Cisco UK & Ireland Blog

Give your data centre a ‘Triple A’ rating

August 19, 2016

Just imagine if you could identify a breach to your network in real-time. Or if you had visibility of hackers still on your network, exactly what has been taken and any threats left behind.

More than 100 Financial Services Institutions are about to realise this vision with a powerful new analytics platform for their data centre. It allows them to secure their most valuable assets and will transform the way they work.

If you’re in Financial Services, chances are you already see the data centre as one of your most valuable assets. From storing sensitive customer data to powering IT and high frequency trading (HFT), it’s the bedrock for both enabling and growing your business.

But from a security and compliance perspective, can you truly see what’s going on inside?

Security starts with your datacentre

Our latest research shows that attackers now enjoy unconstrained time to operate. Meanwhile, defenders struggle to gain visibility into threat activity and reduce time to detection of known and new threats.

This lack of visibility is largely due to data sprawl and distributed workloads. You can use network sensors to get a general picture of performance, plus tools such as Netflow to give you traffic size. But neither provide you with the pervasive visibility you need.

With the launch of Cisco Tetration Analytics in June, we’ve built a much better way to monitor, analyse and manage your data centre applications and associated policy and infrastructure. It’s a Big Data and analytics platform that lets you:

  • Understand what applications are dependent on each other
  • Check the effect of policy changes before they’re applied
  • Search across billions of flows in less than a second
  • Make informed operational decisions
  • Continuously monitor application behaviour to quickly spot deviations in communication patterns

These capabilities help you move to a much more robust model for information security, governance and compliance.

blue globe with dataFor example, blacklisting has been the traditional security model for many years. Basically, it works like this: I know you’re a malicious piece of code by your name and other signature characteristics. You can’t come in. Any code I don’t know (based on signature) can come in by default.

The white-list – or ‘zero trust’ – model however works like this: No code can communicate within the data centre unless I know that code, trust it, and am aware of its typical traffic patterns.

Tetration provides the visibility of code processes and their communication patterns to provide the basis for a white-list policy. It means upfront protection because you don’t need to wait for threats and attacks to be identified first.

Agility, Auditing and Assurance

Tetration is a platform that delivers complete visibility across everything in your data centre in real-time. That means every packet, every flow, every speed. You can map out your infrastructure, your applications and workloads, literally everything your data centre supports.

It’s also like a time machine because with everything mapped (or ‘baselined’ in technical parlance), you can rewind what’s happened in the past, view what’s happening in the present and model what could happen.

If your firm were to suffer a hack on a switch, you could look back at any moment in time to see what happened, what was taken, how, and where it went. You can also use Tetration to identify the source of malicious communication processes and direct remediation teams to ALL of the infected servers and ensure that nothing has been left lying around.

What’s novel in our approach is that it combines what’s seen at the host level and the network level so that you can look inside and identify anomalies. Crucially, Tetration captures just the header, not the payload. This means you can secure your data centre and assure the confidentiality, integrity and availability (CIA) of your data for rock solid compliance.

What’s even better is you can prove compliance in an instant. Typically, when auditors visit, they’ll perform an inspection switch by switch, log by log, and then triangulate. This can take weeks. But with your applications and workloads mapped, and your policies set automatically, you can run a report at the touch of a button – and it will be absolutely current.

Don’t let hackers blow the bl**dy doors offCisco Security Image

Bottom line is that today’s tools are complex and slow. This costs you time, money and lost opportunity. By deploying Tetration, your firm can be much more agile, with compliance and governance guaranteed.

If you have a ‘cloud first’ strategy, you can look at your environment and know with certainty what applications and workloads it supports, how they interact, and with what. This knowledge allows you to decide whether it makes sense to migrate certain applications or workloads to the cloud – safe in the knowledge that you will still be secure and compliant.

Security practices in the Financial Services sector may be back in the media spotlight following the theft of some $66m worth of bitcoins, but the sector has been a prime target for hackers and cyber criminals for some time.

2015 saw a surge of attacks leading to hefty costs for firms and customers exposed to identity theft and fraud. Meanwhile, 46 per cent of the Financial Services firms included in PwC’s global security survey had been victims of economic crime within the past 24 months.

Although hackers have upped their game, don’t let them blow the bl**dy doors off!

There’s no need for your data centre – or your business – to lose its ‘Triple A’ rating. We’re spectacularly good at connecting things, people and data in intelligent and secure ways to help your firm make money, save money and stay ahead of the competition.

Get in touch with your Cisco account manager today if you want battlefield-grade security embedded in your network.

Leave a comment