were actively trying to hook. They were the common Win32 dlls that one would typically intercept methods for, such as Kernel32.dll.
Read More »
Tags: DLLs, Dynamic Link Libraries, Microsoft, security, third party software
It’s a beautiful thing when you can hijack four not-quite random people off the VMworld show floor and get them to tackle a discussion on desktop virtualization. And that’s exactly what we did a couple weeks back, when the opportunity presented itself. With Courtney Burry (VMware), Mike Brennan (Cisco), Dave Kinsman (WWT) and myself on hand, we did a sort of VDI blogger “round-up”. You should check out the video below, but a quick recap as follows:
- Courtney discussed some of the latest improvements in Horizon View that improve desktop TCO by optimizing storage footprint through technologies like SE sparse (or Space Efficient Sparse) which provides the ability to reclaim blocks of storage that are unused or deleted by the guest file system.
- I also shared some thoughts on our joint solution with VMware that’s expanding the number of use cases addressable by VDI, through our support of hardware-accelerated 3D Graphics with nVidia as part of our C-Series rack server solution, as well as the improving economics of 1:1 persistent desktop images using the latest generation of flash-based partner technologies we support through our VDI storage ecosystem.
- Mike discussed how we’re offering a more consolidated management approach with VMware through things like integration within vCenter which includes a snap-in for UCS, allowing administrators to see our UCS infrastructure inside the vCenter web client as well as open API’s that introduce more opportunities for automation, which combined with combine with UCS Manager and our automation tools, can help our customers provision desktops from bare metal, much faster.
- And to help round-out the round-up, we snagged Dave Kinsman from WWT, to give us his feedback on how he sees all of this coming together, both for channel partners like WWT, and they customers they serve.
Tags: desktop virtualization, UCS, vdi, VMware
Image credit: imediaconnection.com
In an earlier blog, I discussed the incredible success behind the Cisco Unified Computing System (UCS) in Darwinian evolutionary terms. Since I wrote that blog three months ago, we’ve continued to grow rapidly and have strengthened our position as the #2 blade server player worldwide from 19.3% to 21.5% revenue share (per IDC 2CQ2013 server market tracker, September 2013), with 33.9% revenue share in the US.
Prediction – The #1 spot is well within our reach sooner than you may think.
As we grow our installed base with roughly 1,000 new customers every month, our conversations about the future of UCS have taken an interesting turn. Until now in what I’ll call the “UCS 1.0” phase, Cisco focused on virtualization and private cloud as the dominant use cases that were top-of-mind for industry CIOs and we struck a resonant chord based on our growth – just look at our numbers.
We were market makers with expanded-memory 2-socket Intel EX blades (remember the B230’s?), which were gobbled up like candy into large-scale VDI deployments much to the surprise of the industry. We also jump-started a very attractive RISC-to-x86 migration practice, including Cisco IT’s own production environment: a 40TB mission-critical database that ran on HP Superdomes – a “circle of life” moment for me since Superdome was my program from 1999-2003.
We’ll continue leading in customer value for our original design centers, but we are now focusing on market expansion with what we call “UCS 2.0”, expanding into data-intensive, mission critical, analytics and service provider cloud environments with an increased level of R&D funding and strong corporate support from our top executives.
Prediction – You’ll see us more focused on architectural solutions for key industry vertical markets with tuned solution environments that leverage Cisco’s wide portfolio and that of our partners.
One such act of support is the announcement today of our intent to acquire WHIPTAIL, a leading solid-state systems company that boasts the highest scalability in performance and capacity of any scale-out flash vendor on the market today. WHIPTAIL systems span from single-node entry products to 30-node behemoths that drive almost 400TB’s of flash, 40GB/sec of bandwidth and 4 million random R/W IOPS – for starters.
Prediction: Cisco will unseat Infiniband with low-latency Ethernet fabrics. Check out our USNIC technology for starters…
In our customer interactions it became very clear they view application acceleration using persistent solid-state memory as a use case that belongs in the server tier, not the storage tier.
In an application-centric world, we started thinking not about server vs. storage infrastructure, but how applications viewed data – hot “important right now” data, warm “may be of interest data” and cold “let’s keep it around for background mining or compliance” data.
We arrived at the conclusion that UCS needed to be best-in-class at accelerating hot data layers. Hot data is closest to applications and therefore has high affinity for the server tier. Hence WHIPTAIL.
Assertion: Flash is a “boundary technology” that can be viewed as part of the memory or storage hierarchy. With respect to storage it’s faster and more expensive per GB. With respect to DRAM memory it’s slower but cheaper per GB. It therefore allows cost/performance arbitrage for applications by applying an accelerated persistent data model that can save on DRAM and de-complicate underlying permanent backing stores.
WHIPTAIL is a great fit with the fabric computing UCS architecture and also complementary to our C-Series rack mount servers and our SingleConnect capability in our UCS Manager that allows mixed-density blade/rack deployments to be managed from a common pane of glass.
Our intent is to fully integrate UCS computing and WHIPTAIL solid-state technologies over a Nexus fabric to create scalable persistent memory systems. That’s our vision.
Why? Because customers will be able to do things they could not before. Such as loading vast amounts of data in seconds and minutes, not hours or days – or -- shrinking their performance footprint to a rack vs. 30 racks – or -- accelerating Hadoop on all solid-state infrastructure – or -- extending in-memory analytics to a scale previously not thought possible. That’s why.
As converged infrastructure advances as an ensemble computing architecture, boundary technologies like solid-state memory can be viewed as part of the memory or the storage hierarchy. Cisco’s point of view is to make it part of the memory hierarchy in the compute tier. That allows customers the best of both worlds – performance acceleration for applications while retaining their investment in permanent backing stores and simplifying their overall data center total cost of ownership (TCO).
To close on a Darwinian note, if UCS existed in the Cretaceous Period it would have been a Velociraptor (meaning ‘swift seizer’)– sleek, fast and ferocious – eating everything in its path. Velociraptors are believed to have hunted in packs, which is great considering the strong partner ecosystem that Cisco and UCS have built with industry leaders like EMC, NetApp and VCE as shining examples. We are committed to maintaining and expanding our hunting pack – more on that later!
if Cisco UCS existed in the Cretaceous Period it would have been a Velociraptor. Image credit: dark.pozadia.org
Tags: acquisition, Big Data, Cisco, Internet of Everything, Paul Perez, UCS, unified computing system, WHIPTAIL
The Internet of Everything is delivering profound changes to the world. By 2017 there will be more than 19 billion networked devices globally – bringing a deluge of data on today’s IT environments. Against this backdrop, we are witnessing a move from the Web Economy of the early 2000s to the App Economy of today, and with this transformation, data center architectures are evolving from the Web 2.0 tiered architectures of the past to the Application-Centric Infrastructure of tomorrow. As the importance of the application grows, so does the need for high performance systems to be optimized to support emerging and business critical workloads.
Cisco is evolving UCS to keep pace with the changes brought about by the Internet of Everything and the App Economy. Today, Cisco is announcing its intent to acquire WHIPTAIL. Based in Whippany, New Jersey, WHIPTAIL builds the highest performing and most scalable solid-state memory systems available today. Scalable from one node to up to 30 nodes, WHIPTAIL systems can deliver over four million IOPS and 360 Terabytes of raw capacity – a truly staggering amount of solid-state performance capable of providing the workload optimization required in the App Economy.
By making this acquisition, Cisco is enhancing the Unified Computing System (UCS) by bringing solid-state memory acceleration into the compute tier as a managed subsystem. WHIPTAIL is a perfect architectural fit for UCS because together the two combine a clustered architecture with fabric-based acceleration – all of which is automatable via the UCS Manager and UCS Director. The end result is to deliver optimized performance on top of UCS for emerging and business critical applications, such as virtualized, Big Data, database, High Performance Computing and transcoding workloads.
Since its introduction in 2009, Cisco UCS has grown to become the leading fabric computing system and the number two x86 blade server platform worldwide. By converging compute onto the fabric through what is widely recognized as a truly innovative server architecture, UCS has been able to capture 73 world record application performance benchmarks and achieve one of the highest growth rates of any product platform in history. And by bringing solid-state performance into the compute tier, WHIPTAIL speeds a natural evolution of the fabric computing domain and drastically improves performance for customers’ current business-critical application environments.
We couldn’t be more excited about the opportunity to continue driving UCS leadership with the addition of WHIPTAIL. Stay tuned for more details in the weeks and months to come. And welcome WHIPTAIL!