This document discusses how adaptive network automation can help address cyber defense challenges faced by the Department of Defense (DoD). It outlines how network automation can help provide real-time network visibility and flexible automation. The adaptive network automation framework utilizes a comprehensive data model to generate dynamic maps and define automation tasks. This framework can then apply automation before, during, and after cyber events to help identify threats, mitigate attacks, and strengthen defenses.
"A session in the DevNet Zone at Cisco Live, Berlin. Analytics of network telemetry data (such as flow records, IPSLA measurements, and time series of MIB data) helps address many important operational problems. Traditional Big Data approaches run into limitations even as they push scale boundaries for processing data further. One reason for this is the fact that in many cases, the bottleneck for analytics is not analytics processing itself but the generation and export of the data on which analytics depends. Data does not come for free. The amount of data that can be reasonably collected from the network runs into inherent limitations due to bandwidth and processing constraints in the network itself. In addition, management tasks related to determining and configuring which data to generate lead to significant deployment challenges.
This presentation provides an overview of DNA (Distributed Network Analytics), a novel technology to analyze network telemetry data in distributed fashion at the network edge, allowing users to detect changes, predict trends, recognize anomalies, and identify hotspots in their network. Analytics processing occurs at the source of the data using an embedded DNA Agent App that dynamically configures data sources as needed and analyzes the data using an embedded analytics engine. This provides DNA with superior scaling characteristics while avoiding the significant operational and bandwidth overhead that is associated with centralized analytics solutions. An ODL-based SDN controller application orchestrates network analytics tasks across the network, providing a network analytics service that allows users to interact with the network as a whole instead of individual devices one at a time. DNA is enabled by the IOx App Hosting Framework and integrated with light-weight embedded analytics engines, CSA (Connected Service Analytics) and DMO (Data in Motion). "
Edge optimized architecture for fabric defect detection in real-timeShuquan Huang
In textile industry, fabric defect relies on human inspection traditionally, which is inaccurate, inconsistent, inefficient and expensive. There were automatic systems developed on the defect detection by identifying the faults in fabric surface using the image and video processing techniques. However, the existing solution has insufficiencies in defect data sharing, backhaul interconnect, maintenance and etc. By evolving to an edge-optimized architecture, we can help textile industry improve fabric quality, reduce operation cost and increase production efficiency. In this session, I’ll share:
What’s edge computing and why it’s important to intelligence manufacturing
What’s the characteristics, strengths and weaknesses of traditional fabric defect detection method
Why textile industry can benefit from edge computing infrastructure
How to design and implement an edge-enabled application for fabric defect detection in real-time
Insights, synergy and future research directions
"A session in the DevNet Zone at Cisco Live, Berlin. Analytics of network telemetry data (such as flow records, IPSLA measurements, and time series of MIB data) helps address many important operational problems. Traditional Big Data approaches run into limitations even as they push scale boundaries for processing data further. One reason for this is the fact that in many cases, the bottleneck for analytics is not analytics processing itself but the generation and export of the data on which analytics depends. Data does not come for free. The amount of data that can be reasonably collected from the network runs into inherent limitations due to bandwidth and processing constraints in the network itself. In addition, management tasks related to determining and configuring which data to generate lead to significant deployment challenges.
