Autonomous Systems

The Internet is a network of networks and Autonomous Systems are the big networks that make up the Internet. More specifically, an autonomous system (AS) is a large network or group of networks that has a unified routing policy. Every computer or device that connects to the Internet is connected to an AS.

Imagine an AS as being like a town's post office. Mail goes from post office to post office until it reaches the right town, and that town's post office will then deliver the mail within that town. Similarly, data packets cross the Internet by hopping from AS to AS until they reach the AS that contains their destination Internet Protocol (IP) address. Routers within that AS send the packet to the IP address.

Every AS controls a specific set of IP addresses, just as every town's post office is responsible for delivering mail to all the addresses within that town. The range of IP addresses that a given AS has control over is called their IP address space.

Autonomy requires that the system be able to do the following:

• Sense the environment and keep track of the system’s current state and location.
• Perceive and understand disparate data sources.
• Determine what action to take next and make a plan.

Act only when it is safe to do so, avoiding situations that pose a risk to human safety, property or the autonomous system itself.

Examples of Autonomous Systems

Autonomous Robots

Autonomous robots vary from simple robot floor cleaners to complex autonomous helicopters. Otto, the first autonomous snowplow in North America, keeps runways clear at an airport in Manitoba. 

Autonomous Warehouse and Factory Systems

From mail sorting systems to material conveyors to assembly robots, a diverse array of autonomous systems performs routine and repetitive tasks, enabling better use of human labor. One type of warehouse autonomous system is a robot forklift that moves products around an ecommerce giant’s automated distribution center. On assembly lines, autonomous factory robot arms perform many heavy and precision tasks such as arc welding, painting, finishing and packaging.

Autonomous Drones

Unmanned aerial vehicles, known as UAVs or drones, are small self-piloting autonomous aircraft. Drones have long been used for reconnaissance, surveying, asset inspection and environmental studies. Two common uses for drones are agriculture and oil well inspection.

Sensors and Sensor Fusion

Sensors and sensor fusion play a vital role in autonomous systems. They enable such systems to gather data from sources in the environment and make use of the data to plan and take action. In this section, you’ll learn about the diverse types of sensors used in autonomous systems and how sensor fusion helps an autonomous system acquire and develop a more accurate assessment of its environment.

Edge AI

Edge AI involves the deployment of artificial intelligence (AI) algorithms and models directly on edge devices. An edge device is a physical, remote computing device that’s connected to the network edge, such as smartphones, IoT devices, and embedded systems. This approach enables smarter, faster, and more secure processing on the devices closest to the data source, and without relying on cloud-based processing.

Edge AI allows responses to be delivered almost instantly. With edge AI, data is processed within milliseconds providing real-time feedback with or without internet connection because AI algorithms can process data closer to the location of the device. This process can be more secure when it comes to data because sensitive data never leaves the edge.

Use cases of Edge AI

Smart Homes, Cities and Infrastructure: Edge AI plays a crucial role in building smarter and more efficient homes and cities, enabling analysis and processing of vast amounts of data from sensors, cameras, and other IoT devices in real time.

Industrial IoT: By embedding AI capabilities into edge devices, such as robots and machines, tasks that require real-time processing and decision-making can be performed locally, resulting in improved productivity, increased safety, and better overall performance.

Autonomous Vehicles: By using real-time processing of data from sensors like cameras, LiDAR, and radar, edge AI enables AI-powered vehicles to make decisions critical for safety and efficiency.

Importance of Edge AI

Edge AI is revolutionizing various industries by bringing advanced computing capabilities directly to the edge. With the increased demand for edge devices to think for themselves, edge AI brings intelligence and real time analytics to even the smallest edge devices.

Edge AI offers several advantages over traditional AI approaches:

• Minimize latency by reducing the time delay involved in sending data to the cloud, crucial for real-time applications.
• Improve overall system performance with real-time data processing for discission critical applications.
• Reduce the power budget and increase battery life to maximize device operation.
• Reduce reliance on cloud connectivity and increase autonomy in remote or network-constrained use cases.
• Enhances privacy and security by avoiding the transmission of data between systems.
• Reduce cost and network congestion by using less bandwidth.

