Cisco Blogs
Share

Easily detect threats and risks for Google Cloud Platform


July 17, 2018 - 1 Comment

According the Cisco 2018 Annual Cybersecurity Report, 40 percent of the dynamic networks, endpoints, and cloud infrastructure in enterprises is leading to significant blind spots and lack of real-time awareness for security teams. In addition, 53 percent of organizations host at least half of their infrastructure in the cloud. To fully take advantage of cloud adoption without sacrificing security, you need easy-to-deploy and easy-to-manage visibility and threat detection across the entire network, including public cloud and on-premises infrastructure.

Cisco Stealthwatch Cloud has provided end-to-end visibility and threat detection in on-premises networks for years, but it can also deploy easily in other platforms, including Google Cloud Platform (GCP) and Kubernetes-based environments. Stealthwatch Cloud works seamlessly with Google’s recently announced VPC Flow Logs, which enables Stealthwatch Cloud to deploy via API in 10 minutes or less without the need for agents. This also ensures Stealthwatch Cloud automatically covers your entire cloud infrastructure as it grows and changes.

“It was definitely a fast and easy integration with VPC Flow Logs in GCP. Setup took a few minutes. You just need to set up Stealthwatch to interface with the API and there you go.” – Thomas Scherer, Chief Architect, Telindus

Stealthwatch Cloud combines this data with telemetry from on-prem, other cloud infrastructures, and virtualized environments to provide a single, unified security view of your entire network.

Security built for the cloud

Most organizations adopt public cloud infrastructure as a service because it allows them to be responsive to the business, boost the availability of their services, and – most of all – lower their operational costs by providing exactly the computational resources they need when they need them. To be effective in these environments, security needs to fit this model, and we’ve worked hard to make sure Stealthwatch Cloud does.

Low-noise, high-fidelity alarms

One of the biggest resource drains when it comes to security is managing noisy solutions. According to the Cisco 2018 Annual Cybersecurity Report, only 56 percent of security alerts are investigated, and of those alerts, only 34 percent turn out to be legitimate. A noisy security solution wastes analysts’ time and could lead to legitimate threats going uninvestigated and unremediated.

Stealthwatch Cloud was built to be low noise and high in value. Our entity modeling technology drastrically reduces noise, while still surfacing security-relevant alerts. For example, a typical 10,000-endpoint environment produces a handful of alerts a day. To ensure our alerts are valuable, whenever a customer closes an alert, we ask “was this alert helpful?” Currently, our customers rate 95 percent of Stealthwatch Cloud as helpful. In other words, when Stealthwatch Cloud asks for your attention on something, you’ll be glad you responded.

Agentless and easy to configure.

Stealthwatch Cloud deploys without the need for hardware or software agents, which means you do not need to spend time building a security architecture on top of dynamic, ever-changing cloud infrastructure. Instead a simple API configuration ensures your entire environment is covered.

In addition, Stealthwatch Cloud was built to be as automated as possible. The analytics work out of the box, with no need for extensive configuration or host classifications. Instead, Stealthwatch Cloud monitors network activity and automatically builds a model for each entity, including what type of device it is and how it interacts with other entities inside and outside the network.

Flexible and easy to use.

Stealthwatch Cloud is a cloud-based software as a service. There is no need to manage hardware or apply patches, and new features are added automatically each month. In addition, it has a usage-based subscription model. You pay only for what you use each month. To top it all off, Stealthwatch Cloud comes with a free, no-risk, 60-day trial.

See us at Google Cloud Next

Cisco is a Marquee sponsor of Google Cloud Next 2018! From July 24-26, we’re hosting a booth (S1326) highlighting our joint innovations with Google Cloud, featuring Stealthwatch Cloud demos and an interactive game show, delivering speaking sessions, and giving away great prizes to attendees.

If you can’t make it to the show, read our case study of Telindus or sign up for a free, 60-day trial of Stealthwatch Cloud.



In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.

1 Comments

  1. Bryan, Great follow-up to your June post (blogs.cisco.com/security/10-minutes-to-value-stealthwatch-cloud-for-google-cloud-platform). Will you be providing additional information on the Kubernetes relationship in a future post?