Skip to content

Cisco Secure Workload Protection

Cisco Secure Workload (CSW, formerly Tetration) leads the market in advanced workload protection. Its unique approach to deep analytics, utilizing operating system insight combined with non-sampled flow analysis, provides all the tools necessary for an agile security model focused on workload protection methodologies. Launch your journey to segmentation with a CSW Application Quickstart from BTA.

CSW microsegmentation



Business Technology Architects' (BTA) CSW Application Quickstart gets you started with application segmentation quickly, safely, and securely. BTA's deep experience with CSW has enabled us to define a set of segmentation use cases that are common across many customers. We've developed and refined these use cases; de-risking their deployment to provide you with rapid experience with the benefits of application segmentation.

The CSW Microsegmentation Process

How it Works

Select up to two of the typical application segmentation use cases.

BTA's experts will engage with your team in a consultative process to ensure success. First, we'll select up to 50 servers in a near-production environment. We'll work with your processes to deploy software agents on those servers, and collect real-time traffic for up to 2 weeks. BTA will host ADM (Application Dependency Mapping) sessions with your team to analyze the data. Using CSW's deep flow analysis and BTA's expertise, we'll define the two applications in your environment and model the required segmentation. After an iterative series of non-impactful testing and analyses, we'll follow your processes to enable segmentation and you'll experience, first-hand, the security advantages of application segmentation.

Application Segmentation Use Cases

Management Control Lockdown

Restricting server management control protocols to a known set of management workstations or jump servers.

Vulnerability Mitigation Policy Example

Blocking pings from hosts vulnerable to a particular CVSS Severity Rating (e.g. quarantine all "critical" severities).

Restricting Services

Restricting DNS, NTP, etc. to particular servers in your data center.

DMZ Workload Protection

Filtering incoming public Internet traffic to approved DMZ environments.

Internal Workload Protection

For hosts that should NOT connect with the internet, deploy policy that only allow them to communicate with known internal addresses.


BTA is a Cisco Digital Solutions Integrator partner, with vendor-certified experience in advanced technologies like CSW. We are technologist practitioners who've turned our years of experience into a proven methodology for technology adoption. In a world where technology evolves at breakneck pace, our team focuses on reducing the noise and enabling customers to rapidly adopt the solutions that will enhance their business and drive agility.

Download Quickstart Guide