Cisco Blogs
Share

Tetration Analytics: A Limitless Time Machine For Your Data Center


June 15, 2016 - 3 Comments

In the film Limitless, the main character Eddie finds himself able to learn and analyze information at a superhuman rate. He temporarily has the ability to instantly and meaningfully cross-correlate all of the previously forgotten experiences from his past (1) and assess multiple scenarios in the future. He does this simply by taking a pill.

I don’t have a pill for you, and I’m not going to claim any product can make you Limitless. However, I will say Cisco Tetration Analytics comes closer than anything in the industry to delivering similar capabilities!

What Is Tetration Analytics?

“You know how they say we can only access 20 percent of our brain?  This lets you access all of it.” (2)

head-1058432

Cisco Tetration Analytics provides pervasive and unprecedented visibility across the data center, via a mix of network/hardware sensors that monitor every single packet at line rate and server/software sensors with very low overhead (<1% CPU). The sensors work with an analytics engine that operates in real time, presenting actionable insights with easy to understand visuals. Additionally, it provides application dependencies, automated white-list policy recommendations, policy impact analysis, detection of policy deviation and network flow forensics.   That’s a mouthful, but the essence of it is Tetration Analytics is as close as you’re going to get to becoming Limitless in your data center.

What Problems Does Tetration Analytics Address?

“I was blind but now I see.” (2)

eye-491625

You know the trends, so I won’t babble incessantly about them here. The bottom line is that running a data center is increasingly challenging, with tons of apps, as well as dynamic traffic patterns, workloads and consumption models… all of which lead to seemingly infinite complexity. This leads to numerous challenges:

  • You want to migrate applications, but you can’t. This may mean moving applications from your local data center to a public cloud, moving from one data center to another, moving from a traditional network to ACI or some other programmable infrastructure, or it may mean setting up a disaster recovery site. However, without visibility into your applications, the dependencies between them, and the traffic flows associated with them, you cannot do this effectively, with precision or speed. We’ve talked with many customers who’ve spent enormous amounts of time/money and endured seemingly endless frustration to understand how apps communicate and are dependent on one another.
  • You want a zero trust model, but lack information and resources to implement or maintain it. You want to migrate from blacklist to whitelist security to shrink the attack surface. In a traditional blacklist model, everything can talk with everything else by default, then we create Access Control Lists (ACLs) or firewall rules that deny exceptions.   However, as these ACL’s have grown, sometimes to thousands of lines, it has become nearly impossible to accurately maintain them or to do so with any semblance of agility or accuracy. Gut instinct and empirical data both validate that A LOT of delays and outages result from configuration errors. (3) Admins are left wondering if they delete something, will it create a hole, and if they add something, what might break? With a white list policy nothing talks until it is explicitly allowed, and is thus more secure, prescriptive and accurate.
  • You find it’s impossible to know exactly what’s happening on – or even what’s in – your infrastructure, because you don’t have complete visibility into traffic flows or application behaviors. This results in operational problems and security challenges. This lack of visibility is not unlike crawling around in the dark. About a dozen or so years ago there was a band I really liked called Hoobastank. Yeah, I know, strange name. Anyhow, they had a song that quite accurately reflected the dilemma most folks running a data center have today. It was perhaps – unbeknownst to them – the data center manager’s anthem. The song was called ‘Crawling In The Dark’ and said:

Show me what it’s for

Make me understand it

I’ve been crawling in the dark

Looking for the answer

Is there something more

Than what I’ve been handed?

Yep, there is more than what you’ve been handed, that will provide answers to these problems and help you understand. But it’s not a pill. It’s a time machine for your data center that lets you easily replay the past, reveal the present, and plan for the future. It’s called Tetration Analytics.

How Does Tetration Analytics Address These Problems & How Does It Help You?

“I see every scenario…It puts me 50 moves ahead of you.” (2)

chess-433071

In a perfect world, we would be able to rewind what has happened in the past, view what is happening in the present in realtime, and model what could happen in the future.   H.G. Wells foretold of this capability back in 1895 when he wrote The Time Machine. Granted, he probably wasn’t thinking about data centers when he wrote it, but if he had, the storyline may have gone something like this:

What if you had complete visibility into everything, in real-time?

What if you had a time machine for your data center?

You could look at the past and replay events in real time.

You could plan for the future, and see the consequences of a new policy before you commit to it.

It’s not a ‘what if.’ It’s called Cisco Tetration Analytics, and it’s unlike anything you’ve ever seen.

You can see this storyline brought alive in a very cool video.  It’s only 2 minutes – check it out!

Tetration Analytics is able to address the problems above and provide these new capabilities because it allows you to do things you previously could not. You can:

  • Search billions of flows in less than a second (every packet, every flow, every speed).
  • Do real-time and historical policy analysis, essentially replaying what happened in the network at any time.
  • Continuously monitor application behavior and quickly identify anomalous patterns for compliance exceptions.
  • Validate a change before it’s executed by showing the change’s impact on applications – meaning you can get predictable outcomes.
  • After the change is implemented, you can then validate that policy changes have actually been applied and taken full effect.
  • Get complete knowledge of interactions and dependencies in the data center, bringing greater reliability to data center operations.

So, as I said up front, I don’t have a pill for you. However, I can offer you Tetration Analytics. And though I can’t say your powers will be Limitless, I can say that Tetration Analytics will give you the best semblance of a Time Machine for your Data Center the industry has ever seen.

Tetration_Analytics_Icon

References:

  1. https://en.wikipedia.org/wiki/Limitless
  2. Quote from the film Limitless
  3. A 2015 survey conducted by ESG showed that:
    • 74 percent of respondents took days or weeks to implement security device updates from request all the way through to production implementation.
    • 43 percent of respondents reported a configuration error over the last 12 months that led to a security vulnerability, performance problem, or service interruption.
    • Of those, 87 percent reported multiple service outages over the last 12 months due to technical error with changing or configuring networks.

Image sources: Pixabay

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.

3 Comments

  1. This is long overdue - and cannot wait to learn about their specific uses for ACI workloads

  2. Great write up & love the limitless reference. Dash Thompson Systems Engineer Cisco Systems CCIE #50903

  3. following on DD's cosmos analogies based tetration analytics blog, Craig brings another exciting blog on this topic, and this time with a time machine based analogy - reads awesome