Benefits of edge AI

Less power use: Save energy cost with local data processes and lower power requirements for running AI at the edge compared to cloud data centers

Reduced bandwidth: Reduce the amount of data needed to be sent and decrease costs with more data processed, analyzed, and stored locally instead of being sent to the cloud

Privacy: Lower the risk of  sensitive data getting out with data being processed on edge devices from edge AI

Security: Prioritize important data transfer by processing and storing data in an edge network or filtering redundant and unneeded data

Scalability: Easily scale systems with cloud-based platforms and native edge capability on original equipment manufacturer (OEM) equipment

Reduced latency: Decrease the time it takes to process data on a cloud platform and analyze it locally to allow other tasks

Network Function Virtualization (NFV)

Network Function Virtualization (NFV) is the replacement of network appliance hardware with virtual machines. The virtual machines use a hypervisor to run networking software and processes such as routing and load balancing.

With the help of NFV, it becomes possible to separate communication services from specialized hardware like routers and firewalls. This eliminates the need for buying new hardware and network operations can offer new services on demand. With this, it is possible to deploy network components in a matter of hours as opposed to months as with conventional networking. Furthermore, the virtualized services can run on less expensive generic servers.

Additional reasons to use network functions virtualization include:

• Pay-as-you-go: Pay-as-you-go NFV models can reduce costs because businesses pay only for what they need.
• Fewer appliances: Because NFV runs on virtual machines instead of physical machines, fewer appliances are necessary and operational costs are lower.
• Scalability: Scaling the network architecture with virtual machines is faster and easier, and it does not require purchasing additional hardware.

Risks of network functions virtualization

Physical security controls are not effective: Virtualizing network components increases their vulnerability to new kinds of attacks compared to physical equipment that is locked in a data center.

Malware is difficult to isolate and contain: It is easier for malware to travel among virtual components that are all running off of one virtual machine than between hardware components that can be isolated or physically separated.

Network traffic is less transparent: Traditional traffic monitoring tools have a hard time spotting potentially malicious anomalies within network traffic that is traveling east-west between virtual machines, so NFV requires more fine-grained security solutions.

Complex layers require multiple forms of security: Network functions virtualization environments are inherently complex, with multiple layers that are hard to secure with blanket security policies.

Advantages of network functions virtualization

• Lower expenses as it follows Pay as you go which implies companies only pay for what they require.
• Less equipment as it works on virtual machines rather than actual machines which leads to fewer appliances, which lowers operating expenses as well.
• Scalability of network architecture is quite quick and simple using virtual functions in NFV. As a result, it does not call for the purchase of more hardware.

Benefits of network functions virtualization

• Many service providers believe that advantages outweigh the issues of NFV.  
• Traditional hardware-based networks are time-consuming as these require network administrators to buy specialized hardware units, manually configure them, then join them to form a network. For this skilled or well-equipped worker is required.
• It costs less as it works under the management of a hypervisor, which is significantly less expensive than buying specialized hardware that serves the same purpose.
• Easy to configure and administer the network because of a virtualized network. As a result, network capabilities may be updated or added instantly.

Software-Defined Networking (SDN)

Software defined networking (SDN) is an approach to network management that enables dynamic, programmatically efficient network configuration to improve network performance and monitoring. It is a new way of managing computer networks that makes them easier and more flexible to control.

In traditional networks, the hardware (like routers and switches) decides how data moves through the network, but SDN changes this by moving the decision-making to a central software system. This is done by separating the control plane (which decides where traffic is sent) from the data plane (which moves packets to the selected destination).

Importance of Software-Defined Networking

Increased control with greater speed and flexibility: Instead of manually programming multiple vendor-specific hardware devices, developers can control the flow of traffic over a network simply by programming an open standard software-based controller. Networking administrators also have more flexibility in choosing networking equipment, since they can choose a single protocol to communicate with any number of hardware devices through a central controller.

Customizable network infrastructure: With a software-defined network, administrators can configure network services and allocate virtual resources to change the network infrastructure in real time through one centralized location. This allows network administrators to optimize the flow of data through the network and prioritize applications that require more availability.

Robust security: A software-defined network delivers visibility into the entire network, providing a more holistic view of security threats. With the proliferation of smart devices that connect to the internet, SDN offers clear advantages over traditional networking. Operators can create separate zones for devices that require different levels of security, or immediately quarantine compromised devices so that they cannot infect the rest of the network.

