We actively seek improvements in integrating the Infoblox DDI platform with Cisco Secure Workload. This integration allows Cisco Secure Workload to learn about our networks and network tags, providing valuable insights into vulnerabilities related to the operating system and various applications installed on our servers. Recently, Cisco announced a new product called HyperShield, an AI-based autonomous micro-segmentation solution. While Cisco has not stated that HyperShield will replace Cisco Secure Workload, it represents a natural evolution for the company. HyperShield features dynamic policy discovery and enforcement; however, once policies are enforced, they do not change until a discovery occurs, requiring a re-enforcement process. This new platform operates autonomously, minimizing the need for user or security engineer intervention. I would have expected Cisco to incorporate more automatic discovery and enforcement features within the existing Cisco Secure Workload product. Instead of enhancing the current product, they have introduced a new solution. Cisco plans to honor existing Tetration licenses, allowing users to transition to HyperShield without additional costs, reflecting the investment enterprises have already made. From Cisco’s perspective, this represents a natural progression in their product line. While the product name changes, it seems more of a rebranding effort. The enhancements are greater autonomy, improved discovery, and automatic enforcement, which are now being introduced in HyperShield. Cisco Secure Workload offers automatic policy enforcement but cannot adjust policies dynamically as the application needs to change. Having used the platform for the past five years, the recent announcement has been reassuring. Cisco has confirmed that our investment in the platform will not go to waste. They will honor our existing licenses, providing a natural migration path to the new solution without any disruption
There's room for improvement when it comes to Cisco Secure Workload. A couple of internal areas could be refined a little bit. They are trying to solve it, depending on where you suppose the agent is. Suppose you have the agent on both the server and the client, which could be the front-end server or web server connecting to the. In that case, if those two are communicating on RPC, the server can look into its configuration. It could go down and find the configuration file on the FTP server and then set the policies to it. But there are a lot of different FTP servers out there. It's also a complex case for the tool to support all FTP servers. Some things are related to Windows, Unix, Linux, and IBM AIX. We have been working on all platforms, but the support for IBM AIX isn't that good compared to normal operating systems. Support is much better for Windows compared to IBM AIX.
Support for all OS as currently they do not support AIX which is normally base OS for any critical Banking Workload
Solution should be able to provide micro Segmentation policy based on process rather then only IP base. Incase attacker gain access to application server and get to get application password from OS memory dump he can easily connect to database server as in case of cisco policy will be based on IP and Port rather then process
On the client side, Cisco Secure Workload orchestrates host firewalls for micro-segmentation, which is crucial for zero trust security for whitelisting in networking. Before speaking of areas for improvement, I would like to say that I have always been fond of Cisco Tetration Platform and Cisco Secure Workload. There was a controversy when Cisco reduced the amount of data they kept, and the solution became quite cost-intensive, which made its adoption challenging. Although they have modified it now, I preferred the previous version, and I wish all the functionality were back under the same product. Currently, it is integrated into Cisco SD-Access, but not all customers want access to this product.
I'm in pre-sales. I have no technical complaints in regard to the product. The integration could be better, especially with different types of solutions.
There is some overlap between Cisco Tetration and AppDynamics and there are few DC tools, It would be great to have a single pane of glass, rather than have to jump between different tools.
The scalability of this solution needs to be improved. For us, we are not yet at the breaking point, but it is a question. This is an agent-based system but it is not clear how to efficiently deploy an agent. If you discover new assets, you can ask the neighbor on the network for functional sites. You can't deploy the agent because they don't have the feature. Sometimes you deploy from a web server and you discover new assets, but it fails to deploy for some reason. The cartography has to be improved. We can add a new one, but we would like to be able to see the performance advantage of our changes over time. The interface is really helpful for technical people, but it is not user-friendly.
The multi-tenancy, redundancy, backup and restore functionalities, as well as the monitoring aspects of the solution, need improvement. The solution offers virtually no enterprise-grade possibility for monitoring. Example include: The onboard features do not allow remote detection of simple hardware failures. There is no backup option for the data lake. The cluster cannot be deployed in a geo-redundant setup. There is no hardware upgrade path.
Network Engineer at a media company with 1,001-5,000 employees
Real User
Jun 19, 2019
A feature that I was looking for was emailed alerts and notifications so we'd get them right away. I don't know if it is there or not yet but I haven't had enough time to explore and find it. The search capabilities can be improved as well.
Cisco Tetration needs more flags and system alerts that we should get with network capture. We haven't gotten into the security aspects of it. From a troubleshooting perspective, there are a few areas they can improve. There should be more types of data.
Sr. Regional Director, US East at a tech services company with 11-50 employees
Real User
May 28, 2019
While the product does its job and more than any organization currently needs, the entire interface could be improved. It's ugly and uninviting. The biggest competitor has a very nice, modern-looking GUI. Tetration tends to be a lot more cumbersome and it's not very intuitive. It is a good thing for consultants, but not for a typical end user.
Cisco Secure Workload is a cloud and data security solution that offers a zero-trust policy of keeping an organization’s application workloads safe and secure throughout the entire on-premise and cloud data center ecosystems.
