Year: 2017

July 25, 2017 1 Comment
Avatar

Function-as-a-Service 101: What is it?

My favorite part about making a living in the tech industry is that there is always something new to learn.  When Amazon Web Services launched in 2006 it slowly began to change they way that people thought about compute infrastructure and software architectures.  But what is the next technology on the horizon that is positioned to do the same?

Whether you call it Funtion-as-a-Service (FaaS) or Serverless — and I’ll explain the difference between those two terms in a moment — this new technology has a chance at forming the basis of the next round of innovation.  But what is it and what makes it different?  Who are all the players involved?  For answers to those questions, you’ll have to keep reading.

FaaS vs Serverless: What It Is and Why It’s Different

This is a new enough techonology that you won’t even get a standard answer for what to call it, but when I attended Serverless Conf back in April most people agreed that “Serverless” refers to the application architecture because a software developer is free from thinking of the operations typically associated with servers.  In a way, though, it’s a terrible term because there are indeed physical servers in the stack that somebody (typically a public cloud provider) has to attend to, it’s just not the developer who has to think about it any more.

Contrast that with “Function-as-a-Service”, or FaaS, which refers to the runtime on top of which a serverless architecture is built.

The best way to understand the difference is with a history lesson.  For 30 years, as an industry we’ve been pushing to try to shrink the amount of time it takes to provision a unit of compute.

Back in the early 1990s when my career started, we only had physical servers available to us and we had to treat them as a scarce resource because to get a new one took months.  In the late 1990s and early 2000s, virtualization changed that thinking.  Although originally invented to get better utilization out of existing physical hardware, it took minutes to create a new virtual machine (VM).  That lead to horizontal autoscaling and blue/green deployments that weren’t feasible.  The underlying innovation there was the hypervisor, which made virtualization possible.

Currently containers are the rage.  Using a different resource separation technique than hypervisors, container engines like Docker can spin up units of compute in seconds.  This has led to the microservices revolution we see that has sped the turnaround time of new functionality tremendously.

FaaS is essentially an evolution of containers.  Imagine having a dozen containers already spun up and with common language runtimes already installed on them like Python, Java, or NodeJS but without specific pieces of code to execute within those runtimes.  When an event occurs such as writing a file to a file system or an API call, the FaaS engine loads the code into the pre-warmed language container, executes the code, and shuts down the container.  There are scenarios where that container with code in it stays active so that it can more quickly respond to the next instance of a particular event, but those are the basics of how a FaaS runtime operates.

This scheme is very much like just-in-time manufacturing, but for container language environments.  When no event is firing a particular piece of code (called a function), that code sits on disk and doesn’t clutter memory.  The application architecture, then, becomes a set of functions that responds to a series of events which might chain upon one another.  Function A responds to an API call and writes a field to a database.  Function B responds to the field being written to the database and takes some other action.

So, FaaS is akin to the hypervisor or Docker engine in earlier technology waves and Serverless application architectures take advantage of FaaS the same way that VMs and containers did their underlying technologies.

In a future article, I’ll cover some common application design patterns that take advantage of this model, but the ability to load a function in a few milliseconds has a major impact on the way applications get assembled.

Players and Timelines

This is a young market but it has some familiar players:

AWS invented this concept with their Lambda offering back in December of 2014 and they had the market to themselves for quite a while.  Then Azure, IBM, and Google all announced competitors in CY Q1 ’16.  Shortly after that, we started to see the first tooling vendor in this space emerge, the Serverless Framework, which offers command line tools that makes it easier for developers to create, test, and deploy functions.

Last November/December saw Azure and IBM go into GA releases and IBM choose to contribute their OpenWhisk offering to the Apache Foundation as an incubator project.  Google followed along with their own beta status this past March and the team at the Serverless Framwork now offers support for all four platforms.

Next Time

Next time in this space, I’ll cover some common application architectures that take advantage of FaaS runtimes and the very loosely coupled events that bind the pieces together. This promises to be an exciting space to keep an eye on and, as we will see, might be the next disruptive technology for all kinds of uses.

