Taming AI Frontiers with Cisco Full-Stack Observability Platform

The Generative AI Revolution: A Rapidly Changing Landscape

The public unveiling of ChatGPT has changed the game, introducing a myriad of applications for Generative AI, from content creation to natural language understanding. This advancement has put immense pressure on enterprises to innovate faster than ever, pushing them out of their comfort zones and into uncharted technological waters. The sudden boom in Generative AI technology has not only increased competition but has also fast-tracked the pace of change. As powerful as it is, Generative AI is often provided by specific vendors and frequently requires specialized hardware, creating challenges for both IT departments and application developers.

It is not a unique situation with technology breakthroughs, but the scale and potential for disruption in all areas of business is truly unprecedented. With proof-of-concept projects easier than ever to demonstrate potential with ChatGPT prompt-engineering, the demand for building new technologies using Generative AI was unprecedented. Companies are still walking a tight rope, balancing between safety of compromising their intellectual properties and confidential data and urge to move fast and leverage the latest Large Language Models to stay competitive.

Kubernetes Observability

Kubernetes has become a cornerstone in the modern cloud infrastructure, particularly for its capabilities in container orchestration. It offers powerful tools for the automated deployment, scaling, and management of application containers. But with the increasing complexity in containers and services, the need for robust observability and performance monitoring tools becomes paramount. Cisco’s Cloud Native Application Observability Kubernetes and App Service Monitoring tool offers a solution, providing comprehensive visibility into Kubernetes infrastructure.

Many enterprises have already adopted Kubernetes as a major way to run their applications and products both for on-premise and in the cloud. When it comes to deploying Generative AI applications or Large Language Models (LLMs), however, one must ask: Is Kubernetes the go-to platform? While Cloud Native Application Observability provides an efficient way to gather data from all major Kubernetes deployments, there’s a hitch. Large Language Models have “large” in the name for a reason. They are massive, compute resource-intensive systems. Generative AI applications often require specialized hardware, GPUs, and big amounts of memory for functioning—resources that are not always readily available in Kubernetes environments, or the models are not available in every place.

Infrastructure Cloudscape

Generative AI applications frequently push enterprises to explore multiple cloud platforms such as AWS, GCP, and Azure, rather than sticking to a single provider. AWS is probably the most popular cloud provider among enterprise, but Azure’s acquisition of OpenAI and making GPT-4 available as part of their cloud services was ground breaking. With Generative AI it is not uncommon for enterprises to go beyond one cloud, often spanning different services in AWS, GCP, Azure and hosted infrastructure. However, GCP and AWS are expending their toolkits from a standard pre-GPT MLOps world to fully- managed Large Language Models, Vector databases, and other newest concepts. So we will potentially see even more fragmentation in enterprise cloudscapes.

Troubleshooting distributed applications spanning across cloud and networks may be a dreadful task consuming engineering time and resources and affecting businesses. Cisco Cloud Native Application Observability provides correlated full-stack context across domains and data types. It is powered by Cisco FSO Platform, which provide building blocks to make sense of the complex data landscapes with an entity-centric view and ability to normalize and correlate data with your specific domains.

Beyond Clouds

As Generative AI technologies continue to evolve, the requirements to utilize them efficiently are also becoming increasingly complex. As many enterprises learned, getting a project from a very promising prompt-engineered proof of concept to a production-ready scalable service may be a big stretch. Fine-tuning and running inference tasks on these models at scale often necessitate specialized hardware, which is both hard to come by and expensive. The demand for specialized, GPU-heavy hardware, is pushing enterprises to either invest in on-premises solutions or seek API-based Generative AI services. Either way, the deployment models for advanced Generative AI often lie outside the boundaries of traditional, corporate-managed cloud environments.

To address these multifaceted challenges, Cisco FSO Platform emerges as a game-changer, wielding the power of OpenTelemetry (OTel) to cut through the complexity. By providing seamless integrations with OTel APIs, the platform serves as a conduit for data collected not just from cloud native applications but also from any applications instrumented with OTel. Using the OpenTelemetry collector or dedicated SDKs, enterprises can easily forward this intricate data to the platform. What distinguishes the platform is its exceptional capability to not merely accumulate this data but to intelligently correlate it across multiple applications. Whether these applications are scattered across multi-cloud architectures or are concentrated in on-premises setups, Cisco FSO Platform offers a singular, unified lens through which to monitor, manage, and make sense of them all. This ensures that enterprises are not just keeping pace with the Generative AI revolution but are driving it forward with strategic insight and operational excellence.

