Machine learning enabling whole-of-data-centre security analysis: Cisco

Complex interdependencies between applications and computing environments can make whitelist-based security nearly impossible to enforce in practice, a Cisco executive has argued as the company debuts a data-centre analytics platform that utilises machine-learning techniques to model and predict the security impact of configuration and application changes. Those changes can wreak havoc with conventional security models built around blacklists that are difficult to keep up to date as the environment changes, vice president of product marketing Rajeev Bhardwaj told CSO Australia as the company debuted a Tetration Analytics platform that surveils the data centre to monitor data flows and application interactions. While many data-centre operators preferred to operate on a zero-trust, whitelist-based security model, that had been difficult to accomplish because of changing interdependencies within the "black box" of the data centre, Bhardwaj said. "The data centre of today has multiple layers of complexity from compute, network, and storage infrastructure as well as virtualisation, firewalls, load balancers and customer applications," he explained. "If something goes wrong it's extremely hard to find out what happened: you look at the black box and don't know which application is talking with which applications, which ports are open, which applications are protected with a firewall."