Authors

Avatar

Pete Johnson

Principal Architect

Global Partner Organization

Leave a Comment
Avatar

#CiscoChat August 8th — Impact of Containers on IT Subject Matter Experts

Improved productivity, enhanced operational efficiency, extra flexibility … how can you push your IT organization in the direction you want it to go? Start by thinking inside the box — with containers. You may already be familiar with some of the basics of containers, but as they continue to climb in prominence, now is the time to take a closer look. How can IT teams benefit from containers, and what specific steps are needed to make the move to a virtualized approach? To discover the answers, drop in on our next #CiscoChat, Tuesday, August 8th, at 10 a.m. PST.

The chat will feature Cisco Distinguished Systems Engineers Bill Dufresne (@cscobill) and David Jansen (@ccie5952), who will talk technical details and help answer your container questions. By joining the chat, you’ll learn about the impact of containers on IT storage and network operation models, investigate the implementation of group-based policy with containers, see how security is supported, and so much more.

To participate in the chat:

  •  Make sure you’re logged into your Twitter account.
  • Search for the #CiscoChat hashtag and click on the Latest tab.
  • Follow the moderator’s account to participate. The Twitter chat will be moderated by @CiscoCloud who will begin welcoming guests at 10 a.m. PST (1 p.m. EST) and posting questions for discussion.
  • If you need multiple tweets to answer a question, preface each tweet with “1A,” “2A,” etc. in order to make it easier for others to follow along with the conversation.
  • Be sure to use the #CiscoChat hashtag at the end of each tweet, so that others can find your contributions to the discussion.

Have questions for the group? Ask away during the #CiscoChat. We look forward to talking with you!

 

Authors

Avatar

Jamie Shoup

No Longer With Cisco

July 24, 2017 Leave a Comment
Avatar

Vulnerability Spotlight: FreeRDP Multiple Vulnerabilities

Talos has discovered multiple vulnerabilities in the FreeRDP product. FreeRDP is a free implementation of the Remote Desktop Protocol (RDP) originally developed by Microsoft. RDP allows users to connect remotely to systems so they can be operated from afar. The open source nature of the FreeRDP library means that it is integrated into many commercial remote desktop protocol applications.

Read More >>

Authors

Avatar

Talos Group

Talos Security Intelligence & Research Group

3 Comments
Avatar

6 key lessons for innovation in healthcare

The big challenge in healthcare is how do we evolve more effectively, how can we respond to the rapidly escalating challenges of demand, complexity, equity and cost.  This is not so much a search for a single solution, but rather the development of a process, as each organisation, region and country needs to have healthcare reflect its unique economic and cultural characteristics.  We know that at the epicentre of this search is the opportunity to grab hold of, and leverage, the rapidly expanding information resources that are emerging from the digital transformation of our healthcare system.  This requires a significant change from the past phases of the evolution of health, one that grasps the opportunity for fundamental, information enabled, process change.  The engine that drives this transformation is innovation.

Understanding how to apply the well-developed innovation tools and techniques to the opportunity of information technology fueled process change in healthcare, has been the focus of a four-year program of international study tours led by Cisco.  This year the program took a group of Australian Healthcare CXOs to visit of some the leading healthcare innovation facilities in the US.  The tour met with innovation leaders at:

  • Massachusetts General Healthcare Transformation Lab
  • Pulse@MassChallenge
  • MIT Hacking Health
  • IHI, Johns Hopkins (Selby Innovation Hub and Technology Innovation Centre)
  • UNC

Each of these organisations has been highly successful in delivering on their innovation objectives, although each taking very different paths, reflective of the needs of the organisations that they support.

There were 6 key lessons that we drew from this experience.

ENTER

LESSON 1

It’s about healthcare first…understanding the objective:

Whilst the commercial realities around funding, risk, and return need to be considered it must always be in the context that the primary goal is improving healthcare.

LESSON 2

The importance of motivation…creating healthcare’s innovation model from within:

The participants in healthcare often have strong social motivations and ensuring that these are recognised and supported is an important part of a successful healthcare innovation process.

LESSON 3

(Actual) necessity is the mother of invention…finding the problem:

Innovation is often driven out of systems in stress with strong motivators for change. So, processes which seek out the real pain points with a health care system allow innovation resources to be focused where they will be most successful.