Bridging the Gaps with Cisco Full-Stack Observability

Cisco FSO Platform serves as a foundational toolkit to meet your enterprise requirements, regardless of the complex terrains you traverse in the ever-evolving landscape of Generative AI. Whether you deploy LLM models on Azure OpenAI Services, operate your Generative AI API and Authorization services on GCP, build SaaS products on AWS, or run inference and fine-tune tasks in your own data center – the platform enables you to cohesively model and observe all your applications and infrastructure and empowers you to navigate the multifaceted realm of Generative AI with confidence and efficiency.

Cisco FSO Platform extends its utility by offering seamless integrations with multiple partner solutions, each contributing unique domain expertise. But it doesn’t stop there—it also empowers your enterprise to go a step further by customizing the platform to cater to your unique requirements and specific domains. Beyond just Kubernetes, multi-clouds, and Application Performance Monitoring, you gain the flexibility to model your specific data landscape, thereby transforming this platform into a valuable asset for navigating the intricacies and particularities of your Generative AI endeavors.

Source: cisco.com

Continue reading

From frustration to clarity: Embracing Progressive Disclosure in security design

There are so many areas to consider when dealing with protecting and detecting threats, unfortunately cognitive overload is one problem that is often overlooked. Remember when search engines had a million news articles, reading suggestions, and market analysis on the home page. Users had to sift through the mountain of information and decide what was the best source for them. This is a prime example of cognitive overload, and this is something most SOC analysts know too well. Too many options and complex steps make users feel frustrated and confused. Their brain is being given too much information to process and gets overwhelmed. When Google came on the scene with a single search bar, users flocked to it because it changed the game. It helped organize data and surfaced up the most relevant pieces of information. The single search bar on the page made it very easy for users to understand what they had to do. A clean results page made it abundantly clear which links were most important. Finally, very few prominent buttons on the page made it easy to know what the next step was.

The same concepts and problems appear in the security space, frustrating SOC analysts and making their jobs much harder. They deal with having too much information, too many choices and no real way to organize the data to help users make better data-driven decisions. To have the best user experience possible, designers leverage a technique called progressive disclosure. It is a pattern used to break down the information into bite sized pieces and feed it to the user as and when needed. A good example of this in everyday life is the average ATM. The first screen just shows a few options like withdraw, deposit, and check account balances. Within seconds, you understand what action you must take to deposit your money. Once you choose an option, it takes you to the next bite sized step. Easy!

Similarly, the security world is filled with alerts, metrics, targets, etc. It is easy to fall into the cognitive overload trap. Cisco XDR uses progressive disclosure to help reduce that cognitive load, support novice and expert users, and help users to focus on high priority incidents and remediate quickly. Now, let us look at how we achieve that.

1. Risk Score

Incidents are ranked based on a color-coded risk score. Immediately the user’s focus is drawn to the high priority incidents that are marked with a red coded score. Novice users who are not familiar with the scoring method can hover over the score and see a popup with an explanation.

2. View Incident Details

Once an incident is selected, a drawer opens on the side. This provides a high-level overview of the incident. In a single glance the user can see the incident status, assignees, description, breakdown of risk score, and assets. The user can assess if this incident must be prioritized without having to leave the page. For further details, they can click on ‘View Incident Details’ to load a detailed page of the incidents.

3. Control Center Tiles

The tiles displayed on the control center give a high-level overview of key metrics to better understand the health of the system without being too granular on the details. A user can create new dashboards or edit existing ones. This also helps the user see patterns and focus on areas that need to be prioritized.

4. Navigation Menu

Often, the overwhelming amount of information and actions that can be taken are spread across numerous screens. It can be easy for analysts to get lost in the maze. With Cisco XDR, we have grouped actions into 7 main categories, which are further broken down into 26 subcategories. We progressively take the user deeper into the product to get them to where they want to go.

5. Investigate Node Map

Mapping out an incident can sometimes look like a map of the Labyrinth. Files, assets, and IP addresses, to name a few, connected with numerous lines can be hard to decipher. Classic cognitive overload problem. XDR has grouped these so only key nodes are displayed in the map. On hover, each key node will expand to show more nodes and the lines connecting them will display more information on the relationship between each node. Clicking on a node will bring up a popup that displays options for further investigation.

Cisco XDR was built by SOC practitioners, for SOC practitioners, and lays out information in a consistent and easy to follow format – first a summary view of the data, then users can drill down to a detailed view of that same data, and finally if necessary (or out of pure interest and curiosity!) users can drill down again to see the raw data view. Using progressive disclosure and this consistent display of information, Cisco XDR helps SOC analysts view the information they need to move forward and take next steps to effectively mitigate threats. No more analysis paralysis, only data-based decisions here!

