Enabling AMP in Cisco SD-WAN

Advanced Malware Protection (AMP) for Networks is now available in Cisco SD-WAN.

That means you’ll be able to sandbox and block standard, polymorphic and file-less malware across the WAN, all from the Cisco SD-WAN console.

As the world’s largest networking and cybersecurity vendor, Cisco combines the most advanced SD-WAN with its industry-leading security portfolio for your campus and branch office needs. In addition, Cisco SD-WAN platforms, such as the 1000 and 4000 Series Integrated Services Routers (ISR 1K and ISR 4K) are purpose-built and enhanced with proprietary, embedded defenses to provide the most comprehensive SD-WAN connectivity and protection.

Deploying AMP in Cisco SD-WAN is easy: simply click a tab and activate the security services you need.

Robust SD-WAN Security

With the software release of Cisco IOS-XE SD-WAN 16.11, Cisco SD-WAN customers using ISR platforms gain access to the most advanced security services backed with Cisco Talos threat intelligence. These services include:

◉ NEW: Malware defense and sandboxing with Cisco AMP and AMP Threat Grid

◉ Enterprise firewalling with application awareness

◉ URL filtering and Umbrella DNS security

◉ Snort Intrusion Prevention (IPS)

◉ End-to-end segmentation across the WAN

◉ Embedded platform security, including the Cisco Trust Anchor module

Building on the Cisco SD-WAN Security Stack

Cisco SD-WAN makes managing WAN operations simple, including security deployments such as AMP

SD-WAN presents unique challenges for your network management and security teams. Branch offices transmit sensitive data like their core and campus location counterparts, yet modest branch office size and scattered geography make them difficult to secure with multiple point products. When branch locations begin using direct internet access (DIA) for cloud applications, enterprise risk increases further. Adding malware protection in these environments is critical.

Cisco SD-WAN allows enterprise IT teams the ability to layer security including malware protection at branches and core locations across the WAN with a few clicks. These capabilities help WAN locations identify, defend against and remediate a wide variety of threats.

AMP Understands Malicious Behavior

Modern malware has evolved.

Without the appropriate protections, detection and remediation in an SD-WAN environment is unlikely, exposing branch offices and the WAN to advanced threats such as data exfiltration and unauthorized encryption.

For network, security and IT operations teams, that means taking time to work across departments, correlating disparate tools to fumble through threats in hopes of preventing their expansion into other sensitive network areas.

That’s why AMP for Networks in Cisco SD-WAN uses integrated preventative engines, exploit prevention and the most intelligent signature-based antivirus to stop malicious attachment and fileless malware before they execute.

AMP understands malware. Together with Cisco Talos, AMP imbues your SD-WAN branch, core and campuses locations with threat intelligence from millions of worldwide users, honeypots, sandboxes, and extensive industry partnerships. In total, AMP identifies more than 1.1 million unique malware samples a day. At the first sign of malicious behavior in your core location or branch, AMP in Cisco SD-WAN automatically blocks the threat and protects users across your entire WAN.

Continue reading

The State of Machine Learning in 2019

Here we are, almost four whole months into 2019 and machine learning and artificial intelligence are still hot topics in the security world. Or at least that was the impression I had. Our 2019 CISO Benchmark Report however, found that between 2018 and 2019, CISO interest in machine learning dropped from 77% to 67%. Similarly, interest in artificial intelligence also dropped from 74% to 66%.

Now there are a number of reasons why these values could have dropped over a year. Maybe there’s a greater lack of certainty or confidence when it comes to implanting ML. Or perhaps widespread adoption and integration into more organizations has made it less of a standout issue for CISOs. Or maybe the market for ML has finally matured to the point where we can start talking about the outcomes from ML and AI and not the tools themselves.

No matter where you stand on ML and AI, there’s still plenty to talk about when it comes to how we as an industry are currently making use of them. With that in mind, I’d like to share some thoughts on ways we need to view machine learning and artificial intelligence as well as how we need to shift the conversation around them.