LESSON 4

Systems, perspectives and the picture of the whole…leveraging multiple perspectives and disciplines:

Healthcare is complex and ideas are often found at the intersection between both clinical and operational domains. Successful innovation is supported by bringing together diverse communities across the healthcare space and focusing them on a common need.

LESSON 5

Starting from where we are…but with vision and process:

Innovation does not just happen. To be successful it needs to be formed and constantly curated.  Organisations need explicit innovation plans and processes that cultivate expressive ideation and capture those opportunities in a way the can generate productive outcomes

LESSON 6

Smoothing the stilted marriage of technology and process innovation:

Healthcare has an extensive background in the application of sophisticated process change techniques, such as Lean and 6 Sigma to drive care improvement. However, these clinical communities are often poorly coupled with technology innovation and can have difficulty in leveraging an information technology enabled future.

Check out the full report to understand the details within each of these lessons and engage further in the health Innovation community through the Cisco Agile Hospital Website.

Authors

Avatar

Brendan Lovelock

Health Practice Lead

Cisco Australia

4 Comments
Avatar

Industrie 4.0 in Action at Viva Technology Paris 2017

[Editor’s note:  One of the most exciting things about Industrial IoT and smart manufacturing are innovations happening all around the globe.  The blog below is from our Cisco France colleague, Talyana Cunningham]

Viva Technology 2017, which took place last month in Paris, aims to be on the scale of  a mega- tradeshow like the Consumer Electronics Show (CES). And it’s on track: there were 68 000 visitors, 6000 start-ups, 50 exhibitors countries, 150 journalists and 1400 investors this year.

Among the 250 sessions about technology and innovation, John Chambers, Cisco Executive Chairman, went on stage to inspire entrepreneurs and startups. He confirmed what he said last year: for him, “France is the next big thing”.

Emmanuel Macron, the new French President, is exactly in the same mindset: he wants France to be the most innovative country in Europe.  After the Viva Technology show, they both discussed the strong partnership they have built together, particularly in the industrial space.

Industrie 4.0 : one of the top priorities for France

In 2013, the digitization of the French industry was lagging, compared to the other countries in Europe. That’s why Emmanuel Macron, who was then Minister of Economy, Industry and Digital, pushed for the “Industrie du futur” project. This project has five pillars:

  1. Develop the technological offer for Industrie 4.0, helping technological companies develop themselves and their products.
  2. Help companies move towards Industrie 4.0, providing a tax assistance for each technological investment.
  3. Train employees by building partnerships with IT and Engineering Schools.
  4. Promote the French Industrie 4.0 by certifying showcase companies and creating a huge event like Hannover Messe,
  5. Reinforce European standard cooperation especially by building a partnership with the German “Industrie 4.0” platform.

2.3 billion euros were dedicated by the French government to reach these goals. On March 2017, 4.100 companies were identified, 80 companies were awarded tax assistance, and 22 companies were certified. In view of these results, the new French President announced in May he wants to invest 10 million euros in industry and innovation.

Cisco as the  French Industrie 4.0 partner

Cisco is one of the biggest technology partners for this effort. In February 2015, we announced a strategic partnership with the French government to accelerate digital transformation in France. John Chambers invested 200 million dollars in digital training, startup incubation and research.

Some activities were dedicated to Industrie 4.0, such as the signature of two chairs with IT and Engineering schools in France, the agreement with the Hauts-de-France (a northern French state) to make it become a “Smart Region”, especially in the manufacturing field, and, more recently, our investment in Viva Technology Paris 2017, where we showcased just a sampling of projects:

We presented our Cyber Valet Services project with Valeo, to make your car can park by itself.

  • We highlighted startups, two of which are in our accelerator program, specializing in artificial intelligence and cyber security for the manufacturing industry.
  • We welcomed French students and entrepreneurs, whom we had assisted on their innovation projects and we demonstrated our Industrial IoT solutions in the Manufacturing corner of our booth.

It is so exciting to see Industrie 4.0 advance in France, and in fact accelerate in adoption courtesy of the French government.  For more details on our presence at Viva Technology Paris 2017 visit this link.