Benefits of software-defined networking

Simplified network management and control

SDN helps to simplify network management for IT teams. A network administrator needs to deal with only one centralized controller to configure and manage all connected devices. This approach is a radical departure from traditional networking, where configuring multiple devices individually is the norm.

End-to-end visibility into networks

This makes device configurations, resource provisioning and management easier. It also enables IT teams to easily monitor network health and act quickly to increase network capacity as business requirements change.

Stronger network security

Centralized, software-defined network also provides a security advantage for organizations. The SDN controller can monitor traffic and deploy security policies. If the controller deems traffic suspicious, for example, it can reroute or drop the packets. Also, admins can easily implement security policies across the entire network to increase its ability to withstand threats.

Simplified policy changes

With SDN, an administrator can change any network switch's rules when necessary -- prioritizing, deprioritizing or even blocking specific types of packets with a granular level of control and security.

This capability is especially helpful in a cloud computing multi-tenant architecture, as it enables the administrator to manage traffic loads in a flexible and efficient manner. Essentially, this enables administrators to use less expensive commodity switches and have more control over network traffic flows.

Reduced hardware footprint and Opex

SDN virtualizes hardware and services that were previously carried out by dedicated hardware. Also, administrators can use open source controllers instead of costly vendor-specific devices. This reduces the organization's hardware footprint and lowers operational costs.

Networking innovations

SDN also contributed to the emergence of software-defined wide area network (SD-WAN) technology. SD-WAN employs the virtual overlay aspect of SDN technology. SD-WAN abstracts an organization's connectivity links throughout its WAN, creating a virtual network that can use whichever connection the controller deems fit to send traffic to. By adopting this technology, organizations can programmatically configure their network topology in a WAN. Also, SD-WAN can better handle large amounts of traffic and multiple connectivity types compared to traditional WANs.

Challenges of SDN

Security

Security is both a benefit and a concern with SDN technology. The centralized SDN controller presents a single point of failure and, if targeted by an attacker, can prove detrimental to the network.

Controller redundancy costs

Implementing controller redundancy is one way to minimize the risk of a single point of failure. However, this can entail an additional cost.

Unclear definition

Another challenge with SDN is the industry really has no established definition of software-defined networking. Different vendors offer various approaches to SDN, ranging from hardware-centric models and virtualization platforms to hyperconverged networking designs and controllerless methods.

Market confusion

Some networking initiatives are often mistaken for SDN, including white box networking, network disaggregation, network automation and programmable networking. While SDN can benefit and work with these technologies and processes, it remains a separate technology.

Slow adoption and costs

SDN technology emerged with a lot of hype around 2011 when it was introduced alongside the OpenFlow protocol. Since then, adoption has been relatively slow, especially among enterprises with smaller networks and fewer resources. Many enterprises cite the cost of SDN deployment to be a deterring factor.

API Management

API management is the process by which an organization creates, oversees and controls application programming interfaces (APIs) in a secure, scalable environment. The goal is to ensure the needs of developers and applications that use an API are met throughout the API's lifecycle, maintain API availability and performance and translate API services into business revenue.

Importance of API management

API Security - Authentication, authorization, and encryption is necessary to prevent unauthorized API access and cyber threats. One example of this is rate limiting which helps prevent sudden spikes in traffic.

Traffic Control - Similar to rate limiting, load balancing strategies help to distribute API traffic efficiently through caching and route mapping. Furthermore, this helps improve performance by directing API calls to the correct endpoints.

API governance - This element of API management creates a consistent user experience. It also includes API discoverability, lifecycle management, documentation and reusability. API governance allows developers to ensure that each API program is built proactively and fulfills a specific goal that adds value to the business. As mobile devices have become ubiquitous for engaging with applications, effective API governance helps developers create rich, complex APIs that improve the mobile user experience.

API Analytics - Insights into API usage patterns, performance, and adoption not only helps with identifying issues and opportunities but it also gives insight into your return on investment.

Benefits of API management

• The ability to make data-driven decisions through business insights gained from API analytics.
• Protection from security threats that affect APIs.
• Detailed API documentation to attract developers and inform users.
• Centralized visibility that lets organizations see all their API connections in one place, reducing security vulnerabilities, decreasing the number of repetitive APIs and identifying gaps for developers to address.
• API monetization that lets organizations share revenue with partners and track billing in real time.
• A positive user experience for API consumers.
• API agility and the ability to rapidly create new digital assets.
• A flexible, agile, adaptable and innovative ecosystem that simplifies the way people, processes and technology work together.