More effective = less obvious

I’m still amazed by how machine learning is still a hot topic. That’s not to say it does not deserve to be an area of interest though. I am saying however, that what we should be talking about are the outcomes and capabilities it delivers. Some of you may remember when XML was such a big deal, and everyone could not stop talking about it. Fast forward to today and no one advertises that they use XML since that would just be obvious and users care more about the functionality it enables. Machine Learning will follow along the same path. In time, it will become an essential aspect of the way we approach security and become simply another background process. Once that happens, we can focus on talking about the analytical outcomes it enables.

An ensemble cast featuring machine learning

Anyone who has built an effective security analytics pipeline knows that job one is to ensure that it is resilient to active evasion. Threat actors know as much or more than you do about the detection methods within the environments they wish to penetrate and persist. The job of security analytics is to find the most stealthy and evasive threat actor activity in the network and to do this, you cannot just rely on a single technique. In order for that detection to happen, you need a diverse set of techniques all of which complement one another. While a threat actor will be able to evade one or two of them simultaneously, they don’t stand a chance against hundreds of them! Detection in diversity!

To explain this, I would like to use the analogy of a modern bank vault. Vaults employ a diverse set of detection techniques like motion, thermal, laser arrays, and on some physical dimension, an alarm will be tripped, and the appropriate response will ensue. We do the same in the digital world where machine learning helps us model timing or volumetric aspects of the behavior that are statistically normal and we can signal on outliers. This can be done all the way down at the protocol level where models are deterministic or all the way up to the application or users’ behavior which can sometimes be less deterministic. We have had years to refine these analytical techniques and have published well over 50 papers on the topic in the past 12 years.

The precision and scale of ML

So why then can’t we just keep using lists of bad things and lists of good things? Why do we need machine learning in security analytics and what unique value does it bring us? The first thing I want to say here is that we are not religious about machine learning or AI. To us, it is just another tool in the larger analytics pipeline. In fact, the most helpful analytics comes from using a bit of everything.

If you hand me a list and say, “If you ever see these patterns, let me know about it immediately!” I’m good with that. I can do that all day long and at very high speeds. But what if we are looking for something that cannot be known prior to the list making act? What if what we are looking for cannot be seen but only inferred? The shadows of the objects but never the objects if you will. What if we are not really sure what something is or the role it plays in the larger system (i.e., categorization and classification)? All these questions is where machine learning has contributed a great deal to security analytics. Let’s point to a few examples.

The essence of Encrypted Traffic Analytics

Encryption has made what was observable in the network impossible to observe. You can argue with me on this, but mathematics is not on your side, so let’s just accept the fact that deep packet inspection is a thing of the past. We need a new strategy and that strategy is the power of inference. Encrypted Traffic Analytics is an invention at Cisco whereby we leverage the fact that all encrypted sessions begin unencrypted and that the routers and switches can send us an “Observable Derivative.” This metadata coming from the network is a mathematical shadow of the payloads we cannot inspect directly because it is encrypted. Machine learning helps us train on these observable derivatives so that if its shape and size overtime is the same as some malicious behavior, we can bring this to your attention all without having to deal with decryption.

Why is this printer browsing Netflix?

Sometimes we are lucky enough to know the identity and role of a user, application, or device as it interacts with systems across the network. The reality is, most days we are far from 100% on this, so machine learning can help us cluster network activity to make an assertion like, “based on the behavior and interactions of this thing, we can call it a printer!”. When you are dealing with thousands upon thousands of computers interacting with one another across your digital business, even if you had a list at some point in time – it is likely not up to date. The value to this labeling is not just so that you have objects with the most accurate labels, but so you can infer suspicious behavior based on its trusted role. For example, if a network device is labeled a printer, it is expected to act like a printer – future behavior can be expected from this device. If one day it starts to browse Netflix or checks out some code from a repository, our software Stealthwatch generates an alert to your attention. With machine learning, you can infer from behavior what something is or if you already know what something is, you can predict its “normal” behavior and flag any behavior “not normal.”