 

 

 

 

 

Authors

Avatar

Scot Wlodarczak

No Longer with Cisco

July 21, 2017 2 Comments
Avatar

Value Chain Security: Mid-Year 2017 Perspective

Value Chain Security is increasingly top of mind across industry and government.  The word is out – the value chain must be addressed to ensure viable security.  Whether the discussion is framed as third party risk, cybersecurity or critical infrastructure, Cisco is at the forefront of addressing security holistically across the end-to-end ICT lifecycle.

Right before the 2017 US Executive Order on cybersecurity was released, I shared thoughts on How Much Security is Enough?  The video addresses the ongoing proliferation of security standards and guidelines, my prediction for the future of security liability, and thoughts about how to prepare for the onslaught with a holistic security architecture.  For more on liability see, “A Holistic Security Architecture May Just Help Avoid Future Liability” in the April 25th SC Magazine.

In April, Stu Miniman, host at theCube, and I reviewed data and insights on how companies can leverage technology, operations, and people to address the security threats arising from global value chains. We had a lively discussion about the far-reaching security impacts of a rapidly expanding ecosystem, Securing Your Value Chain.

Privileged to take the stage at the National Cyber Security Alliance (NCSA) and Nasdaq Cybersecurity Summit in June, I joined a panel of esteemed colleagues debating the realities of “Minimizing Human Error.”  Masha Sedova, co-founder, Elevate Security; Alex Blau, VP, ideas42; and Avi Rembaum, VP, Check Point and I converged on a key message: Leveraging technology, process and, most importantly, key understandings about human psychology are essential to decreasing human errors.

Chatting with Cheddar at that event, I discussed cybersecurity, third parties, and the human element and the importance of embedding cybersecurity into daily life, devices and our personal and business value chains. After all, technology exists to serve people and should be designed and used in that context. Only then can a path to decreased security risk from human error be charted. For more on the human aspect of security see, “The Human Factor: Risk and Reward” in the July 20th SC Magazine.

For digital disruption to sustain its promise of positive impact there must be a comprehensive focus on security, not just security but pervasive security. And it is up to all of us to address security across the value chain in order to embrace the true potential of a digital world.

 

Authors

Avatar

Edna Conway

Chief Security Officer

Chief Security Officer, Global Value Chain

Leave a Comment
Avatar

Threat Round-up for July 14 – July 21

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between July 14 and July 21. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavior characteristics, indicators of compromise, and how our customers are automatically protected from these threats.

As a reminder, the information provided for the following threats in this post is non-exhaustive and current as of date of publication. Detection and coverage for the following threats is subject to updates pending additional threat or vulnerability analysis. For the most current information, please refer to your Firepower Management Center, Snort.org, or ClamAV.net.

Read more »

Authors

Avatar

Talos Group

Talos Security Intelligence & Research Group

Leave a Comment
Avatar

Protecting Innovation: ITC Declines to Suspend Ruling; Orders Remain In Effect

The International Trade Commission yesterday sent a strong message to Arista that its “corporate culture of copying”, as the ITC has put it, must stop. By rejecting Arista’s efforts to delay orders that Arista stop importing and selling infringing products in the U.S., it reinforced the protection of intellectual property rights.

On May 4, the Commission had found that Arista’s entire product line infringed two Cisco patents covering key networking technologies, related to access controls and network security.  The ITC imposed a “limited exclusion order”, or ban, on the import of all infringing Arista products from its overseas manufacturing sites into the U.S., and a cease and desist order barring Arista from selling those products in the U.S., whether manufactured abroad or assembled in the U.S. from components that have been imported. Those orders went into effect on July 4 at the end of the 60-day “Presidential Review Period”. And yesterday, the ITC refused Arista’s attempt to suspend the orders pending Cisco’s appeal to the Federal Circuit Court of Appeals of a Patent and Trademark Office finding that the two patents in this current case are invalid; the ITC, in contrast, has ruled that the two patents are indeed valid.

