Cisco is rolling out a new version of its Tetration Analytics platform to better automate security policies and move companies to so-called blacklist approaches to ones that are white list.
A blacklist approach means an enterprise allows entry into networks by default. A white list approach refers to blocking all network traffic unless approved via a security policy. Most companies are somewhere in the middle as they try and balance agility and security.
Yogesh Kaushik, senior director of product management for Tetration, said the industry is moving more toward a white list approach. “There’s a shift happening in the industry toward a better security posture,” said Kaushik. The catch is these security policies need to be automated.
Among the top items companies can do to curb data breaches is to move to a white list policy. Patching and password changes are other defenses.
Cisco’s Tetration, which launched in June 2016 with a focus on compliance, policies, visibility, forensics and application insight, will use its update to better automate security enforcement with a more “fine grained” approach. Cisco’s Tetration software and appliance is designed to minimize the attack surface at an enterprise. Tetration endorses security policies on virtualized, bare metal and physical servers as well as public or private cloud.
The timing for the Tetration launch is interesting since Cisco acquired AppDynamics, which monitors application and business performance. Kaushik said there are potential integration points between Tetration, which focuses on data center analytics, and AppDynamics, which is software focused. “There is a correlation between performance and security,” explained Kaushik, who noted AppDynamics and Tetration may have integration points in the future.
Cisco said that Tetration can be deployed on its initial platform for large enterprises, a version for deployments up to 1,000 workloads and on Amazon Web Services.