Continue reading

New Cisco Services Help You Achieve Business Outcomes— Faster

In my role, I have the incredible opportunity to meet trailblazing IT leaders just like you every day. Each has told me that in order to continue to innovate and help their organization thrive, they must align technology investments to business priorities and achieve remarkable, tangible results. But they can’t do it alone! IT leaders have also shared with me the need for strategic advisors with deep technical expertise and understanding of their business to inform their decisions and accelerate technology adoption.

In response to what we hear from customers like you, we are continually evolving our Customer Experience (CX) services portfolio. Today, I am excited to announce that we are launching a brand-new outcomes-driven offering – Cisco Lifecycle Services (LCS). These services shift your focus from IT challenges to business outcomes. LCS lets you start with your desired outcomes, then helps you identify and execute IT initiatives aligned to those outcomes, which allows you to demonstrate measurable results. You also get Cisco experts with advanced tools, automation, and AI/ML insights to accelerate time-to-outcomes.

“Companies require IT services that provide the scalability and adaptability to align to changing business and technology needs. Organizations of all sizes and across multiple industries need the ability to orient technology initiatives to discreet business outcomes with measurable KPIs. I believe that Cisco’s new Lifecycle Services is novel in its delivery mechanism to this end and leans into its depth of knowledge and capabilities. ”

– Will Townsend, VP & Principal Analyst, Moor Insights and Strategy

Focus on Business Outcomes

We understand your business, industry, and technologies. Distilled from over 30 years of experience helping thousands of organizations worldwide, Cisco Lifecycle Services empowers YOU to:

1. Drive business outcomes with continuous engagement.

Let’s say your priority is to reduce risk, enhance customer experience, and increase operational excellence – these are your desired business outcomes (and we have 11 in our catalog). With your desired outcomes as the compass, Cisco experts help you identify and develop IT optimization and transformation strategies. We then work with your team and partners to prioritize, implement, and drive the adoption of these strategies so that you achieve tangible business outcomes.

2. De-risk and accelerate time-to-outcomes.

With this service, you make informed decisions. Our experts have AI/ML insights, tools, and automation to translate telemetry data into actions. You also accelerate time-to-outcomes by removing execution roadblocks. You close skills-gap and talent shortages with Cisco’s team of deep technical experts to fast-track planning, designing, implementing, and automating your IT environment.

3. Demonstrate measurable success.

At the beginning of the engagement, together with you, we identify outcomes aligned KPIs (Key Performance Indicators). Next, we use our automated KPI measurement tools and telemetry to create a baseline. Throughout the engagement, Cisco experts track, measure, translate, and report the impact aligned with your desired outcomes.

4. Exercise flexible choices that align with the way you work.

At Cisco, we’re committed to your success. We understand that your organization is unique and has ways of working. With this service, you get the flexibility to engage Cisco experts and our partners in the best way for you.

• Provide deep and meaningful advice with actionable recommendations.
• Work with you as part of your team.
• Do it for you with end-to-end delivery ownership.

And, should your business priorities change during the engagement, we realign the experts and IT initiatives to your new direction.

Simple, consistent, and integrated engagement model

When you choose Cisco and our partners, you expect a simple, consistent, and high-quality experience. Rooted in learnings from our delivery experts and customer feedback, we expect to exceed your expectations with the new engagement model.

1. Baseline: We begin by understanding your business objectives and tailoring KPIs to align with your goals. Then, we establish a baseline using telemetry and other methods.
2. Analyze: Using telemetry and high-touch discovery, our experts analyze your IT environment and identify strategies to achieve your desired business outcomes.
3. Recommend: We make recommendations, help you prioritize IT initiatives, and build an execution plan.
4. Execute: We and our partners work with you to remove roadblocks to ensure the execution of prioritized initiatives – aligned with the way you work.
5. Measure: To demonstrate progress consistently, we track, measure, translate, and report KPIs at regular intervals using Automated Dashboard and Quarterly Business Reviews (QBR).

When you start with a business outcome, you know multiple IT initiatives will get you there. It gets complex. With Integrated Service Delivery, our experts handle the complexity and coordinate with your teams, partners, and the Cisco team to keep everyone in sync and focused on the ultimate objective. All you experience is simplicity, consistency, and measurable business outcomes.

Previews surpassed initial expectations.

We organized field trials with select customers to validate our new approach. The initial response surpassed our highest expectations. A broad range of organizations representing service providers, manufacturing, healthcare, retail, finance, education, and the public sector signed up for the preview, and the feedback tells us our impact with outcomes exceeds the value of previous services provided. Now we’re ready to bring this tremendous value to you.