Several noteworthy points deserve highlighting:

  • Arista on Wednesday had made a last-minute plea to the ITC again urging the ITC to suspend its orders, augmenting arguments it had submitted earlier.  Because the filing was marked confidential and provided to us only with extensive redactions, we don’t know exactly what claims Arista advanced as to the impact of the ITC orders.  Arista’s cloak of secrecy suggests Arista either believes it will be called out for making exaggerated claims, or does not want its customers and investors to know what it believes will happen now that it is required to respect Cisco’s intellectual property rights.
  • We look forward to Federal Circuit review of the Patent Office’s invalidity rulings on the two patents. In the appeal, we will address Arista’s blocking of the Patent Office from access to records of the ITC trial related to the novel and non-obvious nature of Cisco’s patents. Arista’s tactics effectively made it impossible for the Patent Office to review relevant evidence in its validity determination. We will also demonstrate that the Patent Office should have followed the ITC’s lead and rejected Arista’s effort to invalidate a patent that its own founder and board chair, Andreas Bechtolsheim, had sworn was valid when he submitted the patent application as a Cisco inventor. Under the legal doctrine known as “assignor estoppel”, inventors are prohibited from undermining their own inventions when it is convenient to do so. That important equitable doctrine, which protects the integrity of the patent system, is enforced by the courts just as it was by the ITC in this case, and should have been applied by the Patent Office.

We have had one goal: for Arista to stop selling products using Cisco’s intellectual property. Arista has used every stratagem to delay the case and avoid taking that step. To publicly demonstrate the willful nature of Arista’s actions, we have only asserted in these cases patents which were invented at Cisco by engineers who either went to work for Arista or who at the time of invention or patenting worked at Cisco with individuals who later became Arista executives. We hope Arista’s board will now stand up and demand that the company cease use of all misappropriated technology.

Consistent with its actions to date, we expect Arista will now ask the Federal Circuit to intervene where the ITC and the United States Trade Representative have refused to do so, to allow them to continue infringing Cisco patents pending Cisco’s appeal of the Patent Office invalidity findings. Those patents remain on the books unless the Federal Circuit rejects the ITC’s validity and infringement findings and upholds the PTO’s rulings, a point well understood by the ITC in its rejection yesterday of Arista’s plea for delay.

We suggest that instead, Arista simply stop using intellectual property that they knowingly misappropriated from Cisco.

Authors

Avatar

Mark Chandler

Retired | Executive Vice President

Chief Legal and Compliance Officer

1 Comment
Avatar

Cisco AMP for Endpoints Included in Gartner’s “The Evolving Effectiveness of Endpoint Protection Solutions” 2017 A …

Endpoint security comes in many different shapes and sizes:

  • “Endpoint Protection Platforms (EPP)”
  • “Antivirus (AV)”
  • “Endpoint Detection and Response (EDR)”
  • “Next-Generation Endpoint Solutions”

The list goes on.

Faced with so many different options, it can be tricky to know which type of endpoint security tool is right for your organization. What does EPP do that EDR doesn’t, and vice-versa? The answers are not so obvious for organizations that are just beginning to look at endpoint security. Furthermore, security teams are wary of deploying multiple endpoint protection tools. It just means more “stuff” on the endpoint, and another management console to look after.

This situation has sparked a move by many endpoint security vendors to add new capabilities to their tools in order to bring a more comprehensive endpoint security platform to the market. Traditional EPP vendors are adding post-execution detection and response capabilities usually associated with EDR products. EDR vendors are adding more preventative features usually associated with EPP products.

This consolidation of features in the endpoint security space is addressed in a recent Gartner report entitled, “The Evolving Effectiveness of Endpoint Protection Platforms.” In this assessment, Mario de Boer of Gartner defines the different technologies out in the marketplace today, and compares different solutions from a wide range of endpoint security vendors. The centerpiece of his assessment looks at how each of these vendors provide capabilities in three main categories: attack surface reduction, pre-execution endpoint protection techniques, and post-execution endpoint protection techniques.

Gartner clients or subscribers can access the paper here (“Gartner for Technical Professionals” access is required). It’s a great read and a great resource, especially for security teams that are just beginning their research into the right endpoint security solution for their organization. I’m also happy to report that Cisco’s next-generation endpoint security solution, AMP for Endpoints, is well-represented in this assessment. To learn more about Cisco AMP for Endpoints, and how it can provide attack prevention, detection, and response, visit www.cisco.com/go/ampendpoint.

Authors

Avatar

John Dominguez

Product Marketing

Cisco Security Business Group