The Future Of Networking Is Watson

Watching Watson wipe the smug off Ken Jennings' face in front of Alex Trebek and a room full of IBMers in Yorktown Heights was a great day for geeks. It seemed that intelligence itself could be summoned from the ether by technologists. IBM created not a new flavor of supercomputing, but marketable cognition and is bringing it to new applications. And as a network administrator, I see that victory as making one thing clear: Cognitive systems will ultimately control not just our networks, but the entire software-defined infrastructure.

AI’s poker face

Before disambiguating the hype of artificial intelligence (AI), machine intelligence, neural networks and machine learning, consider a practical example: Texas Hold ’Em Poker. Pokerbots in the largest Las Vegas casinos are quietly powered by revolutionary, nearly unbeatable machine intelligence based on pioneering work by Fredrik Dahl begun during his stint at the Norwegian Defense Research Establishment.

Unlike poker systems that are computational wunderkinder, the AI pokerbot does not brute force compute every possible play from a given state then select the most likely winning play. That works in chess because a machine can see all the pieces of both players, but in poker it’s not an option; critical information is missing. Instead, Dahl’s pokerbot  played billions of hands of Hold ‘Em observed by a neural network.

Over time, it observed play with multiple neural networks, each with algorithms developed to optimize a particular strategy: defensive play, winnings maximization or even engaging play to keep players at the machine longer. On its own, it developed human strategies like floating --passive play to build bigger pots. The initial result was a winning machine that was no fun to play and bad for business. They settled on the more engaging defensive neural-net play strategy.  

Machine intelligence, IT admin edition

If you’re in the middle of untangling less-than-optimal telepresence quality of service (QoS) class maps, you’re well aware that network hardware has zero intelligence, and firewalls may actually have negative intelligence. You make the network go; your hardware is smart as a shovel. You can make it a steam shovel with automation, but its work will only be as skilled as you and what you explicitly taught it to do.

But real machine intelligence does something different. Because it learns on its own, it’s capable of developing abilities beyond the reach of its human operator. IT administrators of the future won’t think of AI and neural networks; they’ll leave that to vendors like IBM and its partners.

We’ll simply think of intelligent machines --boxes with software that we trust to control infrastructure --and machine learning, the way we coach these systems and respond to their queries. Forget everything you know about Cisco IOS configurations, managing VMware NSX topology overlays with vCenter or even defining software defined networking (SDN) resources for Open Stack or CoreOS. Machines with mystifying, spooky instincts will make demonstrably better decisions faster.

IBM’s Watson model

In the Texas Hold ‘Em example, the learning pokerbot is to computational pokerbots as IBM Watson is to IBM Deep Blue. Watson’s defeat of Jennings was a watershed event. Unlike Deep Blue, which was an amazing chess playing exercise in POWERparallel and custom VLSI chess chip thunder, Watson was a learning machine built with off-the-shelf POWER7 hardware.

Watson had only four terabytes of data and no link to the Internet, but it was blessed by IBM with machine instruction, and instead of teaching it facts, they taught it how to learn facts, how to understand Jeopardy’s answer-question format and natural language processing. They gave it a dump of Wikipedia and let it build intelligent links through neural net processing. The result? Watson succeeded by sidestepping the hardware limitations of the compute approach.

With Watson, IBM created cognitive systems and underlying algorithm technology to “observe, interpret, evaluate and decide.” It was vastly different than traditional supercomputing. 

IBM can’t possess infinite domain expertise, so it’s expanding an innovation partner network to build a Watson technology ecosystem. Watson will be applied in security, medicine, banking and network and application management in ways we can’t imagine, not by IBM, but by domain experts who use Watson as a platform or service. And when we start talking about consuming AI as a service, you can see the writing on the wall for traditional IT management approaches.

AI security services

For background, IBM referred me to SparkCognition in Austin, Tex. as an example of AI IT management, in this case, network security.  

“The genesis of SDN really comes from active networks and the large telcos and routing companies who wanted to make fabric more intelligent,” SparkCognition’s founder and CEO Amir Husain told me. “SDN is essentially a very high-speed, responsive fabric that removes physical equipment barriers and enables next generation IT. The speed of SDN is of itself critical for integration with self-managing, cognitive management systems. Fabric must morph very rapidly in response to knowledge accumulation and decision making happening at a higher cognitive layer. Legacy networks can’t benefit from the decision making happing at that layer.”

According to Husain, Watson is particularly useful for suggesting meaning in unique situations with incomplete information.

“We’re moving to a signature-free security model, where cognitive algorithms complement and eventually play the role of a human security researcher,” he added. “We combine our research and algorithms with neural net processing analysis provided by Watson to be aware of the present, and apply learning and domain knowledge where Watson lets us draw new conclusions even when looking at weirdness.  Humans are unfortunately slaves to intuition largely for self-preservation while algorithms are not.”

