Cisco broadens Tetration analytics reach to data center, cloud security

Cisco's plan is to take the visibility from its Tetration platform to better predict and advise on security threats.

Meltdown-Spectre: A reminder to the IT industry that security is a mirage

Video: A reminder to the IT industry that security is a mirage

Basho and Cisco take the wraps off Riak running on Mesos

Mesos will automate the datacenter resources running under the Riak KV database, thanks to a framework from Basho and Cisco.

Read More

Cisco is updating its Tetration data center analytics platform with security tools designed to segment applications, identify vulnerabilities, and exposure and manage processes.

Tetration, which rolled out last year, is Cisco's platform for monitoring and analyzing the data center. From an initial focus on the network, Cisco has broadened Tetration to provide visibility from its own gear to other parts of the data center and any public cloud.

Yogesh Kaushik, senior director of product management at Tetration analytics at Cisco, said the security enhancements are a natural extension of the visibility the platform provides and could prove as defense to threats such as Spectre and Meltdown.

Read also: Microsoft announces new updates to protect against Spectre and Meltdown attacks | Intel's Spectre fix for Broadwell and Haswell chips has finally landed

"The Tetration visibility engine spans the hybrid cloud environment, knows what's running on these workloads and what files it is touching," said Kaushik, who noted that the system can connect to AWS and Microsoft Azure, as well as VMware, ServiceNow, and others.


On the security front, Tetration is adding the following:

  • Software vulnerability detection by combining an inventory of all software packages, version information and publisher, and the Common Vulnerabilities and Exposure (CVE) database. From there, Tetration detects the software packages with known CVEs and develops a scorecard.
  • Server process monitoring. Tetration collects and maintains an inventory of processes running on servers by the minute. The process information--ID, parameters, users, duration, and signature -- is key for security.
  • Baseline deviation monitoring. Tetration can now detect behavior patterns that stray from the baseline. This deviant behavior can highlight privilege escalation and side channel attacks.

Using Tetration analytics, the platform can automate process changes and other functions in the data center chain.

Kaushik said the Tetration ecosystem has a couple of dozen partners, and Cisco will be expanding to more security vendors and data center gear providers.

Related stories