Pattern matching versus behavioral analytics

Lists are great! Hand me a high-fidelity list and I will hand you back high-fidelity alerts generated from that list. Hand me a noisy or low fidelity list and I will hand you back noise. The definition of machine learning by Arthur Samuels in 1959 is “Field of study that gives computers the ability to learn without being explicitly programmed.” In security analytics, we can use it for just this and have analytical processes that implicitly program a list for you given the activity it observes (the telemetry it is presented). Machine learning helps us implicitly put together a list that could not have been known a priori. In security, we complement what we know with what we can infer through negation. A simple example would be “if these are my sanctioned DNS servers and activities, then what is this other thing here?!” Logically, instead of saying something is A (or a member of set A), we are saying not-A but that only is practical if we have already closed off the world to {A, B} – not-A is B if the set is closed. If, however we did not close off the world to a fixed set of members, not-A could be anything in the universe which is not helpful.

Useful info for your day-to-day tasks

I had gone my entire career measuring humans as if they were machines, and not I am measuring humans as humans. We cannot forget that no matter how fancy we get with the data science, if a human in the end will need to understand and possibly act on this information, they ultimately need to understand it. I had gone my entire career thinking that the data science could explain the results and while this is academically accurate, it is not helpful to the person who needs to understand the analytical outcome. The sense-making of the data is square in the domain of human understanding and this is why the only question we want to ask is “Was this alert helpful?” Yes or no. And that’s exactly what we do with Stealthwatch. At the end of the day, we want to make sure that the person behind the console understands why an alert was triggered and if that helped them. If the “yeses” we’ve received scoring in the mid 90%’s quarter after quarter is any indication, then we’ve been able to help a lot of users make sense of the alerts they’re receiving and use their time more efficiently.

Read More: 642-883: Deploying Cisco Service Provider Network Routing (SPROUTE)

Continue reading

Malicious Forces Cracking your SD-WAN Concrete? Reinforce your Network with Cisco SD-WAN Security

Security must be deep-rooted into every software-defined WAN (SD-WAN) solution rather than bolted on as an afterthought, much like the process of planting reinforcement steel in concrete.

Concrete has been used in construction for more than a thousand years. It has excellent compressive strength which allows it to endure heavy weights but little to no strength in tension forces, which are concrete’s tolerance against pressing and stretching. Most of the current SD-WAN solutions in the market, like concrete, have some notable attributes. They can provide WAN optimization, Zero-touch deployment, centralized management, basic segmentations, and perhaps limited security functionalities like stateful firewalling and VPN. But are they also able to protect your branch network against all internal and external threats in Direct Internet Access (DIA)?

Thousands of new complex cybersecurity threats emerge every day. Similar to concrete tension forces, these threats will eventually crack and break your SD-WAN branch network. These malicious forces are more potent when connecting your branch directly to the cloud using a common internet highway bridge.

SD-WAN Security: Built-in or Bolted-on?

In almost every area of life, compared with a “built-in” option, it’s hard to imagine someone would choose a “bolted-on” as their first resort. Security is not so different. Yet many enterprises are using external security appliances to secure their directly connected SD-WAN branches to the cloud. This bolted-on security norm comes as no surprise. In the current market, there are simply not enough SD-WAN solutions with a substantial level of integrated security.

The process of bolting on legacy security tools often creates unnecessary complexity and overhead because these standalone products were never truly designed for an SD-WAN deployment. These bolted-on tools do not share the WAN tenets and have a difficult time adapting to today’s agile and scalable SD-WAN solutions.

