FW.AI
Traveler and Guy disagreed on this one. Guy favored a totally decentralized IT architecture. Traveler, I understand, and agree that we did the right thing to connect all of our businesses together, but using SOAP/Restful request/responses, while we shared elements of what we are doing, the core of everyone's business stayed with them.
Guy, it was, and is, a great architecture. I didn't really want to create an HNMNBM HQ, but we are starting to really grow and there are going to have to be controls, protocols. I hate to sound anal-retentive, but nothing will sink us faster at our growing and awkward state than loose cannons. We go way back buddy, and I think we need this, so if you were going to do this, what would you do.
It pains me to say this Traveler, but I think a central control point, a star architecture from a data flow perspective. This does create a single point of failure. Guy paused, waiting to hear Traveler's reaction.
As Andrew Carnegie said, put all your eggs in one basket and watch that basket. As resources become more scarce we are going to have to build in a manner that is sensitive to this.
Traveler, you are the boss here. Let's take it by the numbers. We need to scope the project. What we are talking about is a firewall at the core of our network. Changing it will not be easy or fun. The maximum reasonable lifespan is 5 years, so we need to plan for that much growth.
Let's be honest, we have some bizarre requirements that shouldn't exist, but do, and the business, at least we do, depends on them.
Guy, can you give me a couple examples, I want to make sure I'm tracking.
No problem. Let's start with the XTRANET for dogs, the iBone. I am going to take it at face value that dogs talk to each other over a network, but their traffic is co-mingled with everything else at the endpoint routers. Or, Wide Area MODBUS, it is great the autodriving gadgets are platooning or spooning or whatever it is they do, but a whale of a lot of that is in the clear. If it can be intercepted, it can be modified and passed on.
Got it, understand, can choose to accept those risks and they are all specific application cases. Granted, PA firewall front of Teradata cluster at Layer 2, asymmetric routes no one knew about, SYN -> PA no SYN/ACK, traffic taking the highroad when it should be taking the low road.
At the heart of the implementation is the worst firewall troubleshooting step in the world "permit any any" rule. To make things work, the AI needs an inventory of known traffic by Source, Destination, Port, and Protocol. Pareto analysis of traffic hitting, address the top X% first. Business requirement for the traffic? They need it really?
Adrian smiled, that sounds like the business end of things, what does that mean to someone using the system, exactly?
Guy answered, protocol is if you can't find it at the Vermont country store you don't need it, do without. In the meantime, Guy was rapidly running out of words, The AI learns if the traffic should be Permit, Deny, or Temporarily Allowed. This is at the very core of your network so it is no laughing matter. Which brings us to, should it fail open or closed.
Open means if it has a stroke, it keeps passing traffic, essentially it becomes a wire. Fail closed means, if it gets the Sanford & Son "big one" all traffic stops wit Fred's heart.
And that AI must never, ever, take operational commands over the networks it manages. All the data is encrypted in transit and at rest with very strong keys.
To Guy's relief Adrian started flapping his arms, no mas, no mas, it will be exactly as you say. Done, pow, stick a fork in it.
Sure, but one last thing related to the last point I made. The AI must never converse with another AI or even ai. The only information reporting, or command and control discussions must be with an admin. I suggest we select three, located in different parts of the world and threat zones. By the time this is mature, it could be a pretty big deal. Adrian nodded.
= FW.AI meets the net girls realize they are girls. Do I need a gender? (transgender discussion, finally decides he is a big, burly, male AI)
NOTE: should ask PA for permission to reference them
Guy, it was, and is, a great architecture. I didn't really want to create an HNMNBM HQ, but we are starting to really grow and there are going to have to be controls, protocols. I hate to sound anal-retentive, but nothing will sink us faster at our growing and awkward state than loose cannons. We go way back buddy, and I think we need this, so if you were going to do this, what would you do.
It pains me to say this Traveler, but I think a central control point, a star architecture from a data flow perspective. This does create a single point of failure. Guy paused, waiting to hear Traveler's reaction.
As Andrew Carnegie said, put all your eggs in one basket and watch that basket. As resources become more scarce we are going to have to build in a manner that is sensitive to this.
Traveler, you are the boss here. Let's take it by the numbers. We need to scope the project. What we are talking about is a firewall at the core of our network. Changing it will not be easy or fun. The maximum reasonable lifespan is 5 years, so we need to plan for that much growth.
Let's be honest, we have some bizarre requirements that shouldn't exist, but do, and the business, at least we do, depends on them.
Guy, can you give me a couple examples, I want to make sure I'm tracking.
No problem. Let's start with the XTRANET for dogs, the iBone. I am going to take it at face value that dogs talk to each other over a network, but their traffic is co-mingled with everything else at the endpoint routers. Or, Wide Area MODBUS, it is great the autodriving gadgets are platooning or spooning or whatever it is they do, but a whale of a lot of that is in the clear. If it can be intercepted, it can be modified and passed on.
Got it, understand, can choose to accept those risks and they are all specific application cases. Granted, PA firewall front of Teradata cluster at Layer 2, asymmetric routes no one knew about, SYN -> PA no SYN/ACK, traffic taking the highroad when it should be taking the low road.
At the heart of the implementation is the worst firewall troubleshooting step in the world "permit any any" rule. To make things work, the AI needs an inventory of known traffic by Source, Destination, Port, and Protocol. Pareto analysis of traffic hitting, address the top X% first. Business requirement for the traffic? They need it really?
Adrian smiled, that sounds like the business end of things, what does that mean to someone using the system, exactly?
Guy answered, protocol is if you can't find it at the Vermont country store you don't need it, do without. In the meantime, Guy was rapidly running out of words, The AI learns if the traffic should be Permit, Deny, or Temporarily Allowed. This is at the very core of your network so it is no laughing matter. Which brings us to, should it fail open or closed.
Open means if it has a stroke, it keeps passing traffic, essentially it becomes a wire. Fail closed means, if it gets the Sanford & Son "big one" all traffic stops wit Fred's heart.
And that AI must never, ever, take operational commands over the networks it manages. All the data is encrypted in transit and at rest with very strong keys.
To Guy's relief Adrian started flapping his arms, no mas, no mas, it will be exactly as you say. Done, pow, stick a fork in it.
Sure, but one last thing related to the last point I made. The AI must never converse with another AI or even ai. The only information reporting, or command and control discussions must be with an admin. I suggest we select three, located in different parts of the world and threat zones. By the time this is mature, it could be a pretty big deal. Adrian nodded.
= FW.AI meets the net girls realize they are girls. Do I need a gender? (transgender discussion, finally decides he is a big, burly, male AI)
NOTE: should ask PA for permission to reference them
Comments
Post a Comment