Cisco: How AI and machine learning are going to change your network

Cisco unwrapped a server -- the UCS C480 ML -- targeted at supporting machine learning and AI applications, but that’s only the beginning.

Cisco: How AI and machine learning are going to change your network
Thinkstock

Cisco is betting heavily that artificial intelligence and machine learning will play an enormous part in future networks and data centers.

How far and what roles those technologies play may be the biggest questions but the stakes are clearly in the ground.

For its part, Cisco this week rolled out a server system targeted at supporting machine learning and AI applications, but it is really just the tip of the iceberg of the network giant’s move toward both technologies.

For example, in a recent interview Roland Acra, senior vice-president and general manager of Cisco’s data center business, noted a number of ways Cisco is utilizing machine learning in particular to drive networking changes.

Cisco and its big ASICs

Central to Cisco's push is being able to gather metadata about traffic as it passes without slowing the traffic, which is accomplished through the use of ASICs in its campus and data-center switches. That's in addition to performing the traditional functions of ACICs – forwarding packets, encapsulating, decapsulating, queuing and enforcing quality of service, Acra says.

“In previous generations of silicon, you would be, 'well, I could get line rate but then I won’t get a whole lot of telemetry,' etc. Now we can do 100G on a 100g port, with all the features turned on and with a lot of data being produced on the side that’s documenting [a variety of network details such as] traffic matrices, who initiated the TCP session, and hundreds of signals now being produced by the silicon.”

Machine learning can be applied to all of that intelligence data for all manner of applications that help network operators handle everything from policy setting and network control to security. Cisco has already given customers options for securing their resources using machine learning and the metadata Cisco gathers from its switches.

Security stems from the network

The network plays a pivotal role in the way we are detecting malware in encrypted traffic, said John Apostolopoulos, Cisco CTO and vice president of Enterprise Networking.

“The trend now is having encrypted traffic end to end and how we can identify that there’s malware in that traffic without decrypting that content,” Apostolopoulos said. Cisco noted that it believes encryption will be used in 70% of attacks in 2019.

“We have huge data lakes of information about all the threats throughout the world from our Talos security team. Armed with all this data about all the attacks and malware that are out there we look at and try to identify patterns such as packet sizes and the arrival times of these packets between the sender and receiver so even though the packets are encrypted you can identify them.”

"In addition, if you look at the cypher suites that are used for the encryption that actually tells us a lot because many of the bad guys out there use particular cypher suites, which also helps identify the traffic," he said.

Cisco offers a service called Encrypted Traffic Analytics that employs machine learning algorithms and AI techniques to help users rapidly spot security issues on the network and contain infected devices and users.

Another AI/ML use case is found in Cisco’s Tetration platform where the generation of network access lists are handled automatically. The Cisco Tetration Analytics system gathers information from hardware and software sensors and analyzes the information using big data analytics and machine learning to offer IT managers a deeper understanding of their data center resources.

Tetration enforces a whitelist model, Acra said. “Meaning nothing goes unless I explicitly tell you it’s allowed to go – between every VM and every other VM, servers, containers etc. With Tetration the network is learning all of the patterns in that network with lots of detail and from there we suggest the connectivity graph becomes your white list. Tetration has tools will do the ML and all of this activity turns the network into the sensor but also the enforcer of the policy. Users can automatically quarantine a node etc. or send an alert to an admin.”

AI and ML are only as good as their datasets

Machine learning is only as good as the data set, and we have an enormous data sets at Cisco, said Apostolopoulos. “We have trouble ticket data sets, we have our own bug data bases, we have traffic data sets and we have another data assets that all together can be used to fundamentally change the way people deploy and manage networks.”

Cisco is betting heavily that artificial intelligence and machine learning will play an enormous part in future networks and data centers.

How far and what roles those technologies play may be the biggest questions but the stakes are clearly in the ground.

For its part, Cisco this week rolled out a server system targeted at supporting machine learning and AI applications, but it is really just the tip of the iceberg of the network giant’s move toward both technologies.

For example, in a recent interview Roland Acra, senior vice president and general manager of Cisco’s data center business, noted a number of ways Cisco is utilizing machine learning in particular to drive networking changes.

Cisco and its big ASICs

Central to Cisco's push is being able to gather metadata about traffic as it passes without slowing the traffic, which is accomplished through the use of ASICs in its campus and data-center switches. That's in addition to performing the traditional functions of ACICs – forwarding packets, encapsulating, decapsulating, queuing and enforcing quality of service, Acra says.

“In previous generations of silicon, you would be, 'well, I could get line rate but then I won’t get a whole lot of telemetry,' etc. Now we can do 100G on a 100g port, with all the features turned on and with a lot of data being produced on the side that’s documenting [a variety of network details such as] traffic matrices, who initiated the TCP session, and hundreds of signals now being produced by the silicon.”

Machine learning can be applied to all of that intelligence data for all manner of applications that help network operators handle everything from policy setting and network control to security. Cisco has already given customers options for securing their resources using machine learning and the metadata Cisco gathers from its switches.

Security stems from the network

The network plays a pivotal role in the way we are detecting malware in encrypted traffic, said John Apostolopoulos, Cisco CTO and vice president of Enterprise Networking.