Having distinct security and networking domains at each branch not only increases the total cost of ownership but also complicates deployment, monitoring, and manageability.  A simple policy update, for example, necessitates jockeying back and forth between two different monitoring dashboards. Managing integrated security and networking controls from a single console saves time and money and makes for an overall more efficient and effective system, just as using reinforced steel bars speeds up construction.

Cisco SD-WAN security reinforcing your WAN Network

Unlike other SD-WAN vendors’ solutions in which customers have to compromise on security, application experience or advanced routing, Cisco offers an integrated industry-leading SD-WAN with best-in-class security solution. This “no compromise” solution connects any device and any user to any cloud and delivers consistent threat protection from branch locations to the cloud edge.

With Cisco SD-WAN, multiple layers of enterprise-level security capabilities – such as application-aware firewall, intrusion prevention, URL filtering, file reputation, and simplified cloud security – can be deployed and managed through single interface dashboard, at scale.

Gaining additional protection with Cisco Umbrella, a secure internet gateway, is as simple as checking a box within the Cisco SD-WAN unified management console. Umbrella protects users across your Cisco SD-WAN from threats such as malware, ransomware, and C2 callbacks with no added latency

These integrated security capabilities are powered by Cisco Talos security engine, one of the largest threat-intelligence organizations in the world, to block sources with suspicious behaviors before they proliferate across the network.

To meet today’s highly flexible and scalable demands of an SD-WAN solution, a built-in security approach needs to be part of any SD-WAN architectural design to better detect and prevent evolving threats, while simplifying management and improving performance.

It’s time to reinforce your old network construction with Cisco SD-WAN security.

Aren’t you tired of spending time patching your cracked network?

Continue reading

5G + IoT Tee Up Major Disruption & Business Opportunity

Everything can be disrupted. Tiger Woods just disrupted The Masters. Telecommunications companies are being disrupted by 5G. But can 5G disrupt golf and other industries outside of telecommunications? The answer is most definitely yes. And what better time to dig into these possibilities than now- between the craziness of the Masters and the excitement building for Wells Fargo and the PGA Championship?

A tenfold increase in speed and a tenfold decrease in latency. A phone battery charge that will last a month. These are some of the ways that 5G will soon leapfrog 4G to be your favorite cellular access technology. For consumers, it’s going to take just seconds to download a movie. Streaming will be clearer. The expectation of real-time experiences with apps of all kinds will become standard.

For businesses, the faster speed and lower latency will also benefit employees, customers, and partners in every industry you can think of. The lower power consumption of 5G will allow IoT sensors to operate much longer without recharging. One game changer is likely to be wireless sensors that are small enough, light enough, easy to deploy, and cheap enough to be in huge demand.

These wireless 5G-connected sensors will be attached to everything – refrigerators, cars, clothes, cameras, and in places previously never possible. Service providers will have the ability to customize the network to the needs of those sensors and business imperatives while delivering security and reliability with strict service level agreements.

Seeds of Disruption

How will 5G and IoT disrupt an entire industry? Consider the new world of virtual driving ranges. These large facilities include driving ranges with multiple hitting bays. Sensor-enabled balls are hit at various targets — monsters, cards, targets, letters — as part of different driving range games. Other technology in the golf clubs and balls let you hone your swing speed and evaluate ball speed, apex height, spin rates, and distances. Lessons and clinics for players at all levels are also available.

These new virtual golfing companies, which include fancy restaurants and cocktail lounges, are using technology to enhance the customer experience in every way possible. They are using IoT, and will soon benefit from 5G, to make each visit customized, social, participatory, and integrated.

With data center, cloud services, and apps in the background, real-time game analysis is provided for each customer. Telemetry data and data about the network, the users, and their devices is gathered and folded into a common data model that allows analysts to extract new learning and provide new experiences. With Cisco branch and cloud architecture, these virtual golfing chains can easily bring new sites online and with minimal IT support.

