Cisco Blogs
Share

Cisco Tetration Lightboard Series: How to Bring Better Network Visibility and Security to Your Data Center


June 20, 2018 - 9 Comments

Last updated 6.21.2018

Bookmark this blog! New videos will be added in the near future.

Thank You!

At Cisco Live Orlando 2018, Chuck reminded all of us how applaudable you network engineers and managers are. You enabled our world of internet, e-commerce, mobile devices, collaboration, AI, IoT, you name it! All was made possible by what you do.

As You Innovate…

As you and your business continue to innovate, you will face the risks that come with it, and security must be one of the top priorities. For this, Cisco has designed Cisco Tetration that brings you holistic workload protection for multicloud data centers.

Top Notch Data Center Security

To get started, the following series of light-board videos will help you understand conceptually what are the security aspects you need to pay attention to, and how Cisco Tetration can address your data center security and visibility problems. At the end of the videos, I recommend you to watch a series of demos.

 

Network visibility with Cisco TetrationOverview: Cloud Workload Protection with Cisco Tetration

Learn how to protect cloud workload with Loy Evans, a must-have knowledge for all network/data center administrators

 

 

 

Cisco Tetration for Network VisibilityOverview: Difference Between Whitelist and Blacklist Policy in Cisco Tetration

Learn what the differences between Whitelist and Blacklist policy are, and how you can use them for a more secured network.

 

.

 

Data center analyticsOverview: How to Use Annotations to Provide Key Context in Cisco Tetration

Learn how to use annotations to provide key context for the information you see in Cisco Tetration and make better assessment to build a more secured data center.

 

 

.

Whitelist and blacklist policyOverview: How to Solve the Network Visibility Problem with Cisco Tetration

See how you can solve your network visibility problems.

 

 

.

Network security

 

Overview: Network Visibility vs. Host Visibility with Cisco Tetration

Learn what the differences are between network visibility and host visibility, what type information each of them present, and how to make better assessment about your network.

 

 

Next

Impressed by these concepts yet? Watch actual demos to see Cisco Tetration in action:

Cisco Tetration Demos

 



In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.

9 Comments

  1. Great series on Tetration.

  2. Nice work, Loy! I really like the Lightboard format.

  3. Very useful, thanks Emmeline.

  4. How can Cisco Tetration be linked to NSX in VMware?

    • Thanks for the complements! Aluri John, There are a couple of link directions you might be asking, so I'll answer both and hopefully that gives you the info you're looking for. Link from NSX to tetration: Tetration can gather information and flow data from the workload instances, thus there is no required linkage from Tetration to ANY underlying physical or virtual infrastructure. Note: Having said that, in the instances where there is an environment with some specific Cisco hardware, we can gather a significantly deeper level of telemetry to provide hop-by-hop performance and diagnostics information related to every flow observed. Link from Tetration to NSX: What Tetration does at the core is analyze millions or billions of flow records and perform the difficult task of providing the logical mapping of what types of communications are happening in that sea of data. It starts by arranging the communicating members of the conversations into logical groupings. Another thing that Tetration does is analyze the conversations that happen between those cluster groupings. From there, Tetration will provide a detailed analysis of how the relevant policy for these clusters and conversations would be expressed. This policy information is available via 1) direct export from the UI, 2) direct access via API, or 3) streamed via a policy message bus. From that point, any enforcement control system (such as ACI, SourceFire, AWS Security Groups, Azure Security groups, NSX DFW, etc.) can use that policy information for enforcement. We are working with a number of companies to provide supported integration models that can ingest the policy, normalize it, then push it to the enforcement system to execute that policy. In the specific case of NSX DFW, the policy that Tetration generates would need to be extracted from the cluster via one of the three methods listed above, normalized via program or script and then pushed into NSX. Hope that answers your Q… Thanks!

  5. great job!