Communication within a data centre can be likened to a black box – there is plenty of movement, but insight is limited. The box is both business-critical and sensitive to changes, while at the same time as there are constantly higher demands for flexibility and dynamic management. Complete insight into data centre communication has been a wanted for a long time but has been challenging to achieve. Tetration
Analytics is quite a new solution from Cisco which is missing a counterpart in the market.
Conscia Netsafe first in the Nordics with Tetration
When Cisco gave Conscia Netsafe the award Competence Partner of the Year 2017 special mention was made of the fact that the company is the first in the Nordic region to deliver Tetration to customers;“We have followed Tetration closely since the product was launched, we see that it is delivering unique value to modern data centre solutions. There is no direct model, so you will have to work actively with skills development and not rely on old merits. Competence and continuous training has been part of our culture since inception,” says Emanuel Lipschütz CTO of Conscia Netsafe.
Traditionally, the focus has been on controlling the traffic flow in and out of data centres, roughly segmented into zones. The analysis of communication has usually been performed using sample data. The alternative has been to force through less optimal traffic flow in order to get control. The traffic volume that never leaves the data centre (traffic that moves from East-West) has grown and establishing a data source with complete information on all communication has not been practically feasible.
Flexibility drives the need for insight
Business applications with resources in both cloud services and private data centres are becoming more and more common. SDN (Software-defined networking), for example Cisco ACI opens the door for flexible configuration. At the same time, the need to follow and analyse outcomes – the results of configurations from the outside and inwards – is critical.
Tetration Analytics works just as well in the cloud as in a data centre, or in solutions spanning both. Information on all communication is gathered and made available in almost real time and is saved for analysis later on. As the name suggests a Tetration expresses a very high number, so the solution handles a large amount of information.
“Modern data centre solutions with software-defined networks need to embrace a reality where change is natural and desirable. The application is really at the centre, and modern applications are not static. It is not an option to rely on the status quo to achieve accessibility. Here, the IT architects we work with look for solutions to meet new and traditional requirements at the same time. Without the assurance of full insight into application dependence, changes remain a major risk factor. It demands an up to date and qualified basis to deliver flexibility and quality,” says Emanuel Lipschütz.
Tetration provides full insight into the components that deliver an application and how they communicate. The information is available in close to real time and is saved for analysis. Policies can be established to easily track deviances or vice versa, to with certainty be able to show compliance. Access to detailed historic data is also a valuable resource in security assessments and the follow up of incidents.
Zero-trust model for communication
With the help of machine learning, Tetration can model application views and show dependencies clearly. This basis can be used to build rules according to a zero-trust model, based on factual communication. In part, this reduces the attack surface when only intended communication is allowed. In part it meets the need to not impact existing applications in operation when introducing a new rule set.
“It is important to point out that Tetration is not about taking samples, neither is it about input of factual data. Metadata from the header in each package for all flows are collected. If you have a background in networking, the field of use surrounding visibility is a good way to approach the solution. In a Cisco-based data centre solution, Tetration can show the flow level of how traffic in the context of an application moves through the network. But this is just the first chapter on Tetration,” says Emanuel Lipschütz.
Tetration Analytics – how it works
Tetration can gather telemetry from many types of sensors, but the most important type is the software sensor that is run directly on the servers. For data processing, information from other sources is also retrieved – data from, for example, a CMDB allows us to express intent or build a policy in Tetration without using traditional networking.
To handle this big inflow and processing of information Tetration builds on a Big Data platform. Applications written for Tetration can be run directly on the Big Data platform, and integration with Tetration is directly to the API or with push notification from Kafka. Of course, there is also a GUI to work directly in Tetration.
“Even though we are talking about communication it is important to understand that Tetration does not assume network equipment to be its only source. We see the entire view of which process on the server initiates communication and which processes communicate with each other,” says Emanuel, and continues,“Do you want to model an existing data centre environment and implement strict rules? Move over to a software-defined network model, move applications to the cloud, split up or merge together data centres? Take a closer look at Tetration Analytics,” says Emanuel Lipschütz in closing.
Take a closer look at Tetration with us
Visibility is just a start – even when it comes to security Tetration brings great value.
Interested? get in touch and our experts will get back to you.