Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
2219
Views
0
Helpful
1
Comments

Episode 54 - A Discussion on Cisco Encrypted Traffic Analytics (ETA) with the Experts

Kevin Klous
Cisco Employee
Cisco Employee

on ‎07-31-2018 11:40 AM - edited on ‎02-24-2020 07:36 PM by Level 9

Show Name: 

A Discussion on Cisco Encrypted Traffic Analytics (ETA) with the Experts

 

Contributors: 

Kevin Klous, Technical Leader, Cisco

David White Jr., Principal Engineer, Cisco
Matt Robertson, Principal Technical Marketing Engineer, Cisco
Darrin Miller. Distinguished Technical Marketing Engineer, Cisco

 

Posting Date:  

August 2018

 

Description: 

In the Cisco Live US 2018 speaker room: The podcast team steals a few minutes from Cisco ETA and Stealthwatch experts Matt Robertson and Darrin Miller to discuss the basics of the technology and how it is helping organizations in detecting malicious content in network traffic as it increasingly goes dark (becomes encrypted).

 

Listen Now    (MP3 60 MB; 25:02 mins)

 Subscribe to the Podcast in iTunes by clicking the image below:

button_itunes.gifrss.gif

Quotes from the Pros:

"The reality is that the networks are encrypted and threats are actually happening in those environments. We need to be able to detect threats inside of encrypted traffic. It's not really scalable to do inline decryption on everything. That's what the ETA solution was designed to do--[answer] how do we detect threats without decrypting traffic?" - Matt Robertson, Principal Technical Marketing Engineer, Cisco

 

"Every security architect I deal with is always saying, 'How do I turn something into an actionable event?'. That is what I really think ETA inside of Stealthwatch does...it allows us to turn all this data into actionable events." - Darrin Miller, Distinguished Technical Marketing Engineer, Cisco

Show Notes 

How ETA works: 3 Major Components

 

1. Netflow Enhancements to carry additional markers to aid in malicious traffic detection
2. Cisco Stealthwatch Enterprise - Collector, aggregator, and analyzer of network telemetry (Netflow data)
3. Cloud-hosted analytics engine. Multi-layer machine learning engine that leverages the global risk map and correlates with your organization and how it interacts with those risks.

 

Products Mentioned:

 

Encrypted Traffic Analytics (ETA)

https://www.cisco.com/c/en/us/solutions/enterprise-networks/enterprise-network-security/eta.html

 

At-a-glance:

https://www.cisco.com/c/dam/en/us/solutions/collateral/enterprise-networks/enterprise-network-security/at-a-glance-c45-740079.pdf

 

Stealthwatch Enterprise

https://www.cisco.com/c/en/us/products/security/stealthwatch/index.html

 

Cisco Stealthwatch and Cisco ISE At-a-Glance

https://www.cisco.com/c/dam/en/us/products/collateral/security/stealthwatch/ise-stealthwatch-aag.pdf

0 Helpful
Comments
zmcintosh
Level 1
Level 1
‎08-13-2018 06:13 AM

This is great!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents