In the past, manufacturers would build a tool to monitor a domain element. A business would then...
Cisco Secure Workload Protection
Cisco Secure Workload (CSW, formerly Tetration) leads the market in advanced workload protection. Its unique approach to deep analytics, utilizing operating system insight combined with non-sampled flow analysis, provides all the tools necessary for an agile security model focused on workload protection methodologies. Launch your journey to segmentation with a CSW Application Quickstart from BTA.
Get in Touch
What is the CSW Microsegmentation Application Quickstart?
Business Technology Architects' (BTA) CSW Application Quickstart gets you started with application segmentation quickly, safely, and securely. BTA's deep experience with CSW has enabled us to define a set of segmentation use cases that are common across many customers. We've developed and refined these use cases; de-risking their deployment to provide you with rapid experience with the benefits of application segmentation.
Microsegmentation has quickly become a key component of most security processes. The process of CSW microsegmentation may seem complicated at first, but it is quite simple; it is a pivotal part of keeping your network and company secure. An attack surface is defined as the number of all possible/potential points and locations where an unauthorized user can gain access to a system, allowing the unauthorized user to extract and steal data and information. Microsegmentation allows security policies to exist much closer to each individual application. In practice, this will proactively reduce the attack surface, making it much more difficult for unauthorized users to gain control and access to your private data.
Microsegmentation is often considered the first step in establishing a Zero Trust Network. Using a Zero Trust take on network security, there is a necessary assumption that no network segment is secure/without breach. Zero Trust network security also switches the user authentication from user to application, rather than user to network. After completing both of these steps, the perimeter of the workloads (applications) themselves is effectively shortened. However, in order to place said perimeters as close as possible to each workload, you will need to implement microsegmentation. With this in mind, it is evident that both microsegmentation and a Zero Trust security approach go hand in hand.
Cisco Secure Workload Microsegmentation
Cisco Secure Workload (CSW) deployment is able to use machine learning to learn, understand, and monitor your applications' typical behavior. In doing this, CSW can identify when the said application's behavior does not fall in line with the previously learned typical behavior. CSW is then able to specially procure certain security policies throughout any and all applicable workloads. Because these security policies are procured specifically for your company's workloads, they are rendered to be extremely simple, efficient, and most of all effective. CSW is able to constantly monitor applications. In doing this, CSW can identify vulnerabilities and any potential exposures. To remedy this, CSW will offer specially procured security policies to fix these said vulnerabilities, effectively shrinking your application's attack surface. The smaller the segments, the less invasive a potential attack can be. CSW is also able to flag certain anomalies for your review. All of these processes are completed extremely quickly, as we value how precious time is in dealing with network security.
The CSW Microsegmentation Process
If you’re looking to quickly begin your journey into segmentation, a consultation with BTA is the perfect place to start. With our extensive knowledge and plentiful experience in segmentation, we were able to define and solidify a process of use cases that are typically applicable to all customers.
How it Works
Select up to two of the typical application segmentation use cases. BTA's experts will engage with your team in a consultative process to ensure success. First, we'll select up to 50 servers in a near-production environment. We'll work with your processes to deploy software agents on those servers, and collect real-time traffic for up to 2 weeks. BTA will host ADM (Application Dependency Mapping) sessions with your team to analyze the data. Using CSW's deep flow analysis and BTA's expertise, we'll define the two applications in your environment and model the required segmentation. After an iterative series of non-impactful testing and analyses, we'll follow your processes to enable segmentation and you'll experience, first-hand, the security advantages of application segmentation.
Application Segmentation Use Cases
Management Control Lockdown
Restricting server management control protocols to a known set of management workstations or jump servers.
Vulnerability Mitigation Policy Example
Blocking pings from hosts vulnerable to a particular CVSS Severity Rating (e.g. quarantine all "critical" severities).
Restricting DNS, NTP, etc. to particular servers in your data center.
DMZ Workload Protection
Filtering incoming public Internet traffic to approved DMZ environments.
Internal Workload Protection
For hosts that should NOT connect with the internet, deploy policy that only allow them to communicate with known internal addresses.
CSW Microsegmentation & Application Quick Start from BTA
Our BTA professionals will be able to guide you through your choices in great detail at the beginning of our consultative process. In working with our BTA experts, we will select up to 50 different nearby servers in a production environment. After selecting the servers, we will deploy software agents to collect the traffic coming to and from those selected servers. This process will take approximately two weeks. BTA will then host Application Dependency Mapping (ADM) sessions with your team in order to properly and intensely analyze the data that was collected through the two-week traffic collection period. We will later define the two applications in your environment using CSW’s deep flow analysis, and BTA’s expertise. This will allow us to model the segmentation, putting us one step away from implementing total segmentation. After a series of initial testing and analysis, we’re finally able to follow your processes and enable total segmentation. Rest assured you have exponentially increased the security of your company and workloads.
At BTA, our approach is S.I.M.P.L.E.
The start stage is where we begin to set expectations for processes and outcomes, while simultaneously gathering the initial required data and gathering resources, therefore allowing us to put our finalized strategy together.
During the immersion stage, we “immerse” our team into a foundational training program on the new model. This allows our team to set expectations and to become familiar with vocabulary related to the new model.
During the “Map” stage, we begin “mapping” an implementation deployment plan, by following what we call the High-Level Design (HLD) objectives. This implementation deployment plan is expected to be very detailed, covering all processes including (but not limited to) any automation, configuration, security, and testing.
During the “prove” stage, we validate use cases (a written description of how users will perform tasks on your website, and the processes the system will follow) that are outlined in the HLD. Following said use cases, we will employ system tests, making any necessary changes as we go.
After following and completing all other stages, the system is finalized and ready to be handed over to operations. During this stage, we will supply you with all final documentation, and conduct operations training and turnover.
During the final "Evolve" stage, we will work alongside you in the quickly evolving technological world in order to ensure that you and your system are adapting to any new needs and any required system enhancements. By doing this through feedback surveys and meetings, we can pinpoint any and all future steps and needed changes/adaptations. This allows us to ensure your company will change and evolve alongside the technology.
Securing Workloads Across Your Entire Environment
Join Founder and CEO Ken Fee and Principal Architect Dana Blair for a conversation about intelligently securing workloads across the entire environment using Cisco Secure Workload.
Why Work with BTA?
BTA is here for all of your CSW needs – everything from training and deployment to consulting and optimization. Our S.I.M.P.L.E. process ensures that your team is able to quickly operationalize the full value of the solutions you’ve invested in, with a solid team of experts behind you.