Amplify with Cisco Partners

Cisco Lifecycle Services complements the capabilities and scale of our extensive partner ecosystem. Suppose you are already working with one of our partners. In that case, Cisco Lifecycle Services allows you and the partner to deepen the strategic relationship and achieve greater alignment on your business priorities and the business outcomes you desire. As Cisco and Cisco Partner experts analyze your environment and make recommendations to transform and optimize your IT environment, our flexible model allows you to engage your preferred partners to deliver a variety of implementation and managed services.

Let’s shift the focus from challenges to business outcomes.

To learn how your IT organization can accelerate their ability to deliver new and better business outcomes, visit Cisco Lifecycle Services here. You can also contact your Cisco account representative or authorized partner directly to set up an introductory meeting.

Source: cisco.com

Continue reading

How SD-WAN Solves Multicloud Complexity

Cloud is the undisputed center of gravity when supporting distributed workforces. But managing secure connectivity in a growing multicloud environment continues to be more complex, expensive, and time consuming.

Enter the software-defined WAN (SD-WAN), a powerful, abstracted software layer that serves as a centralized control plane to enable organizations to automate, simplify, and optimize their network transport for any application to any cloud.   

Are you ready to steer traffic on demand, based on centralized policy, network insights, and predictive AI, and further enhanced by end-to-end visibility? Do you want to be more proactive instead of reactive in how you manage this traffic and run your network? If so, read on! 

Abstracting the complexity of multicloud 

Enterprises accelerated their transition to cloud and software-as-a-service (SaaS) during the pandemic to support their distributed workforces at home and on the go. This has seen multicloud environments become the norm. Our 2023 Global Networking Trends Report found that 92% of respondents used more than one public cloud in their infrastructure and 69% used over five SaaS applications.  

Connecting to different providers and network layers in multicloud environments has led to a patchwork of infrastructure and management controllers. This results in more complexity and cost for organizations looking to ensure a secure, consistent user experience.  

Networking complexity, from first to last mile 

Let’s look at these networking layers and why IT simplification is crucial in connecting today’s highly mobile workforce to business-critical applications.  

In the first mile, users access services from offices and campuses near data centers or remotely, from uncontrolled facilities using various devices (Figure 1). Workers connect through Multiprotocol Label Switching (MPLS), broadband, Wi-Fi, and cellular. Remote workers use their internet service provider (ISP) to connect them to concentrators at regional peering points of presence (PoPs).

Figure 1. New architecture for the distributed workplace  

The middle mile is the long-haul transport layer that has grown in complexity with the migration to the cloud. It serves as the connective tissue between first and last mile, interconnecting different types of cloud services, cloud applications (e.g., SaaS, IaaS), and data centers. Specialized middle-mile providers like Equinix and Megaport provide cross-connects between business networks, the internet, and cloud providers globally. Adding to the array of choices in the middle mile, public cloud providers like AWS, Google Cloud, and Microsoft Azure offer customers the ability to access their apps with site-to-cloud, site-to-site, region-to-region, cloud-to-cloud, and other connection options with different quality of experience metrics.  

The last mile is the connection between the data center or service provider and the end user’s device and application.    

Managing multicloud complexity with SD-WAN integrations  

Using applications distributed across multiple clouds and SaaS, workers have widely different experiences depending on their location. Adverse and unpredictable amounts of downtime, latency, and speed, for example, can threaten business continuity. So, establishing reliable, consistent, high-quality experiences is very much on the minds of enterprise IT managers today. 

More than half (53%) of respondents to the 2023 Global Networking Trends Report said they are prioritizing integration with cloud providers to improve connectivity to cloud-based apps from distributed locations. Additionally, 49% said they are using SD-WAN integrations across providers and multiple clouds to provide a simpler, consistent, optimized, and secure IT and application experience. 

SD-WAN unifies the entire WAN backbone and brings secure, private, cloud-aware connectivity that is agnostic to all kinds of link types, providers, and geographies (Figure 2).  

Figure 2. SD-WAN integrations with IaaS, SaaS, and middle-mile providers are vital for a better IT and user experience 

With SD-WAN providing connectivity between cloud, SaaS, and middle-mile providers, real-time traffic steering based on centralized policy and end-to-end analytics is possible. Network admins can be proactive instead of reactive, changing traffic parameters on demand, according to application, congestion, location, user, device, and other factors. 