Cisco Secure Workload will consistently provide protection by discovering workload process anomalies, stopping threats immediately, minimizing the risk threat surface, and aborting any lateral movement.
Today’s ecosystems are very elastic, and in the...
We actively seek improvements in integrating the Infoblox DDI platform with Cisco Secure Workload. This integration allows Cisco Secure Workload to learn about our networks and network tags, providing valuable insights into vulnerabilities related to the operating system and various applications installed on our servers. Recently, Cisco announced a new product called HyperShield, an AI-based autonomous micro-segmentation solution. While Cisco has not stated that HyperShield will replace Cisco Secure Workload, it represents a natural evolution for the company. HyperShield features dynamic policy discovery and enforcement; however, once policies are enforced, they do not change until a discovery occurs, requiring a re-enforcement process. This new platform operates autonomously, minimizing the need for user or security engineer intervention. I would have expected Cisco to incorporate more automatic discovery and enforcement features within the existing Cisco Secure Workload product. Instead of enhancing the current product, they have introduced a new solution. Cisco plans to honor existing Tetration licenses, allowing users to transition to HyperShield without additional costs, reflecting the investment enterprises have already made. From Cisco’s perspective, this represents a natural progression in their product line. While the product name changes, it seems more of a rebranding effort. The enhancements are greater autonomy, improved discovery, and automatic enforcement, which are now being introduced in HyperShield. Cisco Secure Workload offers automatic policy enforcement but cannot adjust policies dynamically as the application needs to change. Having used the platform for the past five years, the recent announcement has been reassuring. Cisco has confirmed that our investment in the platform will not go to waste. They will honor our existing licenses, providing a natural migration path to the new solution without any disruption
There's room for improvement when it comes to Cisco Secure Workload. A couple of internal areas could be refined a little bit. They are trying to solve it, depending on where you suppose the agent is. Suppose you have the agent on both the server and the client, which could be the front-end server or web server connecting to the. In that case, if those two are communicating on RPC, the server can look into its configuration. It could go down and find the configuration file on the FTP server and then set the policies to it. But there are a lot of different FTP servers out there. It's also a complex case for the tool to support all FTP servers. Some things are related to Windows, Unix, Linux, and IBM AIX. We have been working on all platforms, but the support for IBM AIX isn't that good compared to normal operating systems. Support is much better for Windows compared to IBM AIX.
The product must be integrated with the cloud.
Support for all OS as currently they do not support AIX which is normally base OS for any critical Banking Workload
Solution should be able to provide micro Segmentation policy based on process rather then only IP base. Incase attacker gain access to application server and get to get application password from OS memory dump he can easily connect to database server as in case of cisco policy will be based on IP and Port rather then process
On the client side, Cisco Secure Workload orchestrates host firewalls for micro-segmentation, which is crucial for zero trust security for whitelisting in networking. Before speaking of areas for improvement, I would like to say that I have always been fond of Cisco Tetration Platform and Cisco Secure Workload. There was a controversy when Cisco reduced the amount of data they kept, and the solution became quite cost-intensive, which made its adoption challenging. Although they have modified it now, I preferred the previous version, and I wish all the functionality were back under the same product. Currently, it is integrated into Cisco SD-Access, but not all customers want access to this product.
I'm in pre-sales. I have no technical complaints in regard to the product. The integration could be better, especially with different types of solutions.
There is some overlap between Cisco Tetration and AppDynamics and there are few DC tools, It would be great to have a single pane of glass, rather than have to jump between different tools.
The scalability of this solution needs to be improved. For us, we are not yet at the breaking point, but it is a question. This is an agent-based system but it is not clear how to efficiently deploy an agent. If you discover new assets, you can ask the neighbor on the network for functional sites. You can't deploy the agent because they don't have the feature. Sometimes you deploy from a web server and you discover new assets, but it fails to deploy for some reason. The cartography has to be improved. We can add a new one, but we would like to be able to see the performance advantage of our changes over time. The interface is really helpful for technical people, but it is not user-friendly.
The multi-tenancy, redundancy, backup and restore functionalities, as well as the monitoring aspects of the solution, need improvement. The solution offers virtually no enterprise-grade possibility for monitoring. Example include: The onboard features do not allow remote detection of simple hardware failures. There is no backup option for the data lake. The cluster cannot be deployed in a geo-redundant setup. There is no hardware upgrade path.
A feature that I was looking for was emailed alerts and notifications so we'd get them right away. I don't know if it is there or not yet but I haven't had enough time to explore and find it. The search capabilities can be improved as well.
Cisco Tetration needs more flags and system alerts that we should get with network capture. We haven't gotten into the security aspects of it. From a troubleshooting perspective, there are a few areas they can improve. There should be more types of data.
While the product does its job and more than any organization currently needs, the entire interface could be improved. It's ugly and uninviting. The biggest competitor has a very nice, modern-looking GUI. Tetration tends to be a lot more cumbersome and it's not very intuitive. It is a good thing for consultants, but not for a typical end user.