Part 2: Cisco Secure Workload Use case
Cisco Secure Workload Use case
A hybrid-cloud workload protection product called Cisco Secure Workload is made to safeguard compute instances in both private clouds and on-premises data center.This comprehensive workload protection solution is provided using machine learning, behaviour analysis, and algorithmic approaches. From the perspective of the consumer, the main difficulty is delivering a safe infrastructure without sacrificing agility.
Fig 1.1- Cisco Secure Workflow |
Due to a surge in east-west traffic, application onboarding, virtualization, security risks, and cloud migration, data center have become ever more complicated.
Cisco Secure Workload for the Datacenter environment will give you
- Whitelist-based segmentation, which allows for implementation of Zero trust model.
- Detection of common vulnerabilities and exposures associated with the software packages installed on the server.
- The ability to act proactively, such a quarantining server when vulnerabilities are detecting and blocking communication when policy violations are detected.
Part 1: Introduction to Cisco Secure Workload (Cisco Tetration) - The Network DNA
Cisco Secure Workload Works
Cisco Secure Workload delivers unrivalled insight into applications, application packages, system operations, and system-to-system and service-to-system communication channels. Once it has a view of its environment, it begins modelling the communication between systems, services, and processes and utilizes this knowledge to provide a visual mapping that shows us which processes communicate with which systems.
It detects changes such as aberrant behaviour caused by hackers or malware, or attempts to exploit newly disclosed holes, using real-time telemetry from the application level down to the individual end user or software process.
The Cisco Secure Workload analytics engine updates segmentation using AI and ML while analyzing if the changes enhance risk and potentially lead to future vulnerabilities. In addition, the AI analyses application and user activities to identify what is normal and what is abnormal, all in real time.
Cisco Secure Workload may also examine the outcomes of new security rules, such as those that restrict access to certain resources, and forecast the implications of those policies on applications and user workloads.
Summary:
The Cisco Secure Workload platform offers a ready-to-use solution that enables network administrators, security operations, and application owners to:
- Gain complete visibility into application components, communications, and dependencies to enable implementation of a zero-trust model in the data center.
- Automatically generate whitelist policy based on application behavior. It also provides a mechanism for including any existing security policy based on business requirements.
- Enforce this segmentation policy across a multicloud infrastructure consistently, to minimize lateral movement.
- Identify software vulnerabilities and exposures to reduce attack surface.
- Provide process behavior baselining and identify deviations for faster detection of any IOCs.