This presentation provides an overview of DNA (Distributed Network Analytics), a novel technology to analyze network telemetry data in distributed fashion at the network edge, allowing users to detect changes, predict trends, recognize anomalies, and identify hotspots in their network. Analytics processing occurs at the source of the data using an embedded DNA Agent App that dynamically configures data sources as needed and analyzes the data using an embedded analytics engine. This provides DNA with superior scaling characteristics while avoiding the significant operational and bandwidth overhead that is associated with centralized analytics solutions. An ODL-based SDN controller application orchestrates network analytics tasks across the network, providing a network analytics service that allows users to interact with the network as a whole instead of individual devices one at a time. DNA is enabled by the IOx App Hosting Framework and integrated with light-weight embedded analytics engines, CSA (Connected Service Analytics) and DMO (Data in Motion). "
Edge optimized architecture for fabric defect detection in real-timeShuquan Huang
In textile industry, fabric defect relies on human inspection traditionally, which is inaccurate, inconsistent, inefficient and expensive. There were automatic systems developed on the defect detection by identifying the faults in fabric surface using the image and video processing techniques. However, the existing solution has insufficiencies in defect data sharing, backhaul interconnect, maintenance and etc. By evolving to an edge-optimized architecture, we can help textile industry improve fabric quality, reduce operation cost and increase production efficiency. In this session, I’ll share:
What’s edge computing and why it’s important to intelligence manufacturing
What’s the characteristics, strengths and weaknesses of traditional fabric defect detection method
Why textile industry can benefit from edge computing infrastructure
How to design and implement an edge-enabled application for fabric defect detection in real-time
Insights, synergy and future research directions
Cloud Computing: Architecture, IT Security and Operational PerspectivesMegan Eskey
A 2010 presentation on NASA Nebula that makes no reference to OpenStack (or pinet) dated a month after OpenStack was released to the public as open source. There is no link between Nebula and OpenStack.
Network Automation in Support of Cyber DefenseKen Flott
Cyber Defense Challenges
-Real-time network visibility
-Limited network automation
-Making sense of the data
Adaptive Network Automation Applied to Cyber Defense
-Visualize
-Automate
-Integrate
This webinar focuses on the particular use case of graph databases in Network & IT-Management. This webinar is designed for people who work with Network Management at telecom companies or professionals within industries that handle and rely on complex networks.
We’ll start with an overview of Neo4j and Graph-thinking within Networks, explaining how Neworks are naturally modelled as graphs. We’ll explain how graph databases vastly help mitigate some of the major challenges the Network and Security Managers face on daily basis — including intrusions and other cyber crimes, performance optimization, outage simulations, fraud prevention and more.
Imagine that self-driving cars now exist and are becoming widespread around the world. To facilitate the transition, it's necessary to set up central service to monitor traffic conditions nationwide, deploy sensors throughout the interstate system that monitor traffic conditions including car speeds, pavement and weather conditions, as well as accidents, construction, and other sources of traffic tie ups.
MongoDB has been selected as the database for this application. In this webinar, we will walk through designing the application’s schema that will both support the high update and read volumes as well as the data aggregation and analytics queries.
Undertaking a digital journey starts with clearly articulating the success factors for the entire digital journey, and our experience from the field has shown it to be an Achilles heel for most CXOs, across Fortune 500 organizations. Our findings were corroborated when a Mckinsey study reported that only 15% of the organizations are able to calculate the ROI of a digital initiative.
In this talk we will deliberate on demonstrated examples from multi-billion dollar businesses around proven methodologies to measure the value of a digital enterprise. The panel will share experiences as well as provide actionable advice for immediate next steps around the following:
Successful metrics for measuring the value for Digital / IoT / AI/ Machine learning engagements
How can 'Digital Traction Metrics' help with actionable insights even before the Financial Metrics have been reported
What are the best in-class organizational constructs and futuristic employee engagement methods to facilitate the digital revolution
Panelists for this session include:
• Christian Bilien - Head of Global Data at Societe Generale
• Pierre Alexandre Pautrat – Head of Big Data at BPCE/Nattixis
• Ronny Fehling – VP , Airbus
• Juergen Urbanski – Silicon Valley Data Science
• Abhas Ricky - EMEA Lead, Innovation & Strategy, Hortonworks
It is an exciting time in computing with the sea-change happening both on the technology fronts and application fronts. Networked sensors and embedded platforms with significant computational capabilities with access to backend utility computing resources, offer a tremendous opportunity to realize large-scale cyber-physical systems (CPS) to address the many societal challenges including emergency response, disaster recovery, surveillance, and transportation. Referred to as Situation awareness applications, they are latency-sensitive, data intensive, involve heavy-duty processing, run 24x7, and result in actuation with possible retargeting of sensors. Examples include surveillance deploying large-scale distributed camera networks, and personalized traffic alerts in vehicular networks using road and traffic sensing. This talk covers ongoing research in Professor Ramachandran’s embedded pervasive lab to provide system support for Internet of Things.
