My CartLog in
Cisco
Technology
Data Center and Virtualization
Mapping Data Flows and Policy Deployment with Cisco Tetration (TETDFM)

This course, Mapping Data Flows and Policy Deployment with Cisco Tetration, will help you understand and manage Cisco Tetration Analytics™ telemetry data and the flows corpus. This course provides the details and hands-on activities necessary to successfully implement policy based on how hosts are generating or consuming traffic.

Download pdf
About the course

Prerequisites:

The knowledge and skills that the learner should have before attending this course are as follows:

  • Knowledge of cloud and (virtual) data center architecture or cloud basic networking concepts
  • Familiarity with Cisco basic networking security concepts and application security concepts
  • High-level familiarity with basic telemetry protocols and Big Data analytics

Course Objectives:

Upon completing this course, the learner will be able to meet these overall objectives:

  • Describe the Cisco Tetration architecture and how Tetration enables pervasive visibility of traffic across datacenter infrastructure
  • Describe how Tetration telemetry data is utilized in the Flows Corpus
  • Construct effective policies based on discovered flows and Application Dependency Mapping (ADM)
Course content

Module 1: Tetration Overview

  • Cisco Tetration Features
  • Cisco Tetration Architecture
  • Cisco Tetration Operational Concepts
  • Cisco Tetration Deployment Models
  • Cisco Tetration GUI Overview

Module 2: Tetration Components

  • Data Collection
  • Sensors and Agents
  • Flow Collectors

Module 3: Hardware and Software Agents

  • Software Agents Overview
  • Software Agents Features
  • Software Agents Configuration
  • Hardware Agents Features and Configuration

Module 4: Tetration Secure Connector, Edge and Ingest Appliances

  • Tetration Secure Connector Overview
  • Tetration Secure Connector features and configuration
  • Tetration Edge Appliance Overview
  • Tetration Edge Appliance configuration
  • Tetration Ingest Appliance Overview
  • Tetration Ingest appliance features and configurations

Module 5: Cisco Tetration Flow Search

  • Understanding the Flow Corpus
  • Using Scopes to Filter Results
  • Searching with Conjunctions
  • Correlating Flow Data with Hosts and Processes
  • Leveraging Annotations

Module 6: Application Dependency Mapping

  • Application Management Workflow Cycle
  • Tetration Application Insight
  • ADM Process
  • ADM Run Results
  • Cluster Confidence

Module 7: Tetration Policy Analysis

  • Enable Policy Analysis
  • Live Policy Analysis
  • Backdated Policy Experiments
  • Quick Policy Analysis
  • Diagnosis Using Policy Analysis

Module 8: Cisco Tetration Analytics Policy Enforcement Overview

  • Policy Global Ordering & Conflict Resolution
  • Scope Priorities
  • Troubleshooting Policy Enforcement

Module 9: Using Tetration Forensics

  • Forensic Signals
  • Configuring Forensics
  • Forensics Visualization and Alerts
  • Forensics  Scoring
  • Network and Process Hash Anomaly Detection

Module 10: Tetration Apps and API

  • App Store
  • User Apps
  • Visualize Data Sources
  • Bring your own Data
  • OpenAPI

Lab Outline:

Discovery Lab 1: Cisco Tetration GUI Navigation

  • Task 1: Log in to the Tetration Cluster and Explore the Security Dashboard
  • Task 2: Explore the Visibility Dashboard
  • Task 3: Explore the Visibility Flow Search Options
  • Task 4: Explore the Visibility Inventory Search Options

Discovery Lab 2: Software Agent Installation

  • Task 1: Install the Tetration Software Agent for Linux
  • Task 2: Install the Tetration Software Agent for Windows
  • Task 3: Verify Agent Communication with the Tetration Cluster

Discovery Lab 3: Importing Context Data

  • Task 1: Upload User-Defined Annotations
  • Task 2: View User-Defined Annotations
  • Task 3: Search by User-Defined Annotations

Discovery Lab 4: Scopes

  • Task 1: Navigate Scopes
  • Task 2: Create a Scope
  • Task 3: Edit a Scope

Discovery Lab 5: Application Dependency Mapping with Agents

  • Task 1: Create an Application Workspace
  • Task 2: Examine Conversations
  • Task 3: Examine Endpoint Clusters
  • Task 4: Create an Application View

Discovery Lab 6: Implementing Policy

  • Task 1: Gather IP Address Information
  • Task 2: Create the Server Load Balancing Information File
  • Task 3: Create an Application Workspace
  • Task 4: Review Day 0 and Automated Policies

Discovery Lab 7: Policy Enforcement and Compliance

  • Task 1: Enable Policy Enforcement and Compliance
  • Task 2: Troubleshoot Policy Enforcement

Discovery Lab 8: Workload Security

  • Task 1: Review Packages and CVE Reports
  • Task 2: Review Policy Enforcement
  • Task 3: Review Rule Order and Efficiency

Discovery Lab 9: IT Operations

  • Task 1: Using Flow Search to Identify Most Active Endpoints
  • Task 2: Using Flow Search to Identify Rogue Communication in an Application
  • Task 3: Analyze Application Performance
  • Task 4: Using the Neighborhood App to Identify Paths, Communication Patterns and Traffic Behaviors Between Nodes

Discovery Lab 10: Secure Connector, Edge and Ingest Appliances

  • Task 1: Review Tetration Secure Connector configurations
  • Task 2: Review Tetration Edge and Ingest Appliance configurations and flow information