Securing the Workloadin a MultiCloud

Derek ChiaData Center Tetration Lead

Cisco Systems

Network

Usxaers

HQ

Data Center

Admin

Branch

SEEevery conversation

Understand what is NORMAL

Be alerted toCHANGE

KNOWevery host

Respond to THREATS quickly

Effective security depends on total visibility

Roaming Users

Cloud

Cisco Offering:-Tetration – Cloud/DCUmbrella - DNSCloudLockDuo

What if you could actually protect all your workloads in hybridcloud environment with full visibility?

Securing the multi-cloud

Visibility“See Everything”

Complete visibility of users, devices, networks, applications,

workloads and processes

Threat protection“Stop the Breach”

Quickly detect & respond to threats before hackers can steal data or disrupt operations

Segmentation“Reduce the Attack Surface”

Prevent attackers from moving laterally east-west with application whitelisting

and micro-segmentation

Introducing Tetration

APPLICATION

INSIGHT

FLOW SEARCH &

FORENSICS

SEGMENTATION

& COMPLIANCE

v

Open Access

Web Rest API Event Bus Lab

Billions of EventsMeta-Data generated

from every packet

Software & Network Sensors: See everything

OS SensorWindows

LinuxMid-RangeUniversal

Network SensorCloud-Scale Nexus

Nexus 9000 ‘X’

Data Analytics & Machine Learning Engine

Analytics ClusterAppliance model

On-Premise or Cloud

▸ Ingest

▸ Store

▸ Analyse

▸ Learn

▸ Simulate

▸ Act

Discovery, Map and automatic policy creation

Zero Trust Policy Dynamically Discovered

Discovery, Map and automatic policy creation

{ "src_name": "App","dst_name": "Web", "whitelist": [

{ "port": [0, 0], "proto": 1, "action": "ALLOW"

}, {

"port": [80, 80], "proto": 6, "action": "ALLOW"

}, {

"port": [443, 443], "proto": 6, "action": "ALLOW"

}]

}

Dashboard – Composite security score

COMPLIANCE

Singapore Sets Cybersecurity Requirements for Banks

The Monetary Authority of Singapore, the nation's central bank, has mandated that

financial institutions comply with risk management guidelines within the next 12 months in an effort to strengthen the cyber resilience of these organizations.https://www.mas.gov.sg/news/media-

releases/2019/mas-issues-new-rules-to-strengthen-cyber-resilience-of-financial-

industry

Key StepsThe guidelines require that financialinstitutions:

• Ensure patching updates areapplied to address system securityflaws in a timely manner;

• Deploy security devices to restrictunauthorized network traffic;

• Implement measures to mitigatethe risk of malware infections;

• Secure the use of system accountswith special privileges to preventunauthorized access;

• Strengthen user authentication forcritical systems as well as systemsused to access customerinformation.

Financial institutions have until Aug.6, 2020 to comply with all the newguidelines.

COMPLIANCE

Singapore Sets Cybersecurity Requirements for Banks

The Monetary Authority of Singapore, the nation's central bank, has mandated that

financial institutions comply with risk management guidelines within the next 12 months in an effort to strengthen the cyber resilience of these organizations.https://www.mas.gov.sg/news/media-

releases/2019/mas-issues-new-rules-to-strengthen-cyber-resilience-of-financial-

industry

Key StepsThe guidelines require that financial institutions:• Ensure patching updates are applied toaddress system security flaws in a timelymanner. Tetration: Vulnerability Discover.

• Deploy security devices to restrictunauthorized network traffic. Tetration: Everytraffic, every flow at line rate, to buildwhitelist policy automatically.

• Implement measures to mitigate the risk ofmalware infections. Tetration: ThreatDetection and remediation process usingwhitelist policy.

• Secure the use of system accounts with specialprivileges to prevent unauthorized access.Tetration: Detect privileges escalation inevery workloads.

• Strengthen user authentication for criticalsystems as well as systems used to accesscustomer information. Tetration: integratewith ISE/NAC and work with DUO for Zero-Trust and policy enforcement for end-user.

Financial institutions have until Aug. 6, 2020 tocomply with all the new guidelines.

In Summary with Tetration ..…

• Dynamically learn application dependency mapping forcloud migration

• Dynamically generate updated and real-time whitelist policy for hybrid cloud environment

• Analyze information about hybrid cloud workloads and gain pervasive visibility

• Classify them to your enterprise security policy intent

• Enforce same security policy for workloads in the public cloud as you do within your enterprise – cloud agnostic

• Test the policy and cloud migration scenarios to see the cost and impact

• Build security dashboard for your hybrid cloud environment to understand the security position

• Detect when you get attack in your multi-cloud environment