6. The security challenge
Motivated and targeted
adversaries
Increased attack
surface
Increased attack
sophistication
• State sponsored
• Financial/espionage motives
• $1T cybercrime market
• BYOD blurring perimeter
• Public cloud services
• Enterprise IOT
• Advanced persistent threats
• Encrypted malware
• Zero-day exploits
Scale too many alerts
Complexity securing
everything
Sophistication
Keeping up against attackers
60days
Industry average time to
contain a breach
$3.8M
Average cost of a
data breach
200days
Industry average detection
time for a breach
100%
Customers lack network
segmentation at time of breach
8. (re)Introducing Tetration
APPLICATION
INSIGHT
FLOW SEARCH
& FORENSICS
WORKLOAD
PROTECTION
v
Open Access
Web Rest API Event Bus Apps
Meta-Data generated
from every packet
Data Analytics & Machine Learning Engine
Analytics Cluster
Appliance model
On-Premise or Cloud
Ingest
Store
Analyse
Learn
Simulate
Act
Sensors capture conversations and behaviours
Host Sensor Network
01010101010
10101010110
BYOD
16. Visibility with Context and Control
Employee
Employee
Supplier
Quarantine
Shared
Server
Server
High Risk
Segment
Internet
Clear understanding of traffic
flow with context
Easier to create & apply policy
based on such context
192.168.19.3
10.85.232.4
10.4.51.5
192.168.132.99
10.43.223.221
10.200.21.110
10.51.51.0/24
10.51.52.0/24
10.51.53.0/24
Internet
With ISE & Tetration Integration
17. Workload Protection – APP Relationships
App Policy
Understand app
relationships
Cisco Tetration™ Systems with
Intel® Xeon® Scalable processors
18. Workload Protection – Simulate Changes
Simulation
Act with confidence
Cisco Tetration™ Systems with
Intel® Xeon® Scalable processors
20. • Share group info to
simplify policy
management
• Share classifications to
reduce SecOps effort,
deliver consistency
and simplify audit
• Multiple clouds with
consistent policy
Group Policy Connector
Enterprise
Security Groups
APIC
DC
ACI
EndPoint
Groups
VTS
Groups
AWS
Security
Groups
Azure
Network
Security
Groups
Rackspace
Security
Groups
OpenStack
Security
Groups
ODL
Groups
Tetration
22. Threat detection
and hunting
Application traffic
modeling & visibility
Access control policy
discovery and audit
Segmentation
Anomalous
behavior
Integrated with other security solutions 1+1=3
Greater visibility and security together
Cisco Tetration and Stealthwatch