SD-WAN multicloud integrations in action 

Tamimi Markets, a major Saudi Arabian supermarket chain, was having trouble providing a consistent experience to users at markets, warehouses, branch offices, and remote locations. Dependent on three ISPs for end-to-end connectivity in a hub-and-spoke architecture, they moved to a cloud architecture to eliminate the need to backhaul network traffic through the headquarters and in the process quadrupled bandwidth speeds. An integrated SD-WAN enables them to steer their traffic over a variety of link options based on network demand, cost, and quality of experience metrics.  

Asian food manufacturer Universal Robina Corporation shifted to a multicloud architecture to support remote workers after the pandemic. It uses SD-WAN to connect users and apps to its multicloud architecture securely, wherever they are located. The multicloud integrations enable secure connectivity from branches to the Microsoft Azure cloud and with Microsoft 365 for a superior application experience with informed network routing (INR) that enables the exchange of telemetry between Cisco and Microsoft while providing full visibility to Universal Robina’s IT team. 

Foundational for a SASE architecture 

Another benefit of SD-WAN is that it is one half of a converged secure access service edge (SASE) architecture. SASE radically simplifies security and networking through unified and centralized management to connect users to applications in complex and highly distributed environments. By combining SD-WAN networking infrastructure and routing traffic through a cloud-centric security service edge (SSE) solution, companies can maintain the same level of security for cloud users as data center users (Figure 3).

Figure 3. SD-WAN is foundational to a SASE architecture 

It’s a multicloud world and SD-WAN―with tight integrations to leading cloud, SaaS, and middle-mile providers―is the connective tissue from first mile to last, managing complexity and driving agility throughout sprawling multicloud environments.

What’s more, SD-WAN multicloud integrations bring together each organization’s many different types of transport connections and policies under one management system for secure, consistent service.

The cost savings from automation and the ability to steer traffic on demand with optimized routing are further compelling reasons why SD-WAN continues to grow in popularity. Once established, these features enable IT departments to build an optimized global network in a simplified, fully automated way, within hours. 

Source: cisco.com

Continue reading

Why are CEOs Cyber Resilient?

I recently attended a session run by the Said Business School at Oxford along with an organisation called Istari. The discussion was based upon their research into at the view CEOs had of cyber resilience.

There were two immediate points which struck me. The first is that major cyber incidents are hugely traumatic for CEOs. It is an experience they are ill equipped to deal with when compared to other business challenges. This is not surprising considering the speed at which an incident can stop a business from operating and its relative recent appearance when compared to other risks. The second was that cyber security is not a topic to interest a CEO but cyber resilience certainly is. So, a lesson for security professionals is to “watch your language” and use more recognised terminology.

So, what practical steps can a CEO take to address Cyber Resilience rather than just heaving it on to the shoulders of the CISO.

One of the issues could be a possible difference between views on Cyber Resilience between Business Leaders and CISOs. A recent report by the World Economic Forum showed a comparative difference between these two groups in their organisations cyber resilience capability. Whereas CISOs saw a definite improvement Business Leaders were not so sure.

One action could be is to define and agree what resilience means to the organisation. It can be very different according to the nature, risk and priorities of the organisation. In a key, regulated member of the CNI there will be a different idea of resilience when compared to a born in the cloud start up chasing market share. The former will be focused on ensuring stability and compliance, the latter on availability and speed of change. So different views of what it means to keep the business operating, adapting and innovating.

The CEO should be agreeing on a Risk based approach and clearly expressing the importance of this is at the start. One principle I was told to follow many years ago as a young consultant is that CEOs always make decision with a Risk vs Opportunity mind set. If we do this, what will we gain, what could we lose and how do we minimise the downside? So, security teams can always present an issue on those terms. What the priorities are, how should they be addressed and the identifiable benefits.

From the CISO perspective this can be a great help in practical terms. For example, during a discussion with a couple of CISOs, it became apparent that they had different levels of budgetary support from their CEO. One had aligned all expenditure with the Risk Register and was well funded. The other had a funding surge after an incident but interest had waned and now funding was harder to justify. The former had the support of the CEO for the security function whilst the latter was seen in the light of a specific incident which became less valid as memories faded.

This observation led me to another topic. A lot is talked about Culture, the soft art of improving security and resilience. This is increasingly referred to by CISOs but shouldn’t the CEO be leading this change? To draw a comparison. Over the years the concept of Health and Safety has increased in profile as CEOs committed to the principles especially in industries such as Oil and Gas. This developed into a clear set of ordered  priorities, employees, customers, shareholders. Now the principles of Sustainability are also becoming fundamental to how an organisation operates. Cyber Resilience can likewise be developed into the fabric and values. Become part of the culture.