Out-Innovating with 5G

5G will spur competition for innovation among players in the virtual golfing industry. Imagine sensors on everything you can see at each facility, from clubs and balls to silverware, waiters and waitresses, and customers. Other sensors can be connected to the lights, kitchen appliances, food supply, nearby weather station, floors, and cameras. These locations will become fully connected ecosystems of sensors and sensor data.

Now, take all that data from all those sensors and put it in a giant data pool. Then apply an artificial intelligence application front end that can mine the data to create patterns that can determine experience and operations optimization. How can that information be useful? To run a more efficient kitchen. To ensure the maximum utilization of hitting bays. To give advertisers opportunities to customize ads to individuals and groups. To offer immediate suggestions on what type of driver and what kind of ball the golfer should be using

Bartenders will know which drinks to make in advance and can offer new options to try. Social networks can participate in the golf experience. In the back office, managers can ensure tighter security with more visibility into what’s happening in each venue, make technology changes faster, roll out stores faster, and have better control of their supply chains.

Industry Implications of 5G

In addition to IoT applications and insights from data analytics, 5G will make augmented reality (AR) and virtual reality (VR) applications available and seamless to businesses of all kinds. Oil and gas exploration will be more automated and precise. Picture a drill operator who is trying to repair a drill on an ice shelf at 20 degrees below zero using collaboration over 5G satellite to share blueprints with a technician thousands of miles away.

Doctors will be able to train in virtual operating theaters. Factories will become more optimized to reduce costs, run times, and errors. Retailers will be able to target ads more precisely using time, location, customer, weather, and other data. And golfers will be able to tee up at the most exclusive courses in the world, virtually.Now think about your own industry and business.

Who are the new entrants? What companies are driving competition and how are they doing it? What could you be doing to disrupt or protect your company from disruption? Can 5G and all the things it will enable — IoT, AR/VR, data analytics, artificial intelligence — help accelerate your strategy?

Given how Tiger Woods at 43, with multiple back and knee surgeries behind him, just disrupted professional golfing with his $2 million win at the 2019 Masters and is now headed to the PGA Championship, your own business may also be ready for surprising new benefits with 5G!

Continue reading

Cyber Defense Clinic for Education

And it’s not just America’s problem, it’s the world’s, with an estimated one million cybersecurity positions currently unfilled globally. The lack of personnel with the right digital skills to bridge the cyber-gap is growing so fast that many in the industry are predicting a three-fold plus increase in that number by 2025. That means 3.5 million unfilled cybersecurity jobs are on the horizon. So it’s time the industry gets serious about how we’re going to fill them.

Leaders in cybersecurity must lead in cyber education

As an industry-leader in cybersecurity, Cisco suggests the first step is to attract and train more defenders. That’s why we’re stepping up to do just that through our Cyber Defense Clinic (CDC) for Education program. This program helps students gain experience as both an attacker and defender in various cyber attack scenarios. Our program offers schools across America access to:

◈ Software
◈ Equipment
◈ Preprogrammed labs
◈ Lab guides
◈ And other teaching materials,

all while giving teachers the flexibility they need to use and structure labs creatively to enhance the digital skills of their students.

We must move aggressively to evolve cyber training

As defense strategies evolve, so do those of the hackers. And both are doing so at a rapid pace. In order for students to gain a working knowledge of them, they’ll need to go beyond basic learning to submersive cyber training, where hands-on interaction with the latest cybersecurity tools enable them to hone their expertise in cyber defense.

That’s where our Cyber Defense Clinic for Education comes in, providing students with real-world insight into ransomware, phishing, common hacking tools, breach detection, incident response, and the latest defense technologies.

Advanced tools are now a must-have in cyber education

As an IT industry-leader keeping private and public sector networks secure around the world, Cisco has developed a robust internal tool called D-Cloud, designed with customers, partners, and employees in mind. It has the power to demonstrate solutions and show proof of value to thousands of users every single day.