Replay the Live Event: http://cs.co/90098Be7h
See firsthand how Cisco Tetration Analytics uses unsupervised machine learning and behavior analysis, along with advanced algorithmic approaches, to provide unprecedented insight into IT infrastructure.
Don’t miss this chance to get an up-close look at the analytics platform that lets you see and know exactly what’s happening in any application, any flow, anywhere in your data center—all in a matter of seconds.
See the Tetration Analytics TechWiseTV Episode: http://cs.co/90048BefC
Get ready to dive into the exciting world of IoT data processing! 🌐📊
Join us for a thought-provoking webinar on "Processing: Turning IoT Data into Intelligence" hosted by industry visionary Deepak Shankar, founder of Mirabilis Design. Discover how to harness the potential of IoT devices by strategically choosing processors that optimize power, performance, and space.
In this engaging session, you'll explore key insights:
✅ Impact of processor architecture on Power-Performance-Area optimization
✅ Enabling AI and ML algorithms through precise compute and storage requirements
✅ Future trends in IoT hardware innovation
✅ Strategies for extending battery life and cost prediction through system design
Don't miss the chance to learn how to leverage a single IoT Edge processor for multiple applications and much more. This is your opportunity to gain a competitive edge in the evolving IoT landscape.
Presented at QCon San-Francisco 2016
https://qconsf.com/sf2016/sf2016/users/pavel-hardak.html
Everybody agrees that IoT is changing the world... and creates new challenges for software developers, architects, and DevOps. How can we build efficient and highly scalable distributed applications using open-source technologies? What are characteristics of data generated by IoT devices and how it differs from traditional enterprise or Big Data problems? Which architectural patterns are beneficial for IoT use cases and why some trusted methods eventually turn out to be “anti-patterns”? This talk will show how to combine best-of-breed open-source technologies, like Apache Spark, Mesos, and Riak, to build scalable IoT pipelines to ingest, store and analyze huge amounts of data, while keeping operational complexity and costs under control. We will discuss cons and pros of using relational, NoSQL and object storage products for storing and archiving IoT data and make a case for Time Series database deserving a separate category in NoSQL classification.
ING CoreIntel - collect and process network logs across data centers in near ...Evention
Security is at the core of every bank activity. ING set an ambitious goal to have an insight into the overall network data activity. The purpose is to quickly recognize and neutralize unwelcomed guests such as malware, viruses and to prevent data leakage or track down misconfigured software components.
Since the inception of the CoreIntel project we knew we were going to face the challenges of capturing, storing and processing vast amount of data of a various type from all over the world. In our session we would like to share our experience in building scalable, distributed system architecture based on Kafka, Spark Streaming, Hadoop and Elasticsearch to help us achieving these goals.
Why choosing good data format matters? How to manage kafka offsets? Why dealing with Elasticsearch is a love-hate relationship for us or how we just managed to put it all these pieces together.
Russian anarchist and anti-war movement in the third year of full-scale warAntti Rautiainen
Anarchist group ANA Regensburg hosted my online-presentation on 16th of May 2024, in which I discussed tactics of anti-war activism in Russia, and reasons why the anti-war movement has not been able to make an impact to change the course of events yet. Cases of anarchists repressed for anti-war activities are presented, as well as strategies of support for political prisoners, and modest successes in supporting their struggles.