The best place to start is at the most senior level. Some years go the World Economic Forum produced a set of Board Principles to support CEOs and which are valid today. They encompass the basic needs which a Board to address from Accountability to Collaboration. Adopting an internationally recognised framework has been successful in the past and I am aware of a CISO who used these Principles to gain greater traction internally. Driven by the CEO this will create a sense of Cyber Resilience as part of the fundamental management of the business.

All preparation is improved by constant repetition and developing the ability to act when needed. Tabletop exercises are commonly carried out. But for the CEO to lead on these and ensure full cooperation is a further way to change the culture and thinking.  Being trained in a situation will intuitively increase awareness of the importance of cyber resilience as well as building in response capabilities. Learning in the middle of an incident is not the best option.

When addressing culture at a more tactical, day to day, basis the CEO should ensure that the ELT have Security Champions working in all areas of the business. People who understand how colleagues work to and align security with them. Understanding the User Experience. The benefit of this will be to feed back to the security teams the needs of the business from a resilience perspective. Whether following set procedures is more important than being able to adapt quickly and securely for example.  In addition, it makes security a cooperative rather than an antagonistic exercise where the security team impose controls.

As a final thought. The CEO could support the CISO in getting the right communications around the risk and benefits to the business by not holding the CISO responsible for communicating the ideas and principles. In other words, make it the responsibility for the business leaders to communicate what resilience means to them and their areas of responsibility.

One CISO was supported by the adoption of  this approach and got the support from within the organisation they secured.  The brand was of paramount importance to the business. Built up over years. A major corporate asset. The CISO asked the marketing team to define the impact and cost, tangible and intangible, of an incident on the brand and how resilience could be worked into the brand values as a positive element for customers. Whilst it may be a long trek for the CISO to achieve this support, for the CEO it could be a simple first step to inculcate cyber resilience into the culture and thinking of the organisation by asking the functional leads to take the initiative.

For the CEO an incident could be traumatic. But there are a range of proactive steps that could be taken at the most senior level through to daily operations.

There is an adage that the most expensive security is the security that is applied after the event. If the CEO leads Cyber Resilience journey, not only will security make the organisation more resilience, it could also save money. It will weigh the Risk vs Opportunity decision in favour of the opportunity by understanding and mitigating the risk. And by being part of the solution the CEO will find the traumatic impact of an incident is reduced.

Source: cisco.com

Continue reading

Cisco Full-Stack Observability Platform: Rapid Development and Partner Collaboration

Collaboration was key in the development of the platform

In June 2022, Cisco announced plans to develop Cisco Full-Stack Observability (FSO) platform, expanding upon the foundations set by AppDynamics Cloud. By February 2023, during Cisco Live Europe, we introduced the tech preview of Cisco FSO Platform. In just six more months, our promise of general availability was fulfilled by Cisco Live US, and we exceeded initial expectations by releasing six innovative modules.

A significant aspect of this achievement was our collaboration with external partners. Rather than solely do the development in-house, many of these modules were built by partners trained on the FSO platform. They utilized its tools and SDKs to create these modules, which were then published on our App Exchange. Rather than having a platform land with a thud, Cisco FSO Platform launched with enthusiastic partners who helped battle test it, and whose modules offered very real, market leading value from the outset.

The modules, available now on Cisco FSO Platform App Exchange, introduce features ranging from real-time cost insights to machine learning-based Kubernetes performance optimizers.

Being open, extensible and programmable makes the platform powerful

At its core, the platform incorporates a comprehensive MELT fabric — Metrics, Events, Logs, and Traces. This system is designed to efficiently process vast amounts of data from diverse digital systems. But the real power of the platform doesn’t just stem from MELT storage and query. It derives from seven powerful features that can be programmed collectively, or individually, and a unique application packaging system for deploying these solutions to the Cisco FSO Platform exchange. From the customer point of view, this manifests in the form of subscription solutions that can provide diverse feature sets, ranging from small enhancements to full-blown applications with a specific industry focus. From a competitive point of view we can confidently say that the platform offers the most sophisticated and comprehensive approach to building cloud native full stack observability solutions.

Before we dig into the pieces of the platform and the development model, consider for a moment the challenge of what it even means to define this new category of application – the MELT app. Perhaps the best analogy for what the platform provides, is that it acts as a distributed operating system that governs the complete lifecycle of MELT data, from collection and ingestion to processing, storage, and query. This means that a MELT app is a distributed application, and the complexity could easily spiral out of control.

Consider distributed microservices based “applications.” They are themselves so complex and so distributed that in many ways they are the raison d’etre for monitoring platforms such as Cisco FSO Platform. When we approached the problem of how to enable this “MELT app” we knew that we had to embrace the concept of declarative versus imperative, applications. We had to provide a very clear framework versus a low-level free-for-all. That is to say, a Cisco FSO MELT app is a set of declarations, each declaration telling a particular piece of the platform how it should behave.

