Furthering its campaign to become an agnostic integrator and management provider for outside technologies, IBM Corp. has rolled out separate frameworks for managing artificial intelligence applications, multicloud instances and collections of security products.

The frameworks make extensive use of Kubernetes, the wildly popular software for managing large numbers of the lightweight virtual machines called containers. With all major cloud infrastructure providers having bought into Kubernetes, IBM sees an opportunity to play the role of master orchestrator, helping customers move applications and workloads around to different platforms.

The company has already moved much of its middleware portfolio to containers and is urging customers to do the same, said Bala Rajaraman, IBM’s chief technology officer for cloud platform services.

“Only about 20 percent of enterprise workloads have moved to the cloud,” he said, “but there are an immense number that can take advantage of cloud platforms.” IBM plans to use middleware, composable infrastructure and containers to enable that migration, he added.

The flexibility customers can gain from moving applications to the cloud will enable them to lower costs and improve organizational agility, but it also requires more technology sophisticated management.

“Good applications quickly get distributed, so you have to have a view across multiple on-prem clusters and hybrid clouds,” Rajaraman said. “Cloud is about things working together seamlessly.”

Leading the charge is a new platform called AI OpenScale that the company is aiming at the problems that limit wider enterprise adoption of AI technologies. Citing a recent study of 5,000 executives, IBM said 82 percent of businesses are considering using artificial intelligence, but nearly two-thirds lack the in-house talent to confidently manage the technology and 60 percent are held back by trust and compliance concerns.

AI OpenScale addresses the deployment problem by enabling applications built with any open source machine learning or deep learning model to run on any common environment, including IBM’s own Watson and PowerAI, the Seldon open-source framework, Amazon Web Services Inc.’s SageMaker and Microsoft Corp.’s AzureML.

To deal with the trust issue, AI OpenScale comes with algorithms that can detect and correct bias across the spectrum of AI applications as they’re being run. Bias is a byproduct of the black-box nature of AI applications, which don’t always reveal the logic behind their decisions. Bias can be introduced in training data as well as machine learning logic. Teasing out such aberrations can be an arduous data science exercise.

AI OpenScale continually monitors AI applications and applies what IBM calls an “automated de-biasing technology” to flag biases that tend to build up in machine learning models. The software logs every prediction, model version and all training data and applies metrics to help businesses comply with rules such as the General Data Protection Regulation. The net effect is to help organizations understand how AI applications reach decisions through plain-English explanations.

IBM isn’t the only company to attack the problem. Google LLC said it developed a method for testing machine learning bias two years ago and Facebook Inc. announced similar capabilities last spring.

In a related announcement, IBM introduced NeuNetS, a development platform that the company claimed can create deep neural networks from scratch. IBM provided few details but said the models created by the autonomous engine were “comparable to human-designed neural networks.” The platform will be included in beta form in the first release of AI OpenScale.

Managing the multicloud

The new Multicloud Manager provides an operations console for organizations that are using a combination of public and private clouds combined with on-premises systems.  The software is optimized for the IBM Cloud, but it also manages and integrates workloads running on major public cloud platforms.

Multicloud Manager uses the Kubernetes technology inherent in IBM’s Cloud Private platform as the core orchestration engine to deliver a dashboard interface that enables organizations to manage thousands of Kubernetes applications regardless of where they are located. The software is optimized for use with the fully containerized IBM cloud, but can also monitor and report on workloads running on other infrastructure as a service platforms.

Operations and development administrators can get one view of Kubernetes applications across multiple clouds and clusters. An integrated compliance and rules engine can enforce compliance with customer policies and security standards. One-click orchestration is possible across a mix of platforms, as is automated backup of Kubernetes applications and data in the event of a security breach or hardware failure.

IBM primarily uses published application program interfaces to monitor workloads outside of its own cloud but expects to evolve Multicloud Manager to enable more active management in the future. “Is the goal to help customers shift workloads between clouds? At the end of the day, yes,” Rajaraman said. “This is a multiyear journey.” 

Rounding out the troika of announcements is IBM Security Connect, which the company described as a cloud platform “built on open federated technologies, with AI at its core” that analyzes security data across disparate tools and environments.

Citing its own analysis that found that the average cybersecurity team uses more than 80 different products but only 20 percent of the available features, IBM said it will federate a host of third-party security platforms to provide unified threat detection and response. The data integration features can be used to share and normalize threat intelligence, enable federated searching across on-premise and cloud sources and permit organizations to share alerts and events in real time. The platform is based on open security standards and protocols including Stix and Taxii.

Among the technology partners that have agreed to interoperate with the Security Connect platform are Cisco Systems Inc., Cap Gemini S.A., Carbon Black Inc., Check Point Software Technologies Ltd., CrowdStrike Inc., Ernst & Young LLP, ForeScout Technologies Inc., Forcepoint LLC, Fortinet Inc., McAfee Inc., Qualys Inc., Symantec Corp., Tenable Network Security Inc., Trend Micro Inc. and VMware Inc.

Photo: Yoel/MorgueFile