Reactive, manual tools that rely on scripts and deterministic automation are unfit in the rapidly changing hybrid...
IT platforms that host modern business operations. Heuristic automation must be on the IT organization's docket. Although intelligent automation is still an emerging concept, now is the time to start.
Knowing the difference between efficiency and effectiveness can make or break how an IT automation project affects an organization.
Consider a process that sys admins carry out 10 times per day. IT automation means the same process could occur 100 times per day. This is an efficiency gain: A lot more work gets done within the same given time.
A problem arises when the original process is faulty. If four of those existing 10 processes result in errors, then moving up to 100 instances of the process per day garners 40 bad results.
To prevent this kind of wasteful automation, the initial focus must be on effectiveness, before efficiency. The existing processes must result in zero or as few errors as possible, before automating the steps for how the processes are completed.
Reducing errors to one in 10 keeps problem cases manually manageable within the greater scheme of things, even as the process scales up.
Intelligent, heuristic automation learns from the conditions in the environment and historical data, thanks to machine learning, deep learning and other technologies generally grouped under AI. AIOps tools make IT automation real-time reactive, or even proactive, rather than deterministic.
Heuristic automation example: Platform security
Heuristics have long been used in security automation; vendors such as F-Secure, Kaspersky, Symantec and Trend Micro all use heuristics in their systems.
IT platforms are constantly under attack from all sorts of possible malicious efforts, ranging from open port sweeping to intrusion attacks and denial-of-service assaults, such as the sophisticated distributed DoS move that took down Dyn in 2016. Historically, IT and security professionals identify that an attack is happening and then simply apply a defined means to deal with the problem.
With heuristic automation in the mix, automation becomes responsive to changes in the IT environment caused by the attack. Instead of applying a simple and often ineffective fix, a heuristic IT management system looks at the IT deployment as an overall entity and applies the right fix for the situation. In this example, heuristic automation could change traffic patterns to offload incoming streams to a separate area of the platform and block certain traffic from access to those streams. It also could reallocate running workloads to a public cloud instead of the private cloud, or vice versa, to prevent service disruption. Provide the heuristics engine with information about possible attacks, and it can harden the platform in real time to prevent them from ever happening.
Heuristic automation for IT operations
While heuristics are proven in security, the technology can improve standard IT automation work as well.
Complex IT platforms make updates tricky, but they are critical for a secure, highly available and high-performing setup. It's one thing to check that all the servers can accept a firmware or OS update; ensuring that such changes -- where some servers are updated while others require manual intervention -- do not detrimentally affect the overall IT platform requires far more intelligence.
Heuristic automation understands the dependencies across the platform and ensures that no change results in issues that hurt performance on the user side, to a noticeable extent.
The need for heuristic automation is most evident in the area of orchestration. Orchestration brings a task with many steps to completion and underpins rapid iterations and deployment automation seen in DevOps shops. DevOps implementation can be a double-edged sword: The organization gains faster, incremental functionality introductions and updates, but it also gets exposed to more drastic problems than in slower-moving IT operations, due to ineffective processes. We want continuous delivery, not continuous disaster.
There are a range of DevOps-geared tools that incorporate idempotent orchestration, which means they enforce a defined desired state. Increasingly, these idempotent tools also are heuristic, relying on machine learning and other forms of AI to predict and avoid undesired consequences, as code, updates and patches move from development to test and into production operations. These tools fall under configuration management, such as Ansible, CFEngine, Puppet and Chef; infrastructure as code, such as various tools from HashiCorp; and pipeline tools, such as the offerings from Electric Cloud.
Within the live production environment, look for systems that monitor operations in real time and can make continuous changes to ensure that the platform is optimized.
A human touch
IT organizations must be wary not to put too much faith in unfettered heuristic automation. Checks and balances should ensure that the stated desired outcome is really achieved. With the complexity of existing IT platforms and the immaturity of many heuristic and related AIOps tool sets, mistakes are bound to happen. Run reports regularly, and actually read them. Ensure that manual intervention is still possible and that rollback to the last known-good environment is not only possible, but achievable rapidly.
As AIOps and heuristic automation tools mature and IT environments continue growing complexities and dependencies in every direction, however, don't be too dogmatic. When what happened isn't what was expected, investigate whether the result is actually better than the expected one. It's likely that heuristic engines will offer better setups and solutions to problems than humans, in some scenarios.