How to Navigate a ‘Zero Trust’ Environment

Written by Oracle Guest Blogger
June 28, 2019

Cisco’s Tetration uses real-time telemetry from applications to detect changes such as abnormal activity or attempts to exploit newly discovered flaws.

The AI also interprets application and user activity–to determine what is normal and what is anomalous– in real time. Tetration can also analyze the results of new security policies, such as those that might restrict access to specific resources and predict the effects those policies will have on applications and user workloads.

That’s a lot of data to manage, analyze and correlate, and that’s why Cisco recommends that IT organizations run Tetration as SaaS running on Oracle Cloud Infrastructure, says Navindra Yadav, founder of Tetration, head of Tetration Engineering and Cisco Fellow. It also offers the option of dedicated Cisco UCS server racks running the Tetration software and installed within a customer’s data center.

The Tetration SaaS option is “better on a cost-benefit basis,” Yadav says. Tetration uses Oracle Cloud Infrastructure for its high performance compute infrastructure. Oracle’s bare metal servers offer significantly higher processor, memory and storage densities, plus a higher-performance network fabric, than alternatives in the cloud IaaS marketplace we evaluated, Yadav says.

Oracle Cloud Infrastructure’s bare metal servers use the latest-generation microprocessors, network connections, high-performance memory and solid-state storage. For security, the servers are isolated from network traffic belonging to any other user, or even from Oracle’s own cloud-management traffic. The cloud customer—in this case, Cisco—has full control over the service’s software configuration, including operating systems and software.

Another reason to prefer the Tetration SaaS offering: scalability up and down. Customers can use only the cloud resources needed to handle their data center applications and workloads, and can scale very quickly. By contrast, when using on-premises hardware, the hardware has to be purchased, which can take some time. Also, because it’s slower to scale hardware, IT organizations will always need to buy excess capacity.

“Customers are paying for latent capacity with our service appliances on premises, whereas in SaaS, they pay for only what they use,” Yadav says.

Maintenance is another factor: With SaaS version of Tetration, all software maintenance is carried out by Cisco, while Oracle takes care of the physical hardware. With an on-premises server stack, the customer has to administer the server hardware and software.

“It’s good to have Cisco manage the SaaS version because Tetration is our software, and the employees inside the Tetration team understand it better than anyone,” Yadav says. “We can offer much higher availability to our SaaS customer and keep the software up to date.”

Cisco continues selling the hardware-appliance version of Tetration to support legacy customers, as well as for some very large, very nervous organizations, such as government agencies, that run Tetration inside very secure facilities that are not connected to the internet or to any external services. “The only reason new customers would choose to go with the appliance is really because they are air-gapped or they have very specific security concerns,” Yaday says.

A final benefit to Tetration as SaaS in Oracle Cloud is speed to deployment. Customers can go live within a day after they place the order with Cisco. When an organization realizes that it needs a comprehensive security system like Tetration to protect the data center and its workloads, nobody wants any delays.

This guest blog is part of a Channel Futures sponsorship.