Securing the Workloadin a MultiCloud
Derek ChiaData Center Tetration Lead
Cisco Systems
Network
Usxaers
HQ
Data Center
Admin
Branch
SEEevery conversation
Understand what is NORMAL
Be alerted toCHANGE
KNOWevery host
Respond to THREATS quickly
Effective security depends on total visibility
Roaming Users
Cloud
Cisco Offering:-Tetration – Cloud/DCUmbrella - DNSCloudLockDuo
What if you could actually protect all your workloads in hybridcloud environment with full visibility?
Securing the multi-cloud
Visibility“See Everything”
Complete visibility of users, devices, networks, applications,
workloads and processes
Threat protection“Stop the Breach”
Quickly detect & respond to threats before hackers can steal data or disrupt operations
Segmentation“Reduce the Attack Surface”
Prevent attackers from moving laterally east-west with application whitelisting
and micro-segmentation
Introducing Tetration
APPLICATION
INSIGHT
FLOW SEARCH &
FORENSICS
SEGMENTATION
& COMPLIANCE
v
Open Access
Web Rest API Event Bus Lab
Billions of EventsMeta-Data generated
from every packet
Software & Network Sensors: See everything
OS SensorWindows
LinuxMid-RangeUniversal
Network SensorCloud-Scale Nexus
Nexus 9000 ‘X’
Data Analytics & Machine Learning Engine
Analytics ClusterAppliance model
On-Premise or Cloud
▸ Ingest
▸ Store
▸ Analyse
▸ Learn
▸ Simulate
▸ Act
Discovery, Map and automatic policy creation
Zero Trust Policy Dynamically Discovered
Discovery, Map and automatic policy creation
{ "src_name": "App","dst_name": "Web", "whitelist": [
{ "port": [0, 0], "proto": 1, "action": "ALLOW"
}, {
"port": [80, 80], "proto": 6, "action": "ALLOW"
}, {
"port": [443, 443], "proto": 6, "action": "ALLOW"
}]
}
Dashboard – Composite security score
COMPLIANCE
Singapore Sets Cybersecurity Requirements for Banks
The Monetary Authority of Singapore, the nation's central bank, has mandated that
financial institutions comply with risk management guidelines within the next 12 months in an effort to strengthen the cyber resilience of these organizations.https://www.mas.gov.sg/news/media-
releases/2019/mas-issues-new-rules-to-strengthen-cyber-resilience-of-financial-
industry
Key StepsThe guidelines require that financialinstitutions:
• Ensure patching updates areapplied to address system securityflaws in a timely manner;
• Deploy security devices to restrictunauthorized network traffic;
• Implement measures to mitigatethe risk of malware infections;
• Secure the use of system accountswith special privileges to preventunauthorized access;
• Strengthen user authentication forcritical systems as well as systemsused to access customerinformation.
Financial institutions have until Aug.6, 2020 to comply with all the newguidelines.
COMPLIANCE
Singapore Sets Cybersecurity Requirements for Banks
The Monetary Authority of Singapore, the nation's central bank, has mandated that
financial institutions comply with risk management guidelines within the next 12 months in an effort to strengthen the cyber resilience of these organizations.https://www.mas.gov.sg/news/media-
releases/2019/mas-issues-new-rules-to-strengthen-cyber-resilience-of-financial-
industry
Key StepsThe guidelines require that financial institutions:• Ensure patching updates are applied toaddress system security flaws in a timelymanner. Tetration: Vulnerability Discover.
• Deploy security devices to restrictunauthorized network traffic. Tetration: Everytraffic, every flow at line rate, to buildwhitelist policy automatically.
• Implement measures to mitigate the risk ofmalware infections. Tetration: ThreatDetection and remediation process usingwhitelist policy.
• Secure the use of system accounts with specialprivileges to prevent unauthorized access.Tetration: Detect privileges escalation inevery workloads.
• Strengthen user authentication for criticalsystems as well as systems used to accesscustomer information. Tetration: integratewith ISE/NAC and work with DUO for Zero-Trust and policy enforcement for end-user.
Financial institutions have until Aug. 6, 2020 tocomply with all the new guidelines.
In Summary with Tetration ..…
• Dynamically learn application dependency mapping forcloud migration
• Dynamically generate updated and real-time whitelist policy for hybrid cloud environment
• Analyze information about hybrid cloud workloads and gain pervasive visibility
• Classify them to your enterprise security policy intent
• Enforce same security policy for workloads in the public cloud as you do within your enterprise – cloud agnostic
• Test the policy and cloud migration scenarios to see the cost and impact
• Build security dashboard for your hybrid cloud environment to understand the security position
• Detect when you get attack in your multi-cloud environment