CDC is one of the most popular tools in D-Cloud, teaching users how technology from Cisco and other companies can be applied in real-world scenarios to defend against cyber threats. As part of our ongoing commitment to training future cyber defenders, we are training educators on this innovative tool – empowering universities, community colleges and advanced high school programs with lab access.

Most importantly, we’re making it easy too. So easy, in fact, that all they need to do is logon from their laptop and they’ll gain immediate access to millions of dollars’ worth of lab solutions, including industry-leading technologies like:

◈ Identity and Access Management (IDAM)
◈ Email Security
◈ DNS Protection
◈ Intrusion Detection (IDS/IPS)
◈ Anomaly Detection
◈ Advanced Malware Detection
◈ and even Security Incident and Event Management (SIEM) from QRadar and Splunk.

Advanced digital skills are critical to a strong cyber defense

Thanks to CDC, schools now have the capability to get creative in their cyber training so students can advance their digital skills. For example, educators can:

◈ Cap off classes with lab experiences
◈ Engage via reinforcement labs throughout the semester
◈ Create staff enrichment events
◈ Develop activities that increase cybersecurity awareness
◈ Deploy half day or full day clinics for students and faculty.

Plus, CDC can be used for community outreach and student recruiting efforts (Cyber/STEM). We’re also committed to providing and maintaining the latest equipment and solutions, and reset labs after each use. Our team is always happy to work hand-in-hand with a school’s IT leaders to ensure the best user experience. By the way, it’s worth noting that by using CDC, which keeps schools separate from labs, the schools can reduce risks from outside cyberthreats.

Our team at Cisco is thrilled to offer our Cyber Defense Clinic (CDC) for Education program to both educators and students. By doing so we can all partner together, as one community, to slow and eventually bridge the growing cybersecurity skills gap.

Continue reading

Accelerate Your Journey to AWS With a Cisco Cloud Ready Network

Many organizations have already developed cloud migration targets and are looking at how they can accelerate cloud adoption. As organizations increasingly embrace IaaS, PaaS, and SaaS consumption models many have selected AWS as their primary cloud provider.

While pre-application migration planning and application readiness is a key area of focus, many organizations have also realized that network readiness is also critical in accelerating and ensuring a successful cloud adoption journey. Legacy network architectures lack the simplicity, adaptability, automation and most of all application-awareness needed to deliver the best user experience. A Cloud Ready Network needs to enable a secure and optimized connectivity to cloud services from the branch/remote-offices.

Cisco next-gen SDWAN is one of the pillars of the Cloud Ready Network that can accelerate organizations adoption of cloud.

Cloud Ready WAN

To guarantee optimal end users experience an organization requires seamless connectivity between branch office locations, applications, and workloads hosted in the cloud. Many WAN solutions are ill-equipped for this task because they are generally rigid, complex to configure, and expensive to maintain. IoT adoption, a dramatic increase of the number of network devices, and the sophistication of security threats further compounds this challenge.

Cisco SDWAN on Amazon Web Services (AWS) is an overlay WAN architecture that is designed to address heterogeneous WAN connectivity and distributed users by building a scalable WAN infrastructure that reduces data transport costs and operational expenses. Cisco SDWAN for AWS helps with the following two major use cases:

Cloud Onramp for SaaS – Improving SaaS performance with SDWAN on AWS

Enterprises with the legacy WAN architecture, find it challenging to ensure a quality end user experience with their SaaS adoption. Often times a suboptimal path with increased latency is chosen to connect a user to the SaaS application in the cloud resulting in a degraded end user experience. A cloud ready network via SDWAN solves the problem by creating multiple Internet exit points and dynamically steering around bandwidth and latency issues in real-time, resulting is an optimal SaaS user experience at branches.

To achieve this the SDWAN fabric continuously measures the performance of designated SaaS applications through all permissible paths from a branch including direct internet access. For each path, the fabric computes a quality-of-experience (vQoE) score that gives network administrators visibility into application performance. The fabric also makes real-time decisions to choose the best-performing path per application per VPN between the end users at a remote branch and the cloud SaaS application and automatically fails over in case of performance degradation.

