http://www.digitaljournal.com/tech-and-science/technology/cisco-expands-tetration-analytics-platform/article/516515

Cisco expands Tetration analytics platform

Posted Mar 5, 2018 by James Walker
Cisco has detailed changes coming to its Tetration data center analytics platform that will add additional cybersecurity tools and improved monitoring capabilities. Cisco is broadening the platform to provide visibility into entire datacentres.
A visitor walks past a Cisco advertising panel as she looks at her mobile phone at the Mobile World ...
A visitor walks past a Cisco advertising panel as she looks at her mobile phone at the Mobile World Congress in Barcelona
Albert Gea / Reuters
Tetration was announced by Cisco last year as a way to monitor datacentre components to identify areas that need attention. It proactively manages maintenance requirements and offers analytical capabilities. The functionality helps firms to check the status of their cloud environments, ensuring reliability and performance.
Previously, Tetration has primarily focused on Cisco networking equipment. As reported by ZDNet, the company's now expanding the platform to include a wider selection of datacentre insights. This will make Tetration far more useful to public cloud operators by providing visibility into new areas of the datacentre.
Tetration can monitor infrastructure and workloads in real-time, reacting to changes in demand, threat level and security vulnerabilities. The software maps out a graph of all the components and dependencies inside cloud applications. This "zero-knowledge environment" forms the basis of a "fingerprint" for the cloud, which Tetration then uses to identify changes and find patterns.
Cisco Tetration
Cisco Tetration
Cisco
READ NEXT: GitHub suffers biggest ever DDoS, goes down for just 10 minutes
"Tetration monitors for workload attributes in real-time. It also ingests data from threat intelligence and analytics solutions, with the ability to generate policy compliance alerts. Tetration can compute and enforce the policy rules based on the change, in real-time," said Yogesh Kaushik, Senior Director, Product Management for the Cisco Tetration platform. "If a new software vulnerability is found, or a host gets compromised, the Tetration policy model can quarantine the culprit in seconds."
Cisco's upgrading Tetration's security monitoring capabilities too. The platform can now detect potential vulnerabilities by analysing all the software running in the cloud. It collates and maintains indexes of every installed software package, detailing its current version, origin and known vulnerabilities. If any of this information changes, Tetration can trigger an alert to notify the administrator.
Tetration also incorporates behavioural analysis functionality to detect anomalous usage patterns in real-time. If the behaviour of an application or user differs from usual standards, Tetration can log the incident and flag it as a potential concern. This kind of analysis helps to avoid privilege escalation attacks by providing visibility into abnormal system events.