The document discusses Cisco's Tetration analytics platform for building a secure data center. Tetration provides visibility into application dependencies and network traffic, workload protection through microsegmentation and policy enforcement, and forensic capabilities for investigating security incidents. It captures metadata from all network traffic using sensors and analyzes the data with machine learning to provide insights into applications, detect anomalies, and automatically generate microsegmentation policies for increased security.

1. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

2. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Building a Secure Data Centre with Tetration
Dave Robbins
Regional Manager – APJ, Tetration Analytics

3. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
..but do you know
them well enough
to protect them?
Your business runs
on applications…

4. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
CISCO CONNECT 2018 . IT’S ALL YOU
ESB MQ
Private Cloud
NetworkNetworkNetwork
CISCO CONNECT 2018 . IT’S ALL YOU

5. Using data
CISCO CONNECT 2018 . IT’S ALL YOU

6. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
CISCO CONNECT 2018 . IT’S ALL YOU
Make Smarter Decisions
Implement and Automate Decisions
Capture, Analyse, Exchange
Visibility
Platforms &
Sensors
Software &
Algorithms
Our Strategy
Digital Transformation demands
More Speed and Less Risk

7. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
CISCO CONNECT 2018 . IT’S ALL YOU
Is your app secure & compliant?
Is your platform reliable & efficient?
Are you providing
a great user experience?
Is your app valuable?
What really
matters?

8. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
CISCO CONNECT 2018 . IT’S ALL YOU
(re)Introducing Tetration
APPLICATION
INSIGHT
FLOW SEARCH
& FORENSICS
WORKLOAD
PROTECTION
v
Open Access
Web Rest API Event Bus Apps
Billions of Events
Meta-Data generated
from every packet
Data Analytics & Machine Learning Engine
Analytics Cluster
Appliance model
On-Premise or Cloud
▸ Ingest
▸ Store
▸ Analyse
▸ Learn
▸ Simulate
▸ Act
Sensors capture conversations and behaviours
Host Sensor Network
010101010101
0101010110
BYOD

9. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
CISCO CONNECT 2018 . IT’S ALL YOU
Excellence in Threat Centric Security
Secure Multi-Tenancy Industry Compliance
Standards (PCI)
Microsegmentation VM-Based
Segmentation
vm vm vm
ACI Group
Policy
Deep traffic
inspection
Threat-Centric
Protection
APIC
integration
APIC
Forensic
Analysis
Real-time Threat
Intelligence
Dynamic
Workload
Quarantine
Advanced Threat Protection (NGFW, NGIPS, AMP, Stealthwatch)
Security Foundation (ACI)
Centralized Policy
Automation

10. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
CISCO CONNECT 2018 . IT’S ALL YOU
Introducing Cloud Workload Protection
App Segmentation
Zero-Trust
App Behaviour
Monitoring
Vulnerability
Detection
• Automated whitelist policy
based on application behavior
• Policy enforcement to enable
segmentation
• Tracking of policy compliance
• Outlier detection
• Process hash, lineage,
attributes
• New command, new user
• Account modification
• Privilege escalation
• Shell-code execution
• Raw sockets
• Installed package tracking
• Weekly CVE tracking
• Vulnerability scoring

11. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
CISCO CONNECT 2018 . IT’S ALL YOU
Why is Vulnerability Detection important?
“Gartner predicts that, through 2020, 99%
of vulnerabilities exploited will continue
to be the ones known by security and IT
professionals for at least one year.”

12. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
CISCO CONNECT 2018 . IT’S ALL YOU
Are your applications acting strangely?
Enabled by Process Analytics:
• Baseline Typical Behaviour
• Detect Suspicious Behaviour
• Proactive Analysis
• Replay Behaviour

13. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Rethinking
Application
Segmentation

14. Workload Protection – App Insight
App Insight
Understand your
apps
CISCO CONNECT 2018 . IT’S ALL YOU
Cisco Tetration™ Systems with
Intel® Xeon® Scalable processors

15. Workload Protection – Consistent Policy
App Policy
Understand app
relationships
CISCO CONNECT 2018 . IT’S ALL YOU
Cisco Tetration™ Systems with
Intel® Xeon® Scalable processors

16. Workload Protection – Simulate Changes
Simulation
Act with confidence
CISCO CONNECT 2018 . IT’S ALL YOU
Cisco Tetration™ Systems with
Intel® Xeon® Scalable processors

17. Workload Protection - Enforcement
Enforcement
Consistent protection
CISCO CONNECT 2018 . IT’S ALL YOU

18. Workload Protection - Forensics
Forensics
Capture everything
CISCO CONNECT 2018 . IT’S ALL YOU

19. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
App Insight
Understand your
apps
App Policy
Define app
relationships
Simulation
Act with confidence
Enforcement
Consistent protection
Forensics
Capture everything
App
Segmentation
CISCO CONNECT 2018 . IT’S ALL YOU

20. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
CISCO CONNECT 2018 . IT’S ALL YOU
Visibility
“See Everything”
Threat Protection
“Stop the Breach”
Workload Protection
“Reduce the Attack Surface”
The Three Pillars of a Secure Hybrid Cloud

21. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential© 2018 Cisco and/or its affiliates. All rights reserved
Your next
step?
• Reflect on what you know – and
don’t know – about what is
happening your in DC/cloud…
• What are the risks for your
business? What are the
opportunities if you get it right?
• Check out Tetration in the
Solutions Expo
• Ask your account team about the
Tetration Innovation Kit
www.cisco.com/go/tetration