Thumbnail picture is by MediaZona, you may read their report on anti-war arson attacks in Russia here: https://en.zona.media/article/2022/10/13/burn-map
Links:
Autonomous Action
http://Avtonom.org
Anarchist Black Cross Moscow
http://Avtonom.org/abc
Solidarity Zone
https://t.me/solidarity_zone
Memorial
https://memopzk.org/, https://t.me/pzk_memorial
OVD-Info
https://en.ovdinfo.org/antiwar-ovd-info-guide
RosUznik
https://rosuznik.org/
Uznik Online
http://uznikonline.tilda.ws/
Russian Reader
https://therussianreader.com/
ABC Irkutsk
https://abc38.noblogs.org/
Send mail to prisoners from abroad:
http://Prisonmail.online
YouTube: https://youtu.be/c5nSOdU48O8
Spotify: https://podcasters.spotify.com/pod/show/libertarianlifecoach/episodes/Russian-anarchist-and-anti-war-movement-in-the-third-year-of-full-scale-war-e2k8ai4
Cloud Computing: Architecture, IT Security and Operational PerspectivesMegan Eskey
A 2010 presentation on NASA Nebula that makes no reference to OpenStack (or pinet) dated a month after OpenStack was released to the public as open source. There is no link between Nebula and OpenStack.
Network Automation in Support of Cyber DefenseKen Flott
Cyber Defense Challenges
-Real-time network visibility
-Limited network automation
-Making sense of the data
Adaptive Network Automation Applied to Cyber Defense
-Visualize
-Automate
-Integrate
This webinar focuses on the particular use case of graph databases in Network & IT-Management. This webinar is designed for people who work with Network Management at telecom companies or professionals within industries that handle and rely on complex networks.
We’ll start with an overview of Neo4j and Graph-thinking within Networks, explaining how Neworks are naturally modelled as graphs. We’ll explain how graph databases vastly help mitigate some of the major challenges the Network and Security Managers face on daily basis — including intrusions and other cyber crimes, performance optimization, outage simulations, fraud prevention and more.
Imagine that self-driving cars now exist and are becoming widespread around the world. To facilitate the transition, it's necessary to set up central service to monitor traffic conditions nationwide, deploy sensors throughout the interstate system that monitor traffic conditions including car speeds, pavement and weather conditions, as well as accidents, construction, and other sources of traffic tie ups.
MongoDB has been selected as the database for this application. In this webinar, we will walk through designing the application’s schema that will both support the high update and read volumes as well as the data aggregation and analytics queries.
Undertaking a digital journey starts with clearly articulating the success factors for the entire digital journey, and our experience from the field has shown it to be an Achilles heel for most CXOs, across Fortune 500 organizations. Our findings were corroborated when a Mckinsey study reported that only 15% of the organizations are able to calculate the ROI of a digital initiative.
In this talk we will deliberate on demonstrated examples from multi-billion dollar businesses around proven methodologies to measure the value of a digital enterprise. The panel will share experiences as well as provide actionable advice for immediate next steps around the following:
Successful metrics for measuring the value for Digital / IoT / AI/ Machine learning engagements
How can 'Digital Traction Metrics' help with actionable insights even before the Financial Metrics have been reported
What are the best in-class organizational constructs and futuristic employee engagement methods to facilitate the digital revolution
Panelists for this session include:
• Christian Bilien - Head of Global Data at Societe Generale
• Pierre Alexandre Pautrat – Head of Big Data at BPCE/Nattixis
• Ronny Fehling – VP , Airbus
• Juergen Urbanski – Silicon Valley Data Science
• Abhas Ricky - EMEA Lead, Innovation & Strategy, Hortonworks
It is an exciting time in computing with the sea-change happening both on the technology fronts and application fronts. Networked sensors and embedded platforms with significant computational capabilities with access to backend utility computing resources, offer a tremendous opportunity to realize large-scale cyber-physical systems (CPS) to address the many societal challenges including emergency response, disaster recovery, surveillance, and transportation. Referred to as Situation awareness applications, they are latency-sensitive, data intensive, involve heavy-duty processing, run 24x7, and result in actuation with possible retargeting of sensors. Examples include surveillance deploying large-scale distributed camera networks, and personalized traffic alerts in vehicular networks using road and traffic sensing. This talk covers ongoing research in Professor Ramachandran’s embedded pervasive lab to provide system support for Internet of Things.
