In the world of cyber security, experts are excited by the fact that they will be able to detect malware in encrypted traffic. It hasn’t been done before and is only possible now because of the emergence of Cisco’s intuitive network.
Malware detection is achieved through continuous Machine Learning (ML) on monitoring of enterprise networks. This means that IT managers don’t have to manually enter lines of code anymore, instead, they can now automate policy to translate their business intent.
This means that the new intuitive network will be able to anticipate breaches, derail security threats, and evolve as it continues to learn from these events.
The role of Machine Learning in detecting security threats
Intuitive networks help build an intelligent platform that’s enhanced by unmatched security. It’s something to celebrate as almost half of all cyber attacks today are hidden away in encrypted data. This can now be identified using ML without decryption (which ensures privacy).
Machine learning in this highly intuitive network comes in the form of Encrypted Traffic Analytics (ETA) which utilizes Cisco's Talos threat intelligence to identify known attack signatures in all traffic which also includes encrypted data.
This will go a long way to help enterprises maintain security while ensuring the privacy of all stakeholders (including their customers).
It works by using big data from existing networks as the foundation to detect malware based on patterns and behaviors. This is a significant departure from detecting malware from packet or size contents. This approach is deficient as evidenced by recent malware attacks like Petya/NotPetya.
Collecting data about cyber security threats from a large amount of global internet traffic helps build a robust predictive model. It works by extracting features from a variety of files with labels like malicious or benign and then the model is trained by feeding all of the features into it.
ML can then crunch the numbers and identify patterns in the clustered data. This technology can then be used to quickly identify anomalies and anticipate threats in real-time.
Machine Learning will become more intelligent over time
Cisco’s new intuitive network is built on context, not just automated policy. This means that the network that’s built with ML will interpret the data based on the context derived from user insights.
As this process is repeated over time, the intuitive network will become smarter over time through continuous machine learning and data analytics. As a result, you can say that this new intent-based network essentially elevates Software-Defined Networking (SDN) to the enterprise level.
Cisco’s intent-based network also helps enterprise customers move toward a software layer that enables rapid movement while benefitting from enhanced user experience (UX) and security. Furthermore, as this technology will evolve along with malware threats, it can grow into a solid security solution for not only the present but the future as well.
This new intuitive network will be supported by Cisco’s bundle of hardware and software know as Digital Network Architecture (DNA). This includes a DNA center, Software-Defined Access (SDA), and a centralized management dashboard.
This means that access to the network will be simplified for users, devices, and the Internet of Things (IoT). Furthermore, tasks like configuration and troubleshooting will be seamlessly automated.