In the past, manufacturers would build a tool to monitor a domain element. A business would then...

BTA's Starter Pack service is designed to bring up CSW SaaS and provide segmentation value quickly, safely, and securely. Cisco Secure Workload (CSW, formerly Tetration) is the premier Microsegmentation & Workload Protection Platform. Its deep and broad capabilities are key components in building and automating a Zero Trust strategy. BTA's years of CSW experience will ensure that you fully realize CSW's full range of security & visibility advantages.
Cisco Secure Workload (formerly Tetration) seamlessly delivers a zero-trust approach to securing your application workloads across any cloud and on-premises data center environments by reducing the attack surface, preventing lateral movement, identifying workload behavior anomalies, and remediating threats quickly.
This is the easiest and most cost-effective way to deploy a secure workload. It’s ideal for small businesses, as it can be deployed in minutes without any hardware or software purchases.
This option is best suited for companies that need an enterprise-grade solution but doesn’t want to invest in large capital assets. The small form factor of this model means that you won’t need room for a large server rack at your office, which makes deploying it easier than an LTM or PTX system would be.
Large enterprises should consider using this platform because its larger size will allow them to handle more applications than other models available from Cisco can handle at one time—and with greater security capabilities as well.
This includes workload type identification, potential risks to the workloads, and an assessment of how you want to reduce the risk based on what’s happening in your environment.
Once you have this information, you can work on designing how you would secure each type of workload (for example with microsegmentation). You can also identify which applications are running in each segment and create a policy that will allow them to be managed as a group--even though they may be scattered across multiple data centers.
This is one of the most important steps. Different workloads have different security requirements, so it’s critical to identify what each type of workload is and how it will be managed. Workloads can be broken down into three categories: data center infrastructure (DCI), production applications, and nonproduction applications.
After identifying your workloads, you need to determine how they’re used by your organization and how they behave. For example, if an application is used for high-volume transactions or has very strict SLAs, it will be more critical than a low-volume database that stores internal HR records.
Once you’ve identified the workloads in your environment, you can create a microsegmentation policy and implement it. The policy should include roles, responsibilities, and rules that define how traffic will be allowed to flow through the network.
It’s best to test a new microsegmentation policy before deploying it into production. You can simulate different types of attacks in your test environment and then validate that the policy blocks the attack without affecting legitimate traffic.
Once you have created and validated your microsegmentation policy, you can apply it to your production environment. You should also ensure that all new workloads are deployed with microsegmentation enabled.
Microsegmentation can be applied to all cloud and infrastructure workloads. You should also ensure that the policy is applied to any new workloads that are deployed into your environment.
Once you have implemented the policy, it’s important to review its compliance. You should validate that your microsegmentation policy is being enforced and that you are blocking all unwanted traffic from entering your environment. This will help ensure that you are protected from attacks in the future.
When you have implemented the microsegmentation policy, it’s important to set up SIEM systems to monitor your environment. You should review any alerts that are generated by these systems and investigate any issues that arise. This will help ensure that you are alerted if your security policies are being violated by an unauthorized user or application.
BTA will work with your team to deploy CSW SaaS agents to your server workloads - on-prem or cloud-based. We'll then build foundational Scope design and Annotation inputs to optimize CSW's application discovery.
After collecting live flow data from your agents, BTA will cooperatively design application enforcement for Core and Custom applications.
With these apps secured, we'll start showcasing CSW's extensive reporting capabilities for workload vulnerabilities and open, risky server ports. We'll also build a Flow Report of interesting traffic flows, and for Medium Starter Packs we'll report on MITRE ATT&CK workload forensics. Every engagement includes detailed as-built documentation, and a CSW Foundations course to further enable your team.
Small | Medium | Large | |
Agents | 200 | 500 | 1000 |
Scope Design | Y | Y | Y |
Annotations | Y | Y | Y |
Enforcements | 1 Core, 1 Custom | 1 Core, 2 Custom | 10 |
CVE Reports | Standard | Custom | Custom |
Attack Surface | Standard | Custom | Custom |
Flow Report | Y | Y | Y |
Forensics | Y | Y | |
As-Built | Y | Y | Y |
Training | Mentoring | Mentoring | 2-day ILT |
Join us for a conversation with Founder and CEO Ken Fee to discover how the powerful features of Cisco Secure Workload can be applied to a host of complex use cases to secure your environment.
Business Technology Architects is able to support your business in a wide range of activities related to the delivery of technology services. These include: technical project management, IT project management, application development and delivery support, and infrastructure planning, network planning and design, and implementation. If you're looking for more information on how to protect your data center infrastructure and workloads, send us a message or give us a call today.