AlgoSec and Cisco Tetration Analytics Demo

Ecosystem | AlgoSec and Cisco Tetration Analytics Demo Subscribe

AlgoSec & Tetration - A Joint Solution

Discover application connectivity and dependencies
Automatically map business applications to underlying network security infrastructure
Business-driven risk, vulnerabilities, and compliance analysis
Troubleshoot application connectivity issues
Automatically implement a white-list security policy in hybrid

View transcript

hello I'm Anna Koosman VP of Technology at AlphaTech in the following few minutes I will demonstrate how the join solution of Cisco tetration and the other set can assist in business driven security policy management so here are the key value point of the joint solution first the solution will allow you to discover business applications running in your network their connectivity and the dependencies then after discovering these applications you'll be able to automatically map business these business applications to the underlying infrastructure for example seeing for each firewall rule which business applications it supports it will also allow you to tie this business context into risk analysis vulnerabilities and compliance it will also allow you to travel shoot application connectivity issues resulting from these configurations in policies as well as allow you to automatically implement new security policies whitelist policies in hybrid environments consisting of multiple technologies and plat so here is my Cisco tetration analytics interface you can see here that I use it to discover replication I named it HR we can see here the connectivity between the different nodes in the application can see it also flows and now thanks to the new integration this information is actually automatically passed on to alga SEC so let's switch to that and here in business flow we can see that the policies generated by iteration were imported into business flow and we now have an integration defined here with all the flows now let's take a look at a few things we can do here so first I promise we will tie the application connectivity into the underlying infrastructure so let's have a look at that we'll go switch now to the policies view and after I imported the the new application into either so this a mapping is automatically generated so I'll look for my app here and we can see that there are several files that support this new business application and we can see the exact rules in this case in a Cisco essay and the pal of the network's firewall we can see which exact rules support this business application so from now on we will have this application indication going with us wherever we see these Bible rules whether it's clean up risk analysis troubleshooting etc so this is extremely useful in cases where we perform the application discovery in brownfield environments where we already have some security infrastructure in place ok so switching back to business flow let's see what else you can see here so I will now go to the vulnerabilities tab where I can see information about the vulnerabilities detected from each of the nodes or servers that participate in this business application typically we see here information from koalas or rapid7 letters from ability scanners that are integrated into albums as well we can see some details this information can actually also be brought back into the trench n so we can consume it from there as well switching back to the trash and now switched to the close tab they can see here the flow that iteration detected and now there's also an added information about the provider and consumer in terms of vulnerabilities and their rating according to AutoStick in terms of risk analysis we can also say in business slow all the security risks related to the specific business application as we can see here ok last but not least let's get back to our new application we can see here all our clothes now I can actually commit this draft and then we'll slide here and business flow will automatically calculate what needs to be updated in the lined infrastructure and we can see here all these things that are specific for this application and when I hit OK it will actually create a change request within either set in the workflow part to go ahead and make changes as needed into the underlying security infrastructure so I will now switch to fire flow where we can see that the change request was created with all these new flows and now in our workflow solution I will cycle automatically decide which firewalls need to be updated if at all specifically this is very most relevant when we want to introduce a new security measure to introduce micro segmentation within the data center add a new firewall etc and then other SEC will simply push these new rules into the new flat one this new security measure can be Cisco firewall other leading vendors firewalls cloud security groups at the end cetera and with that we will conclude our demonstration of the join solutions of elbow tech and Cisco tetration analytics thank you

Videos

Ecosystem | AlgoSec and Cisco Tetration Analytics Demo Subscribe

Related videos

Application Segmentation with Cisco Tetration & AlgoSec

Demo: AlgoSec's Cisco ACI App Center

Cisco ACI and AlgoSec Integration (Overview and Demo)

Cisco ACI and AlgoSec Integration (ActiveChange Demo)