The Cisco Tetration is a platform that addresses data center operational and security challenges by providing comprehensive workload-protection capability and unprecedented insights across a multicloud infrastructure. This platform is designed to fully address these challenges using comprehensive traffic telemetry data collected from both servers and Cisco Nexus switches. It also performs advanced analytics using an algorithmic approach and provides comprehensive workload protection for a multi-cloud data center. This algorithmic approach of  Cisco includes unsupervised machine-learning techniques and behavioral analysis. This platform provides a ready-to-use solution like:-

  • The complete visibility into application components, communications, and dependencies to enable implementation of a zero-trust model in the data center.
  •  A automatic generation of a whitelist policy based on application behavior and including any existing security policy mandated by business requirements.
  • It consists enforcement of this segmentation policy across a multi-cloud infrastructure to minimize lateral movement.
  •  Also identification of software vulnerabilities and exposures to reduce attack surface.
  •  And the process behavior baselining and identification of deviations for faster detection of any Indicators of Compromise (IOCs).

Benefits of Cisco Tetration :-

  1. Cisco Tetration collect telemetry from Anyconnect NVM agent running on end point devices such as laptops, desktops, smartphones, etc.,
  2. This provides information around user, device name, FQDN, processes running on the device as well as what URL or application was accessed.
  3. Correlate the user data with the user group within an organization.
  4. Define specific policies for segmentation using user and user group information, that can be enforced on the workloads.
  5. It also capture all activity on a server, including east-west traffic, eliminating blind spots.
  6. Cisco Tetration uses the open REST API for northbound system integration.
  7. It also uses the notification mechanism to more easily monitor compliance-based events and detect anomalies.

Conclusion

Upcoming applications are dynamic, using virtualization, containerization, microservices, and workload mobility technologies, with communication patterns between application components constantly changing. Cisco makes it easier to get the right technology to achieve your objectives, enable business transformation and help you stay competitive.