How Cisco FSO Platform works

A winning, customer-centric governance model from the get-go

We also knew that the platform had to provide solid isolation primitives that would guarantee that App A and App B could safely co-exist. We took to heart the idea that the data flowing into the platform is absolutely owned by the customer, and that applications are guests that a customer grants revocable privileges to. We heard arguments that “applications ingest data” and “apps own the data.” We soundly rejected these ideas. The customer ingests their data. The customer owns their data. An application is a guest that a customer invites and allows to perform clearly articulated, non-destructive, actions on the MELT stream.

With that preamble out of the way let’s dig into the primitives that the platform exposes to solutions.

1. Dashboards and Microsites – MELT UI may be the most important and front-facing component of the platform. Dashboards are not just a way to throw charts onto a page. They are a comprehensive framework that applications can leverage to build fully interactive experiences on MELT data. When we took on the challenge of data driven visualization, we knew we couldn’t just coexist with Grafana dashboards. We had to do something game-changing and raise the bar. We aspire to be nothing less than the best MELT dashboarding platform in the industry. While we can’t explain it all in this summary, the nutshell is that we embrace an emerging standard called JSONata for the manipulation of JSON data that puts the dashboard builder radically in control of how data is transformed and manipulated so that virtually any data source can be paired with any visualization. On top of that, microsites allow our solution developers to provide containers that serve their application experiences from the backend frameworks and languages of their choice, while maintaining a consistent authn/z experiences for the user. This comprehensive approach to UI provides partners with an unequaled set of capabilities.
2. Extensible Access Control – In a dynamic digital environment, one-size-fits-all access controls are too restrictive. Our platform’s extensible access control adapts to varying application domains. Developers can easily create domain-specific roles, ensuring precise and secure access over features that they themselves provide. Customers benefit from robust, customizable roles ensuring their data is only accessed by the right personnel. Developers are unlocked to create new roles that make sense for their own verticals vs generic “admin” roles that may be too broadly scoped.
3. Cloud Collectors and Custom APIs – It would quite literally be impossible to predict the shape and variety of APIs that partners and solution developers want to integrate. The platform’s support for custom data gatherers, or “cloud collectors” allows the developer self-service over their integrations. Developers can gather data from diverse endpoints using any programming language with containerized collectors. For businesses, this means unparalleled flexibility in data integration and the capability to extend the platform’s API for unique needs.
4. Knowledge Store – The knowledge store, acting as the platform’s distributed brain, stores non-MELT related information. This can be anything from an investigation workflow, to a dashboard. The knowledge store is internally globally replicated and layered but presents as a simple store. This vastly simplifies the developer’s lifestyle. Developers can create “knowledge models” that extend the knowledge store with new types. For example, if a developer wanted to create a solution that allowed an investigation to be linked to a health rule violation, the developer is empowered to totally define the concept of an investigation through Knowledge modeling. The global, multi-region nature of the knowledge store means that developers don’t have to worry about, or even know that customers reside in multiple cells across multiple regions globally. Just push a simple knowledge model to the platform and you are good to go, regardless of how many customers around the globe subscribe to your app.
5. Serverless Workflow – Observability pipelines can be notoriously hard to wrangle. By implementing the CNCF Serverless Workflows and Cloud Events standards, Cisco FSO Platform allows third-party developers to inject both simple and intricate behaviors into the observability pipeline. This allows domain specific transformations, and even the derivation of new data off the arriving stream.
6. Entity Modeling – With roots in AppDynamics’ Application Performance Monitoring, our enhanced entity modeling organizes complex signals into intelligible insights. Developers can model domains with the Flexible MELT Modeling language, correlating signals across domains. Customers get a layered view, enabling precise problem pinpointing and resolution. The key to entity modeling is that it provides a domain specific, organizational scheme for the vast quantities of data that customers ingest. Without entity modeling, most tasks begin with just figuring out where and what a particular error came from. With deep support for entity modeling, domains can provide full stack correlation of data immediately. For example, supposing you are a metropolitan European transit agency tasked with providing on-time performance reporting in compliance with EU regulations. Entity modeling allows you to create entities representing both real physical assets such as vehicles reporting live telemetry, as well as roll-up entities such as cities and regions that monitor large-scale aggregate performance. Errors affecting turnstiles and card readers can immediately be correlated up the stack to the station and regions effected, as well as down the stack to clusters, nodes, and processes. This is full stack observability.
7. Health Rules – Health rules are a critical part of providing a full stack experience for customers. Developers can provide health rules that are integrally aware of the entity models and domains provided in the developer’s solution. Returning to the example of stations and vehicles, the definition of a station’s health depends on factors that are likely understood in great detail by the developer of the full stack transit monitoring solution. By including custom health rules, in the solution, behaviors such as linking health to on-time-performance of arriving trains and rider wait times becomes possible. By providing these out-of-the-box, the solution developer is able to provide the customer with a wealth of domain experience that wouldn’t practically be feasible to ask the customer to ‘figure out themselves’.

