Hi folks, Ted Amoruso here, and this is part two of our advanced hybrid security cloud architecture. And what we're going to be doing here is looking at a way of doing hyper resilience in a cloud orchestrated model. Very cool. Here's the idea. We're going to start with this diagram that shows C&C that's command and control node, that in some sense is orchestrating the policies for asset A, B, C and D and each of them are shown in their own container. You got C&C with all these lines connecting to the assets that shows it's ability to manage the firewall micro-perimeter and the rules and all the assets and orchestrates to make sure they all have the same thing. You need that for sure. Here's the problem. We said we didn't like perimeters because they're one big blob that you can attack. Well, if I draw this diagram, and I told you how are you going to take this system out? You would say, "My gosh, the first thing I would do is just go after that C&C. I just knock it out." That's not going to be acceptable. Now look, the obvious first step here that anybody could do is you could put two C&Cs in. In fact you could put 10 of them in, and a lot of vendors do that, multiple C&Cs because C&C can be in command control, that will provide policy orchestration for all these different assets. We know that that's a possibility. But an interesting approach that we've seen in some attack tools, involves a more clever mechanism. Now it's backup, a botnet has a similar setup here, where you have C&C is connecting to a bunch of different assets. And, if I knock the C&C out in a botnet what happens? Well the control transfers to one of the other nodes. Really cool concepts. Right? We use the terminology called Fast Flux Domain Name System, Fast Flux DNS, where the individual bots are programmed. If they can't phone home to their mom, mom's not there they'll phone to a different mom, and one of those moms could in fact originate as one of the other bots in the botnets. It's a really clever concept for hyper-resilience. We can do something similar here, in an advanced cloud security architecture. Let's re-draw this just as like little dots here where we've got the C&C is a dot and each of the nodes as dots. Now what we're going to do, is assume that a hacker comes along, and bang goes after the C&C taking it out. Well, if we were designing this correctly and using a fast flux type model, then suddenly one of the nodes becomes the C&C. Again clearly, if you have lots of different C&Cs, then you just move to it. But there's no reason why one of those C&C couldn't have originated as one of the nodes, so that you have looks like a round-robin scheme. And let's say the original C&C comes back, I can return control back. The idea here is that we're going to use advanced distributed system techniques, to try to ensure hyper resilience across these advanced cloud security architectures. These are the kinds of things that cyber security is going to have to start attending to. Look, we began our discipline trying to protect data from being lost, from being stolen or data breaches. I think we're moving into an era now where attackers particularly nation state, military attackers, are going to be more interested in knocking out systems. In taking a strategic or tactical view of something that's important and making it incapable to operate along the lines of what we're describing here. I look at a system, you've moved away from your perimeter, how you controlling it? While you're controlling with this node, bang I'm going to try and take that note out. If by taking that node out the whole system adjusts and continues to operate, continues to orchestrate, you have a hyper resilient system. And that's what we need in cyber security now. This idea as we go to hybrid cloud, it's not enough to just build micro segmented containers around our workloads or apps. We need a way to orchestrate, and the orchestration can't be something that can be targeted by an attacker. It has to be able to survive and be hyper resilient. I hope this little part two in our architecture is useful for. You'll see in our next video in part three we're going to put some of these pieces together into something that I think will resemble, I hope what all of us will be running in the next several years as a normal enterprise architecture. We'll see in the next one.
