NetApp and Cisco have fortified their partnership by unveiling newly validated FlexPod architectures tailored for artificial intelligence workloads, alongside a security playbook designed to counter ransomware threats directly at the storage layer.
The FlexPod configurations intricately amalgamate computing, networking, and storage systems that have undergone thorough testing to ensure harmonious operation.
These designs aim to mitigate the complexity associated with deploying AI applications, such as retrieval-augmented generation—which integrates an AI model with an organization’s proprietary data—and semantic search, which discerns information based on meaning rather than mere word matching.
Additionally, the alliance has rolled out a NetApp Splunk Security Orchestration, Automation, and Response (SOAR) playbook.
This innovative tool empowers Splunk’s security platform to direct NetApp storage systems to intervene against suspicious users, generate snapshots, and isolate affected data volumes upon detection of an attack.
These initiatives cater to distinct phases in the enterprise AI adoption journey. FlexPod lays down a pre-verified infrastructure for executing AI workloads, while the Splunk playbook is structured to safeguard the data that sustains these applications.
FlexPod Adds Pre-Tested Infrastructure for AI Workloads
FlexPod effectively amalgamates Cisco’s computing and networking technologies with NetApp’s storage solutions. The newly configured platforms extend the FlexPod framework to facilitate AI deployments within corporate data centers, departmental environments, and remote sites.
By validating the components as a cohesive system, NetApp and Cisco aim to alleviate the technical burden of selecting, integrating, and testing infrastructure from disparate vendors.
Furthermore, these designs enable AI applications to function in proximity to their requisite data, thus minimizing the necessity to transfer large or sensitive datasets across different environments.
This enterprise configuration incorporates NetApp AFX, allowing for distinct expansion of storage performance and capacity. Organizations can enhance storage performance independently of capacity, offering greater flexibility in resource allocation.
NetApp has plans to introduce capabilities for data discovery, preparation, and governance via its forthcoming AI Data Engine.
These features are designed to aid organizations in identifying relevant information, preparing it for AI applications, and managing access. The company has indicated that these are future capabilities, implying they may not all be available in the current configurations.
Cisco’s contributions include networking and security technologies via the Cisco Secure AI Factory in collaboration with NVIDIA. This architecture aims to implement security controls throughout the AI ecosystem, enhancing safeguards against data exposure, governance deficiencies, and compliance vulnerabilities.
Cisco’s AI networking framework, including Nexus One, facilitates seamless connectivity between storage and AI computing resources. Both companies assert that this system is designed for consistent data flow throughout the environment, optimizing the use of costly computing resources and enhancing workload predictability.
Collaboratively, they have engaged with NVIDIA to base the FlexPod configurations on established reference designs for enterprise AI infrastructure. This approach provides organizations with a tested foundation rather than necessitating individual assembly and validation of each component.
A smaller variant targets AI inferencing—the utilization of a trained model to generate answers or predictions—and retrieval-augmented generation for individual teams and departments, catering to organizations wishing to leverage internal data without extensive budgets or specialized staff for system design.
For remote and edge environments, Cisco Unified Edge can integrate with NetApp storage to support AI inferencing, software containers, and virtual machines, enabling centralized management of these environments and the application of consistent policies across multiple locations, thereby reducing the need for disparate technology stacks at each site.
Splunk Playbook Automates Storage Responses to Ransomware
The second facet of this collaboration concentrates on minimizing the lag between ransomware detection and the consequent protection of affected data.
Splunk Enterprise Security already aggregates data from NetApp Ransomware Resilience, providing security teams with enhanced visibility into activities within the storage landscape. The newly introduced playbook transforms alerts into automated responses.
Upon identification of anomalous behavior, Splunk can instruct NetApp ONTAP storage to block users, generate snapshots, or take a data volume offline. These actions aim to limit an attacker’s reach and preserve a recent data copy for potential recovery.
The playbook is capable of utilizing alerts from NetApp systems in conjunction with signals from additional security solutions. Organizations can thus integrate storage actions into their existing incident-response frameworks instead of managing them through a separate protocol.
“Effective security strategies require visibility and action across the entire technology stack, including the data layer,” stated David Dalling, GVP, Splunk Security at Cisco.
With the new NetApp Splunk SOAR playbook, ONTAP storage becomes an active participant in the security ecosystem, empowering organizations to effectively manage threats directly targeting enterprise data.
By integrating NetApp storage into Splunk SOAR workflows, we are facilitating seamless collaboration between security and storage teams, allowing for swifter and more assured incident responses.
Historically, security operations and storage management have been conducted by separate teams. Automating predetermined responses can minimize the manual coordination necessary during a crisis, during which delays may enable ransomware to affect additional systems or datasets.
NetApp and Cisco assert that this playbook has the potential to curtail the average time required to contain incidents while alleviating the burden on security personnel.
However, specific customer outcomes or metrics indicating the efficiency of the automated approach relative to manual responses were not disclosed.
The NetApp Splunk SOAR playbook is accessible via SplunkBase. The companies have not specified which product versions, licenses, or supplementary services are necessary to leverage their full array of functionalities.
Source link: Techedt.com.
