Cisco Tetration Extends Data Analytics Across the Data Center
Tetration network visibility and analytics initiative brings a "time machine" to data center security.
Cisco has long made its fortunes and built its market share around dominance in networking hardware. Today at an event in New York City, Cisco announced its next big initiative. This one's not just about hardware. Cisco Tetration is a new data analytics effort with broad benefits to networking and security; it represents a shift in how Cisco positions itself.
Tetration is a platform intended to enable pervasive data center visibility through a combination of hardware and software sensors. The software sensors run in either bare metal or virtual servers on top of Linux or Windows. The hardware sensors will be embedded in Cisco Nexus 9200 and 9300 ASICS.
The platform promises to gather and make sense of one million events per second, with the ability to provide real-time insights on that data.
Cisco CEO Chuck Robbins explained during the event that Tetration also provides a capability that is a 'time machine' for a data center, enabling an organization to roll back the clock and see what happened. The time machine capability as well as the expansive visibility is something that has security applicability as well.
David Goeckeler, SVP and GM of Security and Networking at Cisco commented that the network plays a critical role in providing a world-class security architecture. Goeckeler emphasized that security always starts with visibility.
"You can't stop what you can't see," Goeckeler said.
Goeckeler added that the reality is that today it's just not possible to stop all threats, as such it's important to also be able find and contain attackers once they are on the network. Goeckeler said that Tetration will enable a new era of analytics driven security, which will be a big part of Cisco security architecture moving forward.
Tetration will provide real-time visiblity at a granular level, on top of which applications and analysis can be built. One use case available today is for containing threats that are already on a network, an approach that Goeckeler called "network as an enforcer." It's an attempt to shrink the attack surface. The basic idea is to enable software-based network segmentation.
"With Tetration Analytics, we can take information that Tetration figures out in the data center about how users access information in the data center, and we can automatically, through ACI [Application Centric Infrastructure], pass this through our next generation network access control," Goeckeler explained.
Network Access Control provides the granular ability to limit access. Together with Tetration, it can leverage intelligence to automate security.
"The threats are all in the network, the network knows where we are, we just have to get all the information to figure it all out," Goeckeler said.
Sean Michael Kerner is a senior editor at Enterprise Networking Planet and InternetNews.com. Follow him on Twitter @TechJournalist.