Avatar

Applications are one of the most important things in the data center. But they are misunderstood.

If it weren’t for applications, we wouldn’t build the data center.  It’s the application that makes infrastructure and user data relevant to the business. It’s what drives business value.

The realization of this basic axiom is what has driven us to build Application Centric Infrastructure – ACI.  Our primary goal is to enable the automation of policy, network-based security, and operations for applications in the data center.

The ACI technology easily provides great value in automating operations of classical networking processes.

But to unlock its full potential, you must have a good understanding of what applications are running in your data center, how they are composed, and how they are inter-dependent upon services and one another.

What we’ve discovered is that the majority of our customers don’t actually know the level of detail about their applications necessary to enable a truly Application Centric approach to managing their data center.

Without that understanding, they can’t create a white-list security model, they can’t migrate applications with minimal risk, and they can’t triage problems in an application-focused manner.

Tetration Analytics was created to solve these problems, amongst others, at scale.

Turning the Lights Back On

Tetration leverages the fact that the network is the only thing in the data center that touches all other components.

  • It sees who communicates with who.
  • It sees when that communication occurs.
  • It sees how much information is transferred.
  • And it sees how that information is communicated.

We harvest meta data from all of this communication and developed applications that extract value from it.  These applications provide unprecedented visibility into what is happening in the data center –  and they give insight, in addition to just showing the facts.

Our customers have been running their data centers essentially in the dark with no understanding of how the various parts are moving and interacting.

Tetration takes a “lights out” data center and turns the “lights back on”.

The power of visibility and understanding helps our customers manage their services and SLAs …in real time. It helps them plan, operate, and troubleshoot their infrastructure.

You have to see it and measure it before you can manage it.

Now, we are taking Tetration to the next level – securing those applications.

Sensors as the Enforcer

The dichotomy of agility and security – rapid application deployment and ability to enforce policies and compliance – is a complex challenge for our customers.

Tetration uses software sensors that can be deployed across heterogeneous environments: from public or private clouds, to virtual machines and bare metal servers, and from the network all the way to the endpoint.

You install a sensor in a server, and you don’t have to worry about it anymore.  It’s all managed centrally through the Tetration interface.

Those sensors not only gather the meta data needed to provide visibility, but now can also enforce access policy across heterogeneous environments.

Together, Tetration’s policy recommendation and enforcement engine can deliver fine-grained Application Segmentation – far better than today’s micro-segmentation solutions – and at greater scale.

Using Tetration:

  • You can extract what the current application dependency is in your data center, i.e. the ground truth.
  • You can upload information about ownership of various servers or any other kind of meta data that might be captured in your CMDB or other sources for example, “servers X, Y and Z are in insecure physical locations”.
  • You can create rules around all this information that enforces tighter security between servers in insecure locations, separates data between various business entities, and applies an overall white-list model to the entire system.
  • You can then automatically enforce this dynamically-created policy in the hosts, no matter where they are deployed – on premise, in the cloud, or a combination of the two.
  • You can monitor the system to make sure the policies that are in place are, in fact, enforced.
  • You can see who is trying to work around those policies.
  • And you can see how those policies need to be evolved as applications scale and change.

Never before has this level of integration, ubiquity, and scale been delivered in a single platform.

What you get: a single policy that incorporates multiple requirements, provides enforcement across heterogeneous infrastructures, and is monitored in real-time.

All this through a single, powerful, intuitive, multi-tenant, multi-user interface.

Open APIs Drive Tetration Apps

Tetration APIs allow you to write an application, upload it to the Tetration platform, and have that application mine the data – the same historical and real-time data our applications have access to – and generate reports and alerts.

This allows views and insights to be created by our customers that are unique to their specific industry, applications, environment and ecosystem.

You’ll see our ecosystem thriving in the months ahead, as Tetration easily integrates with third party applications and as our customers build their own applications to fit their business needs.

Shoot for the Moon: Self-Driving Data Center

Putting applications at the heart of our products has pushed our creativity and challenged the best minds.

One day, we envision a self-driving data center – similar to the self-driving car:

When you say to a self-driving car, “I want to drive from San Jose to San Francisco,” you are describing what you want the car to do, what is your intent.  That car must then sense the conditions on the road, the cross-traffic, its speed, etc.  It must adhere to the traffic laws and be defensive to intentional and unintentional threats.

We at Cisco have that vision for the data center, and we want to make sure you make it to your destination – where you intended to go, even if that’s the moon.

It is possible. And we are well on our way.

 



Authors

Tom Edsall

Senior Vice President and Chief Technology Officer

Data Center Networking