At a Cisco Live! event today, ExtraHop, a provider of appliances that gather data about network traffic at wire speed, announced it has integrated its appliances with the Cisco Tetration Analytics application.
Matt Cauthorn, vice president of systems engineering for ExtraHop, says the alliance makes it possible for Tetration, which is based on an instance of the Apache Spark in-memory computing framework, to analyze network data in real time by accessing data fed to it by ExtraHop appliances.
Cauthorn says tools such as Cisco Tetration and ExtraHop appliances are making it feasible for mere mortals to manage massively distributed enterprise networks.
“We’re reversing the polarity of a superhuman task,” says Cauthorn.https://o1.qnsr.com/log/p.gif?;n=203;c=204663295;s=11915;x=7936;f=201904081034270;u=j;z=TIMESTAMP;a=20410779;e=i
In addition, Cauthorn notes that via ExtraHop integration, Cisco Tetration will be able to identify everything from spikes in database usage indicative of a brute-force cybersecurity attack to identifying systems that have been compromised by ransomware.
Both Cisco and ExtraHop have separate machine learning algorithm initiatives under way as well. Cisco is developing machine learning algorithms around a new class of switches, while ExtraHop has previously announced an ExtraHop Addy cloud service that employs machine learning algorithms to analyze network traffic. Cauthorn says ExtraHop will pursue similar alliances with other vendors that have developed analytics applications that can benefit from wire data versus simply analyzing network packets.
It may take a while for all these advanced analytics applications to permeate the enterprise. But the one thing that is for certain is that the days when IT professionals spent time manually combing through network logs to figure out when, how and why something inexplicable occurred will soon come to a merciful end.