>Cybots to the Rescue

>
In the Star Trek series Voyager, the (cyb)Borg wants to assimilate everyone (literally every species and they are given numbers to keep track of them) throughout the galaxies into their collective. They are an existential threat to humankind. And it makes for some great science fiction entertainment.

In real life though, the cybots are coming not to harm, but to help people.

Government Computer News, 23 February 2009, reports that Oak Ridge National Lab is working on developing cybots (software robots) to defend us in cyberspace.

Cybots are “intelligent enough to cooperate with one another to monitor and defend the largest networks.”

What makes cybots more effective than the software and hardware security we have today?

“Instead of independent devices doing a single task and reporting to a central console, the cybots would collaborate to accomplish their missions.”

The end state is a virtual cybot army deployed so those seeking to do us harm in cyber-warfare will themselves be the ones for whom “resistance is futile”.

Could cybots end up like the the Cylones in Battlestar Galactica or the machines in Terminator that turn on humans?

The Cybots have a programmed mission such as “network monitoring and discovery, intrusion detection, and data management.” So the hope is that they stay true to those things.

However, to me it seems completely plausible that just as cybots can be developed for defensive capabilities, they can also be programmed for offensive cyber warfare. And if they can be used offensively, then we can end up on the wrong side of the cybots someday.

Where does this leave us?

It seems like cyberspace is about to get a whole lot more complicated and dangerous—with not only human cyber-criminals and –warriors, but also cyber robots that can potentially wreak Internet havoc.

In terms of planning for future IT security, we need to stay technologically on the cutting edge so that we stay ahead of our adversaries as well as in constant control of the new defensive and offensive cyber-weapons that we are developing.

>Systems Monitoring and Enterprise Architecture

>

When we log on at work, most if not of us get some sort of message that logging on connotes acknowledgment to monitoring and that there is no implied privacy to what you’re doing when logged onto corporate IT assets.

Monitoring is a way of life at work. It is part of information security, management oversight, and ensuring systems are running effectively (and preventing a severe network outage).

Kenneth Klapproth in DM Review, 22 February 2008 reports that network management tools are able to collect date “across the shared network to present real-time and historical availability, performance, and configuration statistics on individual services and applications.”

Cross platform monitoring and event management and resolution are important to maintaining the availability of today’s complex networks that are vital for corporate communications (voice, data, and video).

  • ALERTS: Monitoring not only alerts IT personnel to when networks falter, but can also be set to provide alerts when certain fault tolerances are reached, so that IT personnel can take action before the network is brought down.
  • CAPACITY: Network monitoring identifies not only when the network becomes overloaded, but also when there is excess capability that can be more optimally used.
  • TRENDING: Performance is not monitored as snapshots in time, but also can provide historical trending that can provide valuable information based on usage patterns.
  • VISUAL REPORTING: “Dashboard and web displays deliver visually compelling and graphically concise reports [of key network and capacity utilization trends] that enable organizations to make the right decisions faster and with more confidence.”
  • QUALITY OF SERVICE: QoS is improved with monitoring. “Managers can see the current and historical use and performance of network resources, monitor and report on congestion, correlate QoS configuration with network performance, and use the information to improve traffic and service delivery.”

Additionally, many network monitoring tools have the ability for other key management features including self-discovery and healing. These features include: IT asset management, remote control, problem resolution, operating system set-up and configuration, software distribution, license monitoring, back-up and recovery, security, and lights-out management.

While network monitoring and management are more operationally focused, they are critical from an enterprise architecture perspective to ensure the delivery of core IT functionality for the enterprise: namely, a robust, sound, secure, cost-effective, state-of-the-art IT infrastructure upon which information can be delivered to the right people, anytime, anywhere.

Network management tools can also be helpful in building the enterprise architecture because of their asset discovery feature. With the ability to spider out over the network and touch anything with an IP address, these tools can help identify key enterprise architecture assets in order to establish the baseline and plan for future targets.

>IPv6 and Enterprise Architecture

>

Internet Protocol version 6 (IPv6) is a network layer for packet-switched internetworks. It is designated as the successor of IPv4, the current version of the Internet Protocol, for general use on the Internet. The main change brought by IPv6 is a much larger address space that allows greater flexibility in assigning addresses. The extended address length eliminates the need to use network address translation to avoid address exhaustion, and also simplifies aspects of address assignment and renumbering when changing providers. (Wikipedia)

IPv6 is an important architecture change.

Government Executive Magazine, May 2008, reports that “Ipv6 upgrades are critical as space available for Internet addresses dwindles.”

Why are we running out of IP addresses on version 4?

IPv4 uses 32-bit addresses and can support 4.3 billion devices with individual addresses on the Internet. With the world’s population estimated to be 6.5 billion—and with many people possessing multiple electronic devices such as PCs, cell phones, and iPods—there simply wil not be enough IPv4 addresses to meet the demand, let alone support the anticipated influx of new Internet users from developing countries. Also on the horizon are newfangled IP-enabled devices and appliances that will drive up the number of IP addresses per person.”

How does IPv6 solve this problem?

“IPv6 used 128-bit addresses and can support a virtually limitless number of globally addressable devices (The actual number is 2 to the 128th power).”

How is the conversion going?

The office of Management and Budget (OMB) has mandated that “By June 30, all federal agencies must prove that they have upgraded their networks’ connections, or backbones, to be capable of carrying IPv6 data traffic.”

Note: “All leading routers can support IPv6.”

A senior vice president for Quest said that “Every North American business and government needs to make the conversion.”

What other benefits does IPv6 offer?

Other benefits include:“built in security, network management enhancements such as auto-configuration and improved support for mobile networks. But in the decade since IPv6 was created, many of the extra features have been added to IPv4. So, the real motivator…is that it offers unlimited IP address space.”

The most savings, however, will come from the new applications and services that IPv6 will provide.”

The Department of Defense “needs IPv6 to make its vision of netcentric warfare (the ability to tie together networks and sensors to deliver a stream of integrated real-time data to the battlefield and commanders) a reality…with IPv6, ‘everything can be addressable from a soldier to a sensor to an aircraft to a tank…we could have a sensor network with hundreds of thousands of nodes.”

IPv6 is important, but what other network initiatives underway is it competing with?

  • The Trusted Internet Connections (TIC) initiative—aims to “reduce the number of external connectivity points that workers use to gain access to the internet.”
  • Networx—“a telecommunications contract that agencies are supposed to use to select a new carrier by September.”

On the Federal side, what needs to be architected next for IPv6?

“Federal IT managers should begin reserving IPv6 address space, developing an addressing plan, and creating a migration strategy that includes extensive product testing and evaluation. So far 37 agencies have requested IPv6 adress space from the American Registry for Internet Numbers.”