Cisco has rolled out a second release of its Tetration Analytics package with features such as a smaller footprint and a cloud service that will go a long way toward making the system alluring to more data center customers.
Announced in June of last year, Cisco’s Tetration Analytics is a turnkey analytics package that gathers information from hardware and software sensors and analyzes the information using big data and machine learning.
Tetration software sensors support Linux and Windows server hosts, while hardware sensors are embedded in Cisco network switch ASICS: Nexus 9200, Nexus 9300-EX and Nexus 9500-EX, to collect flow data at line rate from all the ports. Per Cisco once in place, the Tetration platform learns its enterprise environment and any policies IT has in place. From there it can learn which applications are dependent on each other throughout their data center and into the cloud. It can monitor server behavior patterns and group servers more efficiently.
For policy setting, customers can validate new policies by running them through Tetration first to see what their impact would be on the enterprise. Users can also use this information for regulatory compliance applications.
In the first release of the platform it was largely looking and listening to customer networks and applications and now with release 2 it can act on what it has found – automatically enforcing policies, securing the enterprise and continuing to help customers get a better handle on their data centers, said Cisco senior director, product management Yogesh Kaushik.
Security was always a key part of Tetration and the second release builds more options onto the system. Kaushik said customers are moving toward a “zero trust” policy which locks down all access to applications – but with highly distributed applications, like cloud apps, that have many components and are multitiered it can be complex to implement, Kaushik stated.
Cisco says Tetration Analytics policy recommendation and enforcement engine can now take micro-segmentation — a security technique enabling workload separation — a leap further by delivering application segmentation, which drives policies across the application layer, regardless of where the application resides: virtualized, bare metal, physical servers, or in the cloud. Policies can be pushed to any vendor’s firewall, and can be orchestrated at the network layer as well, Cisco said.
Cisco says Tetration can capture a million events per second and make decisions behavior analysis of billions of flows, processes, and workload characteristics allowing for realtime policy enforcement. The idea is that as customers move towards a more devops environment where apps are rapidly brought online and off, Tetration can implement security policies quickly.
“As organizations undergo digital transformation and embrace the DevOps model, they’re investing in new technologies with infrastructure that’s becoming more dynamic and distributed, and as a result security must become more dynamic as well,” said Zeus Kerravala, principal analyst at ZK Research and Network World blogger, said in a statement. “Although 80% of security spending is focused on the perimeter, only 20% of the breaches occur there. With Tetration’s security policy enforcement, organizations could probably pay for the platform by heading off a single breach.”
In addition to the software improvements, Cisco added a smaller footprint version and a cloud option.
The small-scale Cisco Tetration-M is aimed at deployments supporting up to 1,000 workloads. The Tetration-M package includes eight 1RU servers (ix UCS C-220 servers and two Nexus 9300 servers) compared to the larger version which requires 39 1RU servers – 36 servers (1RU Cisco UCS C220 Rack Servers) and three Cisco Nexus9372PQ Switches). The software is subscription priced at about $180 per workload, Cisco said.
Jim Duffy, a senior analyst with the 451 Research group, noted that Cisco said last summer at Cisco Live they they’d be scaling Tetration down, even to the chip level. “So smaller footprints and more digestible packaging and pricing makes much sense.”
For the cloud, Cisco has also announced an appliance with Tetration software deployed in the public cloud on Amazon Web Services (AWS). Tetration Cloud also supports up to 1,000 workloads. Tetration can monitor workloads in private as well as public clouds, Cisco stated.
Cisco also bolstered the number of third-party vendors that can now utilize Tetration to build its data into their systems – AlgoSec, Citrix, F5, Infoblox, ServiceNow Tufin and the Dell Converged Infrastructure Group (previously known as VCE).
The Tetration upgrade comes on the heels of Cisco’s purchase of AppDynamics and its application performance monitoring technology which could end up being a component for feeding Tetration all manner of application performance information, experts said.
“The information collected from AppDynamics is an ideal fit in Tetration,” said Dennis Drogseth vice president, Enterprise Management Associates.
During a press event for the AppDynamics buy, Cisco’s Senior Vice President and General Manager Rowan Trollope said of a possible AppDynamics integration with Tetration: “We have been looking at our analytics strategy more broadly in the past year and a big part of the value that we bring especially with the Tetration product, is the ability to deeply instrument and report on the infrastructure – what’s happening from UCS all the way to the network and getting that broad view from the security perspective. But taking all of that data and making sense of it …being able to connect the dots on all these parts of the enterprise hasn’t really been possible…you could see us making moves that we would tie these things together.”