I’ve previously written about libfabric. Here’s some highlights:
Today, we’re pleased to announce the next step in our libfabric journey: my team at Cisco (the UCS product team) is contributing an open source plugin to Open MPI that uses the libfabric APIs.
Read More »
Tags: HPC, libfabric, mpi, USNIC
According to the Breach Level Index, between July and September of this year, an average of 23 data records were lost or stolen every second – close to two million records every day.1 This data loss will continue as attackers become increasingly sophisticated in their attacks. Given this stark reality, we can no longer rely on traditional means of threat detection. Technically advanced attackers often leave behind clue-based evidence of their activities, but uncovering them usually involves filtering through mountains of logs and telemetry. The application of big data analytics to this problem has become a necessity.
To help organizations leverage big data in their security strategy, we are announcing the availability of an open source security analytics framework: OpenSOC. The OpenSOC framework helps organizations make big data part of their technical security strategy by providing a platform for the application of anomaly detection and incident forensics to the data loss problem. By integrating numerous elements of the Hadoop ecosystem such as Storm, Kafka, and Elasticsearch, OpenSOC provides a scalable platform incorporating capabilities such as full-packet capture indexing, storage, data enrichment, stream processing, batch processing, real-time search, and telemetry aggregation. It also provides a centralized platform to effectively enable security analysts to rapidly detect and respond to advanced security threats.
The OpenSOC framework provides three key elements for security analytics:
A mechanism to capture, store, and normalize any type of security telemetry at extremely high rates. OpenSOC ingests data and pushes it to various processing units for advanced computation and analytics, providing the necessary context for security protection and the ability for efficient information storage. It provides visibility and the information required for successful investigation, remediation, and forensic work.
Real-time processing and application of enrichments such as threat intelligence, geolocation, and DNS information to collected telemetry. The immediate application of this information to incoming telemetry provides the greater context and situational awareness critical for detailed and timely investigations.
The interface presents alert summaries with threat intelligence and enrichment data specific to an alert on a single page. The advanced search capabilities and full packet-extraction tools are available for investigation without the need to pivot between multiple tools.
During a breach, sensitive customer information and intellectual property is compromised, putting the company’s reputation, resources, and intellectual property at risk. Quickly identifying and resolving the issue is critical, but, traditional approaches to security incident investigation can be time-consuming. An analyst may need to take the following steps:
- Review reports from a Security Incident and Event Manager (SIEM) and run batch queries on other telemetry sources for additional context.
- Research external threat intelligence sources to uncover proactive warnings to potential attacks.
- Research a network forensics tool with full packet capture and historical records in order to determine context.
Apart from having to access several tools and information sets, the act of searching and analyzing the amount of data collected can take minutes to hours using traditional techniques.
When we built OpenSOC, one of our goals was to bring all of these pieces together into a single platform. Analysts can use a single tool to navigate data with narrowed focus instead of wasting precious time trying to make sense of mountains of unstructured data.
No network is created equal. Telemetry sources differ in every organization. The amount of telemetry that must be collected and stored in order to provide enough historical context also depends on the amount of data flowing through the network. Furthermore, relevant threat intelligence differs for each and every individual organization.
As an open source solution, OpenSOC opens the door for any organization to create an incident detection tool specific to their needs. The framework is highly extensible: any organization can customize their incident investigation process. It can be tailored to ingest and view any type of telemetry, whether it is for specialized medical equipment or custom-built point of sale devices. By leveraging Hadoop, OpenSOC also has the foundational building blocks to horizontally scale the amount of data it collects, stores, and analyzes based on the needs of the network. OpenSOC will continually evolve and innovate, vastly improving organizations’ ability to handle security incident response.
We look forward to seeing the OpenSOC framework evolving in the open source community. For more information and to contribute to the OpenSOC community, please visit the community website at http://opensoc.github.io/.
Tags: analytics, Big Data, data loss, detection, OpenSOC
Last night, we kicked off the 10th Cisco Collaboration Summit at the JW Marriott Live in Los Angeles with an awards dinner to honor our partners around the world. Rowan Trollope, Collaboration Technology Group SVP, and I had the privilege of playing masters of ceremonies for the event. Cisco recognized 27 partners for their exemplary performance across 11 categories.
Last night’s fun, excitement, and anticipation was the perfect opening for what’s in store for us over these next few days. Today’s keynotes with John Chambers, Chairman and CEO, Jonathan Rosenberg, VP of the Collaboration Technology Group, Aaron Levie, CEO of Box, and Rowan will reveal amazing new innovations and opportunities that will put collaboration front and center for all of us in 2015. (Be sure to tune into the live streaming event at 1:30 p.m. Pacific or watch the on-demand replay.) You will see that partners are integral to the success of Cisco’s collaboration business. What we achieved this past year, working together, makes it clear we can only reimagine collaboration for our customers by doing it together.
On behalf of Cisco, we thank you for your partnership and applaud you on your success.
Collaboration Summit 2014 Partner Award Winners
Software Superstars: Best job selling software and practice management for WebEx, Cisco Unified Workspace Licensing, Software Support Services, and enterprise agreements Read More »
Tags: collaboration summit, csummit, john chambers, Jonathan Rosenberg, partner, richard mcleod, Rowan Trollope
There’s a pretty great, short post from Business Insider last year that’s been getting re-circulation recently. It’s one-sentence summaries of famous business books like The Innovator’s Dilemma, Good to Great, Outliers, Purple Cow and The Lean Startup.
I particularly liked BI’s short summary Eric Ries’ book The Lean Startup, which is centered around the concept of creating a “minimum viable” product and then iterating on it, fed by with continual customer input and analytics. Here’s the nicely done reductionist summary:
“Rather than work forward from a technology or a complex strategy, work backward from the needs of the customers and build the simplest product possible.”
If you’ve been in tech the last few years – and especially in Silicon Valley – you won’t have escaped the term “Minimum Viable Product” (MVP), and you’ve undoubtedly been immersed in Agile development methodology. But there’s a dilemma in the seductive notion of Lean and MVP when misapplied: We all have seen teams who focus on the alluring idea of minimal without thinking about what will make the product viable from the standpoint of the customer: Across industries, we’ve seen that the “work backward from the needs of the customers” part is easy to miss in the rush to produce efficient code and quick deliverables.
This occasional lack of customer orientation has led to the backlash observation that “Agile doesn’t have a brain,” meaning it’s very good a producing efficiently, but not guaranteed to produce the right end products in the eyes of customers. We in tech have all seen this happen, and it’s vexing because it’s against the core principles of Agile to produce un-useful end deliverables.
Enter author Jeff Gothelf, an ardent evangelist for Lean and MVP thinking. Jeff is author of the excellent book Lean UX, and recently wrote about this “Agile doesn’t have a brain” topic in a really interesting post on the subject.
Jeff is working with us on some upcoming talks and a workshop, and in addition to what he says in the post above, brings some good advice for including design and customer thinking to the MVP debate:
- Work “Lean” on projects, and focus relentlessly on the customer in your process and measures
- Focus on user-driven metrics to understand how you’re doing
- Make sure designers and other key non-coding disciplines are in your agile sprints — they will add efficiency and dimension, helping to make sure the “right things” are being produced
- Think “team,” not “roles” within the sprints (at Cisco, we even do this in Marketing sprints).
- Most important: Transform from a culture of delivery to a culture of learning, where you are constantly tuning and improving based on end objectives and customer needs.
If you’re new to ideas of incorporating the customer-oriented design into MVP and Lean, I recommend Jeff’s book Lean UX. And, as a bonus, there’s a great video overview he recently gave at Google on some of these topics.
Tags: lean, user experience
Cisco is pleased to announce the intention to support the Intel MPI Library™ with usNIC on the UCS server and Nexus switches product lines over the ultra low latency Ethernet and routable IP transports, at both 10GE and 40GE speeds.
usNIC will be enabled by a simple library plugin to the uDAPL framework included in enterprise Linux distributions. The Intel MPI Library can utilize the usNIC uDAPL library plugin without any modifications to existing MPI applications.
Read More »
Tags: HPC, mpi, USNIC