Replay the Live Event: http://cs.co/90098Be7h
See firsthand how Cisco Tetration Analytics uses unsupervised machine learning and behavior analysis, along with advanced algorithmic approaches, to provide unprecedented insight into IT infrastructure.
Don’t miss this chance to get an up-close look at the analytics platform that lets you see and know exactly what’s happening in any application, any flow, anywhere in your data center—all in a matter of seconds.
See the Tetration Analytics TechWiseTV Episode: http://cs.co/90048BefC
Get ready to dive into the exciting world of IoT data processing! 🌐📊
Join us for a thought-provoking webinar on "Processing: Turning IoT Data into Intelligence" hosted by industry visionary Deepak Shankar, founder of Mirabilis Design. Discover how to harness the potential of IoT devices by strategically choosing processors that optimize power, performance, and space.
In this engaging session, you'll explore key insights:
✅ Impact of processor architecture on Power-Performance-Area optimization
✅ Enabling AI and ML algorithms through precise compute and storage requirements
✅ Future trends in IoT hardware innovation
✅ Strategies for extending battery life and cost prediction through system design
Don't miss the chance to learn how to leverage a single IoT Edge processor for multiple applications and much more. This is your opportunity to gain a competitive edge in the evolving IoT landscape.
Presented at QCon San-Francisco 2016
https://qconsf.com/sf2016/sf2016/users/pavel-hardak.html
Everybody agrees that IoT is changing the world... and creates new challenges for software developers, architects, and DevOps. How can we build efficient and highly scalable distributed applications using open-source technologies? What are characteristics of data generated by IoT devices and how it differs from traditional enterprise or Big Data problems? Which architectural patterns are beneficial for IoT use cases and why some trusted methods eventually turn out to be “anti-patterns”? This talk will show how to combine best-of-breed open-source technologies, like Apache Spark, Mesos, and Riak, to build scalable IoT pipelines to ingest, store and analyze huge amounts of data, while keeping operational complexity and costs under control. We will discuss cons and pros of using relational, NoSQL and object storage products for storing and archiving IoT data and make a case for Time Series database deserving a separate category in NoSQL classification.
ING CoreIntel - collect and process network logs across data centers in near ...Evention
Security is at the core of every bank activity. ING set an ambitious goal to have an insight into the overall network data activity. The purpose is to quickly recognize and neutralize unwelcomed guests such as malware, viruses and to prevent data leakage or track down misconfigured software components.
Since the inception of the CoreIntel project we knew we were going to face the challenges of capturing, storing and processing vast amount of data of a various type from all over the world. In our session we would like to share our experience in building scalable, distributed system architecture based on Kafka, Spark Streaming, Hadoop and Elasticsearch to help us achieving these goals.
Why choosing good data format matters? How to manage kafka offsets? Why dealing with Elasticsearch is a love-hate relationship for us or how we just managed to put it all these pieces together.
Russian anarchist and anti-war movement in the third year of full-scale warAntti Rautiainen
Anarchist group ANA Regensburg hosted my online-presentation on 16th of May 2024, in which I discussed tactics of anti-war activism in Russia, and reasons why the anti-war movement has not been able to make an impact to change the course of events yet. Cases of anarchists repressed for anti-war activities are presented, as well as strategies of support for political prisoners, and modest successes in supporting their struggles.