“The trend now is having encrypted traffic end to end and how we can identify that there’s malware in that traffic without decrypting that content,” Apostolopoulos said. Cisco noted that it believes encryption will be used in 70% of attacks in 2019.

“We have huge data lakes of information about all the threats throughout the world from our Talos security team. Armed with all this data about all the attacks and malware that are out there we look at and try to identify patterns such as packet sizes and the arrival times of these packets between the sender and receiver so even though the packets are encrypted you can identify them.”

"In addition, if you look at the cypher suites that are used for the encryption that actually tells us a lot because many of the bad guys out there use particular cypher suites, which also helps identify the traffic," he said.

Cisco offers a service called Encrypted Traffic Analytics that employs machine learning algorithms and AI techniques to help users rapidly spot security issues on the network and contain infected devices and users.

Another AI/ML use case is found in Cisco’s Tetration platform where the generation of network access lists are handled automatically. The Cisco Tetration Analytics system gathers information from hardware and software sensors and analyzes the information using big data analytics and machine learning to offer IT managers a deeper understanding of their data center resources.

Tetration enforces a whitelist model, Acra said. “Meaning nothing goes unless I explicitly tell you it’s allowed to go – between every VM and every other VM, servers, containers etc. With Tetration the network is learning all of the patterns in that network with lots of detail and from there we suggest the connectivity graph becomes your white list. Tetration has tools will do the ML and all of this activity turns the  network into the sensor but also the enforcer of the policy. Users can automatically quarantine a node etc. or send an alert to an admin.”

AI and ML are only as good as their datasets

Machine learning is only as good as the data set and we have an enormous data sets at Cisco, said Apostolopoulos. “We have trouble ticket data sets, we have our own bug data bases, we have traffic data sets and we have another data assets that all together can be used to fundamentally change the way people deploy and manage networks.”

Managing and developing new AI/ML-based applications from enormous data sets beyond what Cisco itself has already has is a key driver behind its new Unified Compute System (UCS) server  announcement. While the new server, the UCS C480 ML is powerful – it includes 8 Nvidia Tesla V100-32G GPUs with 128GB of DDR4 RAM, 24 SATA hard drives and more – it is the ecosystem of vendors the company announced that will end up being more important. 

For example, Cisco said it is working with Hortonworks to validate Hadoop 3.1 in a design where the Cisco UCS C480 ML is part of the big data cluster, storing data on the C480 ML disk drives, and supporting Docker containers running analytic workloads such as Apache Spark and Google TensorFlow that require both CPUs and GPUs. Originally developed Google’s AI organization, TensorFlow is a high-performance open-source system that utilizes machine learning and lets customers develop applications across a variety of platforms and services. 

Cisco is working with Anaconda to ensure that data scientists can collaborate on machine learning using languages such as Python.

Cisco also has its DevNet Ecosystem Exchange, a one-stop shop for shared Cisco applications. Business leaders and developers can use this online portal to discover partner solutions that span all Cisco platforms and products. Currently, the exchange contains more than 1,300 offerings, Cisco said

“More important to Cisco and others like HP, Dell and IBM who are looking to push AI and machine learning is the software ecosystem around the server,” said Chirag Dekate, research director at Gartner. “The broad partnerships Cisco has with Hortonworks and Cloudera for example will let customers bring in large data sets and create a machine learning and AI application pipeline right into the enterprise.”

Cisco and others believe there is such a pipeline to be built with the company, citing a 2017 McKinsey AI Report that stated:

  • 75% of developer teams will include AI functionality in one or more applications in 2018.
  • 40% of all digital transformation initiatives will be enabled by AI by 2019.
  • 100% of all effective IoT efforts will be supported by AI capabilities by 2019.

What does the future hold for AI/ML?

The fact is that IT is in uncharted territory, trying to curate and support fragmented, unfamiliar and rapidly evolving AI/ML software stacks. These stacks power new apps that support use cases both imagined and as yet unimagined, wrote Kaustubh Das vice president of strategy and product development in Cisco’s Storage Computing Systems Product Group.

Cisco and others, such as VMware, Dell, HP and Juniper, are really only at the beginning of figuring to what to do with AI and services around it.

According to Tom Nolle, president of CIMI Corp., the real use case for AI and applications will come from cloud service providers and carrier-class operators, but the impact might not occur until between 2021 and 2023 when “contextual” services are available. 

Contextual services take all manner of detailed information about user requests, but also about the context of those requests like location, behavior and an assortment of other input that can be crunched by AI to develop truly valuable service information.

“Cisco ultimately wants to target the service providers of contextual services,” Nolle said. All of this is going to need a serious software architecture – which doesn’t exist today – around it to work and that’s where Cisco is trying to go, Nolle said.  

“Future applications to enhance buyer productivity and seller efficiency will be driven by contextual services, too. Altogether, contextual services represent over a trillion dollars a year in potential service revenues,” Nolle wrote in his blog. “If an operator today spends 19% of revenue on capex, that equates to almost two hundred billion dollars in equipment. Cisco would be stupid to ignore that.”

This story, "Cisco: How AI and machine learning are going to change your network" was originally published by Network World.