Cloud Onramp for IaaS – Faster and secure connectivity from branches to the AWS cloud

Traditional hub-and-spoke network architectures were designed to support consolidated applications and services hosted at centralized “demilitarized zones” (DMZs) and data centers. This layout forces the backhaul of internet traffic through the DMZ, creating inefficient traffic routes that increase the distance between end user and application. As an alternative, many organizations have opted to implement private circuits or MPLS to create mesh connectivity and satisfy any-to any traffic requirements. This approach can work but is costly and adds operational complexity. There is also a need to handle dynamic traffic patterns driven by seasonality, bursting, or external events.

Cisco SDWAN Cloud onramp for IaaS extends the visibility, reliability, and management of the SDWAN network from branches, remote sites, and campus to AWS. It allows for a transport independent any-to-any connectivity and end-to-end VPN segmentation. Tight integration with Amazon Virtual Private Cloud (VPC) enables organizations to automate network configurations with a consistent policy across branch, DC, and AWS, so that they can deploy and scale workloads on AWS faster. Cisco vEdge routers are deployed in a gateway VPC to connect branches and application VPCs. This enables the administrators to easily scale up the VPC environment by reducing the number of point to point tunnels between organization’s branches to host VPCs resulting in a simplified WAN management, lower transport costs, and faster time to deploy. The gateway VPC also supports workload segmentation especially when an organization deploys application VPCs across multiple AWS regions. The vManage component of the Cisco SDWAN solution, orchestrates the WAN sites and Amazon VPCs to automate connectivity and provides full lifecycle management and network visibility into the entire SDWAN environment.

Continue reading

Optimizing Cloud Resources + Reducing Your Carbon Footprint with TimeBox

At Cisco Engineering, innovation isn’t just something we do; it’s a way of life.

With tens of thousands of developers churning out an equal number of cutting-edge solutions at high velocity, Cisco truly is at the helm of technological innovation.

For context, Cisco has a vast amount of DevOps activities that are associated with development and these require significant resources for running workloads. The resources encompass storage, compute, memory, and associated ancillary costs such as real estate footprint, electricity, and others. Moving to the cloud does not change the fundamentals of this challenge,  even cloud workloads at the end of the day need to run on compute (and consume electricity). This landscape created the perfect opportunity for Cisco internal engineering to innovate.

Enter TimeBox.

Born out of a Cisco-fueled engineering hackathon and with roots in our Kanata, Ontario, Research & Development Centre, TimeBox is an award-winning made-in-Canada solution. With two filed patents, it is taking cloud resource optimization at Cisco to new heights.

As a data-driven resource optimizer, TimeBox:

1. Understands intent.

2. Provides recommendations.

3. Monitors and heals workloads on auto-pilot.

4. Provides insight into workloads.

5. Is a one-stop-shop to discover your Total Cost of Ownership (TCO) footprint, directly mapping to financial costs.

Here is the recipe:

Through machine learning, TimeBox understands the intent of historic workload computations, then uses those to make recommendations for a better schedule. Once tweaked, this schedule gets re-trained for subsequent, more sophisticated Artificial Intelligence (AI) driven recommendations. It also works as a smart assistant, automatically answering frequently posed questions and challenges encountered by our Cisco engineers. These include:

1. Determining the optimal resources required for a given workload.

2. Autonomous monitoring and healing of aborted workloads.

3. Total Cost of Ownership for a given workload.

4. Preventing accidental hoarding of resources.

In a nutshell:

Scheduling and optimizing cloud resources is not a new idea, but using genetic modelling-based AI to solve for it may just be. TimeBox can be pervasive, with applications across any industry where the efficiency of resource allocation is critical. Where there are resources that undergo periodic consumption, there is a need for optimal capacity planning, workloads with large variety, and associated variable characteristics.

Continue reading