Thumbnail picture is by MediaZona, you may read their report on anti-war arson attacks in Russia here: https://en.zona.media/article/2022/10/13/burn-map
Links:
Autonomous Action
http://Avtonom.org
Anarchist Black Cross Moscow
http://Avtonom.org/abc
Solidarity Zone
https://t.me/solidarity_zone
Memorial
https://memopzk.org/, https://t.me/pzk_memorial
OVD-Info
https://en.ovdinfo.org/antiwar-ovd-info-guide
RosUznik
https://rosuznik.org/
Uznik Online
http://uznikonline.tilda.ws/
Russian Reader
https://therussianreader.com/
ABC Irkutsk
https://abc38.noblogs.org/
Send mail to prisoners from abroad:
http://Prisonmail.online
YouTube: https://youtu.be/c5nSOdU48O8
Spotify: https://podcasters.spotify.com/pod/show/libertarianlifecoach/episodes/Russian-anarchist-and-anti-war-movement-in-the-third-year-of-full-scale-war-e2k8ai4
Jennifer Schaus and Associates hosts a complimentary webinar series on The FAR in 2024. Join the webinars on Wednesdays and Fridays at noon, eastern.
Recordings are on YouTube and the company website.
https://www.youtube.com/@jenniferschaus/videos
Jennifer Schaus and Associates hosts a complimentary webinar series on The FAR in 2024. Join the webinars on Wednesdays and Fridays at noon, eastern.
Recordings are on YouTube and the company website.
https://www.youtube.com/@jenniferschaus/videos
Understanding the Challenges of Street ChildrenSERUDS INDIA
By raising awareness, providing support, advocating for change, and offering assistance to children in need, individuals can play a crucial role in improving the lives of street children and helping them realize their full potential
Donate Us
https://serudsindia.org/how-individuals-can-support-street-children-in-india/
#donatefororphan, #donateforhomelesschildren, #childeducation, #ngochildeducation, #donateforeducation, #donationforchildeducation, #sponsorforpoorchild, #sponsororphanage #sponsororphanchild, #donation, #education, #charity, #educationforchild, #seruds, #kurnool, #joyhome
Presentation by Jared Jageler, David Adler, Noelia Duchovny, and Evan Herrnstadt, analysts in CBO’s Microeconomic Studies and Health Analysis Divisions, at the Association of Environmental and Resource Economists Summer Conference.
This session provides a comprehensive overview of the latest updates to the Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (commonly known as the Uniform Guidance) outlined in the 2 CFR 200.
With a focus on the 2024 revisions issued by the Office of Management and Budget (OMB), participants will gain insight into the key changes affecting federal grant recipients. The session will delve into critical regulatory updates, providing attendees with the knowledge and tools necessary to navigate and comply with the evolving landscape of federal grant management.
Learning Objectives:
- Understand the rationale behind the 2024 updates to the Uniform Guidance outlined in 2 CFR 200, and their implications for federal grant recipients.
- Identify the key changes and revisions introduced by the Office of Management and Budget (OMB) in the 2024 edition of 2 CFR 200.
- Gain proficiency in applying the updated regulations to ensure compliance with federal grant requirements and avoid potential audit findings.
- Develop strategies for effectively implementing the new guidelines within the grant management processes of their respective organizations, fostering efficiency and accountability in federal grant administration.
ZGB - The Role of Generative AI in Government transformation.pdfSaeed Al Dhaheri
This keynote was presented during the the 7th edition of the UAE Hackathon 2024. It highlights the role of AI and Generative AI in addressing government transformation to achieve zero government bureaucracy
1. NetBrain Technologies
15 Network Drive
Burlington, MA 01803
+1 800.605.7964
info@netbraintech.com
www.netbraintech.com
Network Automation in
Support of Cyber Defense
Rick Larkin
Senior Network Engineer
NetBrain Technologies, Inc
23 June 2016
2. o DoD Cyber Defense Challenges
Real-time network visibility
Flexible network automation
o Adaptive Network Automation Framework
o Adaptive Network Automation Applied to Cyber Defense
Before
During
After
Agenda
4. “DISA is a case in point. With 4.5 million users and 11 core data centers, its
infrastructure generates about 10 million alarms per day…
Approximately 2,000 of those become trouble tickets…
…Then there’s hacking: DISA logs 800 billion security events per day…
…Between countermeasures, configuration fixes, and the rest, DISA makes
about 22,000 changes to its infrastructure every day…”
MG Zabel, Vice Director, DISA
http://www.cio.com/article/3068663/networks-need-automation-just-ask-the-us-military.html
𝑇𝑜𝑑𝑎𝑦′
𝑠 𝑇ℎ𝑟𝑒𝑎𝑡 =
1986
2016
𝐼𝑇 𝐶ℎ𝑎𝑙𝑙𝑒𝑛𝑔𝑒𝑠 𝑥 10
Cyber Defense Challenges
5. DoD Cyber Defense Challenges
NIST RMF DIACAP
8500s ATC/ATT/ATOCNDSP
ASIs
POND
POA&M
CCRIs IAVAs
OPREP/SITREP/CASREPs
AARsSTIGs
JIE JRSS
o Cyber Threats evolving rapidly, requirements increasing, resources strained
o Network Automation is a key force multiplier!