Source: cisco.com

Continue reading

Cisco Drives Full-Stack Observability with Telemetry

Telemetry data holds the key to flawless, secure, and performant digital experiences

Organizations need to build complete customer-centric environments that deliver superb, secure, personalized digital experiences every time, or risk losing out in the race for competitive advantage. Prioritizing both internal- and external-facing applications and ensuring they are running optimally is the engine behind every successful modern business.

The complexity of cloud native and distributed systems has risen in lockstep with the expectations of customers and end users. This rachets up the pressure on the teams responsible for applications. They need to aggregate petabytes of incoming data from applications, services, infrastructure, and the internet and connect it to business outcomes.

This telemetry data — called MELT or metrics, events, logs, and traces — contains the information needed to keep digital experiences running at peak performance. Understanding, remediating, and fixing any current or potential breakdown of the digital experience depends on this collective data to isolate the root cause.

Given our dependence on performant, real-time applications, even a minor disruption can be costly. A recent global survey by IDC reveals the cost of a single hour’s downtime averages a quarter of a million dollars — so it’s vital that teams can find, triage, and resolve issues proactively or as quickly as possible.

The answers lie in telemetry, but there are two hurdles to clear

The first is sorting through vast volumes of siloed telemetry in a workable timeframe. While solutions on the market can identify anomalies, or issues out of baseline, that doesn’t necessarily mean they are a meaningful tool for cross-domain resolution. In fact, only 17% of IDC’s survey respondents said current monitoring and visibility options are meeting their needs, though they are running multiple solutions.

The second is that some data may not even be captured by some monitoring solutions because they see only parts of the technology stack. Today’s applications and workloads are so distributed that solutions lacking visibility into the full stack — application to infrastructure and security, up to the cloud and out to the internet where the user is connected — are missing some vital telemetry altogether.

Effective observability requires a clear line of sight to every possible touchpoint that could impact the business and affect the way its applications and associated dependencies perform, and how they are used. Getting it right involves receiving and interpreting a massive stream of incoming telemetry from networks, applications and cloud services, security devices, and more, used to gain insights as a basis for action.

Cisco occupies a commanding position with access to billions upon billions of data points

Surfacing 630 billion observability metrics daily and absorbing 400 billion security events every 24 hours, Cisco has long been sourcing telemetry data from elements that are deeply embedded in networks, such as routers, switches, access points and firewalls, all of which hold a wealth of intelligence. Further performance insights, uptime records and even logs are sourced from hyperscalers, application security solutions, the internet, and business applications.

This wide range of telemetry sources is even more critical because the distributed reality of today’s workforce means that end-to-end connectivity, application performance and end-user experience are closely correlated. In fact, rapid problem resolution is only possible if available MELT signals represent connectivity, performance, and security, as well as dependencies, quality of code, end-user journey, and more.

To assess this telemetry, artificial intelligence (AI) and machine learning (ML) are essential for predictive data models that can reliably point the way to performance-impacting issues, using multiple integration points to collect different pieces of data, analyze behavior and root causes, and match patterns to predict incidents and outcomes.

Cisco plays a leading role in the OpenTelemetry movement, and in making systems observable

As one of the leading contributors to the OpenTelemetry project, Cisco is committed to ensuring that different types of data can be captured and collected from traditional and cloud native applications and services as well as from the associated infrastructure, without dependence on any tool or vendor.

While OpenTelemetry involves metrics, events/logs and traces, all four types of telemetry data are essential. Uniquely, Cisco Full-Stack Observability has leveraged the power of traces to surface issues and insights throughout the full stack rather than within a single domain. Critically, these insights are connected to business context to provide actionable recommendations.

For instance, the c-suite can visualize the business impact of a poor mobile application end-user experience while their site reliability engineers (SREs) see the automated action required to address the cause.

By tapping into billions of points of telemetry data across multiple sources, Cisco is leading the way in making systems observable so teams can deliver quality digital experiences that help them achieve their business objectives.

Source: cisco.com

Continue reading