Challenges of API management

• API version control and compatibility issues.
• The API management infrastructure as a point of failure, resulting in unplanned downtime that can render client applications inoperable.
• Incomplete documentation of the APIs and the management system that can be labor-intensive, especially where the management system must handle many versions of diverse APIs.
• Security as a continuous threat at many levels, including the API's access to business data and the security of the API management infrastructure itself.
• Standardization issues that make it difficult to ensure all APIs are deployed and used in a common style and process.
• Scalability capabilities that are often poorly tested and rarely monitored throughout the API lifecycle.
• Lack of suitable analytics to track API management metrics and key performance indicators in a way that's suited to the needs of each API client.

API Management Tools and Technologies

API Gateway: The API gateway is the central component of an API management platform, acting as a single entry point for client requests to access backend services. It routes requests to the appropriate APIs and returns responses to clients. The gateway handles cross-cutting concerns like security, analytics, and performance optimization across all APIs. It provides centralized access control, usage monitoring, and improves efficiency by offloading common tasks from the services. Overall, the API gateway simplifies and secures communication with multiple backend APIs.

Developer Portal: A developer portal (sometimes called an API portal) is a central place where API providers and consumers collaborate and share. From a providers standpoint, the portal is where API developers can configure endpoints, document functionality, manage user access, and generate tokens or client keys. Consumers can register their application in the API portal, learn more about the functionality and exposed methods of an API, reset credentials, or raise service requests for additional support.

Analytic Tools: API management platforms often contain API analytics capabilities to track and visualize API usage metrics. Analytics dashboards can showcase important data points like total API calls, response times, throughput, uptime, adoption trends, and usage by application, developer, or geographic location. 

API Policy Manager: The policy manager controls the API management policy lifecycles. Some API management platforms provide out of box policy control mechanisms that can ensure authentication and authorization, transform incoming requests, check performance, and route API traffic without refactoring existing code. You can hierarchically enable policies. For example, starting at the organization's root level, then the project level, and then at an individual API level.

API Key Management: API keys enable secure access to APIs. Users provide a unique key alongside requests, allowing the API to validate their identity. Requiring API keys is a best practice for authentication. API management platforms simplify API key management through built in capabilities. This allows providers to easily restrict API access, control data usage, and limit resource utilization by mandating API key usage. Overall, API key handling in API management platforms enhances security through streamlined, centralized access control.

 

Microservices Architecture

Microservices architecture refers to an architectural style for developing applications. Microservices allow a large application to be separated into smaller independent parts, with each part having its own realm of responsibility. To serve a single user request, a microservices based application can call on many internal microservices to compose its response.

A microservices architecture is a type of application architecture where the application is developed as a collection of services. It provides the framework to develop, deploy, and maintain microservices architecture diagrams and services independently.

Characteristics of a Microservices Architecture

1. Split into numerous components

Software built using a microservices architecture is, by definition, broken down into numerous component services. Each service can be created, deployed, and updated independently without compromising application integrity. The entire application can be scaled up by tweaking a few specific services instead of taking it down and redeploying it.

2. Robust and resistant to failure

It is not easy for an application built using a microservices architecture to fail. Of course, individual services can fail, undoubtedly affecting operations. After all, numerous diverse and unique services communicate with each other to carry out operations in a microservices environment, and failure is bound to occur at some point.

However, in a correctly configured microservices based application, a function facing downtime should be able to reroute traffic away from itself while allowing its connected services to continue operating. It is also easy to reduce the risk of disruption by monitoring microservices and bringing them back up as soon as possible in case of failure.

3. Simple routing process

Microservices consist of intelligent components capable of processing data and applying logic. These components are connected by ‘dumb wires’ that transmit information from one element to another. 

This simple routing process is the opposite of the architecture used by some other enterprise applications. For example, an enterprise service bus utilizes complex systems for message routing, choreography, and the application of business rules. Microservices, however, simply receive requests, process them, and produce an appropriate output to be transferred to the requesting component.