6. Two Unsolved Challenges
o Lack of Real-Time Network Visibility
» Traditional methods don’t work. Example:
Static Network Maps.
» Need “real-time” network visualization, end
to end
o Limited Network Automation
» Current network automation has limited
functional scope, need to write complex
regular expressions, not portable, etc.
» Need for Network Automation 2.0, that is,
o Data-driven
o Dynamically created
o Simplified
7. 3 Generations of Network Visibility
o Generation 1:
» Discover the Network with SNMP
» Generate Asset and Inventory Reports
Discovery Inventory
9. 3 Generations of Network Visibility
o Generation 3:
» Network model based (configuration, SNMP, NETFLOW, network tables, etc)
» Real-time, up-to-date, adaptive, dynamic solution
Discovery
Comprehensive
Data Model
Dynamic, Data
Driven map
13. Map as the Single Pane of Glass
» Automated Analysis – Fully Customizable
» Execute manual tasks in seconds
» Initiated by operators or automatically from integrated
systems like IDS/IPS, Trouble Tickets, SIEM or CMDB.
14. Before – Discovery & Asset Identification
o Deep Network discovery
» Accurate, Fast
o Inventory Report
» Derived from comprehensive data model
o Dynamic network documentation, updated daily and on demand
» Supports ATO development, CCRI preparation and supports operations
15. o Automated Compliance validation & verification
» NIST RMF, DISA/NSA STIGs, IAVAs, CC/S/A specific
o Proactive NetOps & CyberOps
» Automation technology can help CPTs, as well as on-site Network & IA staff
Before – Vulnerability Assessment
16. Triggered by human intervention or backend systems (IDS/IPS, Logs, CMDB, …)
» Map the threat (e.g. an attack path to a server)
» Run diagnosis and health analysis on the map
» Identify network changes
During – Threat Identification
17. Apply network changes and patches with automation:
» Configure policies (ACL/QoS/etc.)
» Redirect traffic (honeypot)
» Disable ports
During – Attack Mitigation
18. Apply lessons-learned from attack:
o Forensics/analysis
o Enhance executable intelligence
o Update network data model automatically
After – Strengthen Cyber Defense w/ Automation
19. o Cyber Event Management – Automation can significantly reduce response time
o Allows for collaboration between NetOps & CyberOps, as well as Tiered Teams.
o Runbooks allow process chaining in response to Asymmetric Cyber threats.
NetOps CyberOps
Vendor
Management
Collaboration & Escalation of issues
20. Summary
Adaptive Network Automation Framework in support of Cyber Defense
o Before
» Maintain accurate, up to date documentation – ATOs, CCRI, best practice
» Verify & Validate compliance – NIST RMF, STIGs, IAVAs, CC/S/A specific
o During
» Identify and isolate impacted data, systems & networks
» Triage environments, and support rapid remediation
o After
» Based on new discovered threat(s), apply new configurations and update
documentation
» Leverage historical information for AARs and forensics
21. o Founded in 2004, NetBrain is the first software provider to apply the
concept of CAD automation to network management.
» Awarded multiple patents in Computer Aided Network Engineering (C.A.N.E)
o Customer overview
» 1,300+ customers worldwide
» Multiple sectors
Adaptive Automation – Here and Now