And it’s that freedom of algorithms to move past human assumption bias that gives cognitive systems an edge over humans when analyzing behavioral data at vast scale. Perhaps you’ve felt this effect if you’ve ever looked at Google’s AI “Deep Dreams” images.

Figure 1:

(Image: Duncan Nicoll)

There’s something really creepy about a machine seeing alien slugs in delicious doughnuts because our minds severely limit our willingness to find new meaning in routine details. There are many psychophysiological drivers of this, including that our vision is a virtual construct to overcome our blind spot and to highlight survival value clues to decrease reaction time. But (proper) algorithms of cognitive machines don’t have bias, bad habits, feel creeped out or get bored -- all of which weaken IT admin performance. 

NEXT page: Securing AI-defined networks 

Practical AI control of networks is on the horizon. We’ll see the AI network overlay controllers likely first from boutique SDN vendors like Plexxi. AI-defined networks won’t be about automating routine tasks, programmatically managing networks or providing a platform where humans create evermore clever access policies. Instead, we’ll become teachers to machines that watch our network traffic, monitor our applications and cognitively recognize novel behavior on our firewalls.

Many, like financial services CIOs, will be incredibly resistant to handing over security to “a machine,” but we won’t have a choice. Increasing complexity of highly converged and hybrid infrastructures is creating more, not less security risk. Smaller teams of less experienced administrators, increasingly abstracted by vendor layers above the technology they manage, are barely staying ahead. The result is  numerous, brand damaging data breaches. But that’s not the biggest threat to traditional or even automated IT management. The bad guys will have learning machines too.

Today, advanced persistent threats (APT) driven by botnets and teams of resourceful engineers chip away like jackhammers at our defenses. But like all humans, their operators are biased in favor of approaches that AI won’t be. AI attacks will be based on machine learning with hundreds or even thousands of neural network-backed machines, playing billions of hands of network poker against our networks. It won’t matter that they have incomplete information about us. Instead they will routinely discover hundreds of previously unknown and completely unanticipated vulnerabilities that humans haven’t.

Human admins simply won’t be able to respond to an attacker wielding tens of thousands of demonstrated, multi-variant attacks combining zero-day and operator error vulnerabilities, AI phishing and more. Attacks might play out over minutes, days or weeks; they will be filled with decoy penetration aids and won’t tire. Worst, they’ll be much cheaper to wield. Our systems will have to respond immediately based on cognitive learning from thousands of collaborating enterprises. 

We won’t have Cisco UCS racks with Watson stickers on the bezels. Instead, we’ll subscribe to network and application security intelligence services that will manage complex algorithms and machine learning while we concentrate on infrastructure and application service delivery. IT AI vendors will publish security service-level agreements to allay CXO fear, and an industry of consultants and auditing standards will emerge. New AI security vendors will emerge based on nascent machine intelligence services with back end services from Amazon, Microsoft and Google.

Remember when the idea of putting your most valuable data offsite kept you up at night? Today we’ve accepted that virtual private clouds pose acceptable risk. With demonstrated success, we’ll do the same with AI network management because, again, we’ll have to.

IT cognition engineer

A vision of software-actuated-everything requires a small leap of futurism, but it’s not science fiction. The curious inverse proportion of increasing complexity to size of IT staff remains steady. And as with previous automation in financial services, medicine, physical security and yes, Las Vegas video poker, automation always wins. IT is no different and it’s now just a question of when, not if AI begins to manage our data centers.

What will our “config” sessions look like while we try to teach a machine that even though it determined the executive wing telepresence doesn’t really need dedicated bandwidth to manage jitter, it’s a political policy the machine will have to accept? Will we be ready when our IT systems' performance algorithms include a measurement of our performance as machine instructors?

But it’s just possible we may also be set free to so some of our most imaginative work as administrators. Machines, from the wheel to motors to AI, eliminate drudgery, freeing us to be more creative -- the actual differentiator of human intelligence. Imagine the freedom to imagine new services, new ways to delight our customers and new ways to drive business without worrying about the gorp of implementation. What if you could stand up a new application, safely, in minutes, not weeks or months?

We’re all riding careers molded by machine education. Not machines providing educational content, but routers, servers, hypervisors and cloud infrastructure. They’ve answered us in their limited ways of “yes” or “no” since the beginning of time and our skills as administrators are the result. We don’t need to fully understand the internal workings of ESX to wield hundreds of VMs, just the lessons vCenter teaches us.

If an AI infrastructure controller alerts me that it’s noticed a strange pattern of emails and file share probes that no system on earth has ever seen, I’m ok with that. And the first time AI prevents the plunder of my company’s business, the execs will be all in.