4. Decentralized operations

Microservices leverage numerous platforms and technologies. This makes traditional centralized governance methods inefficient for operating a microservices architecture.

Decentralized governance is better suited for microservices as developers worldwide create valuable tools to solve operational challenges. These tools can even be shared and used by other developers facing the same problems.

Similarly, a microservices architecture favors decentralized data management, as every microservice application manages its unique database. Conversely, monolithic systems typically operate using a centralized logical database for all applications.

5. Built for modern businesses

Microservices architecture is created to focus on fulfilling the requirements of modern, digital businesses. Traditional monolithic architectures have teams work on developing functions such as UI, technology layers, databases, and server side logic. Microservices, on the other hand, rely on cross functional teams. Each team takes responsibility for creating specific products based on individual services transmitting and receiving data through a message bus.

Application of microservices architecture

Website migration

A complex website that’s hosted on a monolithic platform can be migrated to a cloud-based and container-based microservices platform.

Media content

Using microservices architecture, images and video assets can be stored in a scalable object storage system and served directly to web or mobile.

Transactions and invoices

Payment processing and ordering can be separated as independent units of services so payments continue to be accepted if invoicing is not working.

Data processing

A microservices platform can extend cloud support for existing modular data processing services.

Serverless Computing

Serverless computing is a cloud computing execution model that lets software developers build and run applications and servers without having to provision or manage the back-end infrastructure. With serverless technologies, the cloud vendor takes care of all routine infrastructure management and maintenance, including updating the operating system (OS), applying patches, managing security, monitoring the system and planning capacity.

The main goal of serverless computing is to make it simpler for developers to write code designed to run on cloud platforms and perform a specific role.

Importance of Serverless Computing

Serverless computing plays an important part in digital transformation. First, it lets developers focus on writing and deploying code without having to worry about the underlying infrastructure that supports code execution. Regardless of the industry or company size, a serverless computing strategy eliminates management overhead to increase developer productivity.

This is especially useful for startups or small and midsize businesses that don't have the budget to implement and support physical infrastructure. With serverless, they only pay for the computing resources they use. They also can pick and choose services from providers that suit their needs. Application development teams can focus on user-facing applications rather than managing infrastructure.

Advantages of Serverless Computing

• Lower costs - Serverless computing is generally very cost-effective, as traditional cloud providers of backend services (server allocation) often result in the user paying for unused space or idle CPU time.
• Simplified scalability - Developers using serverless architecture don’t have to worry about policies to scale up their code. The serverless vendor handles all of the scaling on demand.
• Simplified backend code - With FaaS, developers can create simple functions that independently perform a single purpose, like making an API call.
• Quicker turnaround - Serverless architecture can significantly cut time to market. Instead of needing a complicated deploy process to roll out bug fixes and new features, developers can add and modify code on a piecemeal basis.

Disadvantages of Serverless Computing

• Less control: In a serverless setting, an organization hands server control over to a third-party CSP, thus relinquishing the management of hardware and execution environments.
• Vendor lock-in: Each service provider offers unique serverless capabilities and features that are incompatible with other vendors.
• Slow startup: Also known as "cold start," slow startup can affect the performance and responsiveness of serverless applications, particularly in real-time demand environments.
• Complex testing and debugging: Debugging can be more complicated with a serverless computing model as developers lack visibility into back-end processes.
• Higher cost for running long applications: Serverless execution models are not designed to execute code for extended periods. Therefore, long-running processes can cost more than traditional dedicated server or VM environments.

Best practices for securing serverless applications

• Using APIs. Requiring data from the client side to pass through an API means an extra layer of security, protecting the back-end serverless applications. This helps ensure malicious users don't succeed in conducting cyberattacks through data transfer.
• Optimizing security. Security measures such as encryption and multifactor authentication should be applied to various serverless application resources. Since serverless apps can contain many different microservices, each would have to be protected to reduce the number of attack surfaces bad actors could exploit.
• Setting permissions and privileges. Application users should only be granted the permissions and privileges needed to perform specific tasks. This is known as the principle of least privilege.
• Monitoring and logging use. User activity with a serverless function or microservice should be logged and monitored consistently to identify errors and stop suspicious activity before harm is done.
• Limit access using virtual private clouds. VPCs can be configured with their own security features, such as virtual firewalls, to protect resources.