Compare Cisco Tetration Analytics to Illumio ASP

Illumio Adaptive Security Platform® (ASP) delivers live visibility and adaptive segmentation that works on anything (virtual machines, bare-metal, and containers), anywhere (data center, private or public cloud) by activating and centrally managing the native security controls in the workload. Illumio does this for the world’s largest, most demanding computing environments with no dependency on the network or hypervisor.

Capabilities

Capabilities

CISCO TETRATION ANALYTICS

ILLUMIO ASP

Primary Use Case

Analytics

VISIBILITY

Live visibility into application components, communications, and dependencies across any data center and cloud

+
+

Automatic generation of the application dependency map

x
+

Visibility aids the development and monitoring of micro-segmentation policy

+
+

Visualizes over 2000 concurrent workloads in an application dependency map

x
+

Real-time vulnerability map to understand potential attack paths and visualize which applications connect on vulnerable ports

x
+

Calculates exposure scores to quantify how many upstream workloads can potentially exploit vulnerabilites on any workload

x
+

Role-based views (e.g., by application owner, location)

+
+

Network performance monitoring

+
x

SEGMENTATION

Macro-segmentation (geo, environment, zone)

+
+

Micro-segmentation (application, application tier, workload)

+
+

Nano-segmentation (port/protocol, container)

+
+

Process-based segmentation for dynamic port applications (e.g., Domain Controller)

x
+

Encrypts data in transit between workloads

x
+

Automatically generates micro-segmenation policy to constrain or block vulnerabilities

x
+

SECURITY POLICY MODEL

Strict whitelist “zero trust” policy model

x
+

Automatic policy generation

+
+

Automatically generate policies for an application in just seconds

(takes 2 min - 12 hours)

+

Build and test policies before enforcement

+
+

Policy template library (e.g., Domain Controller, Sharepoint, etc.)

x
+

Any new workload from anywhere automatically inherit policy

x
+

Incorporates user identity in the security policy

x
+

Integrate with 3rd party vulnerability data for vulnerability-based security policy

+
+

SCALE & AVAILABILITY

Scales to 5,000 workloads (servers required for redundant policy controller)

(6 servers)

+

Scales to 10,000 workloads (servers required for redundant policy controller)

(36 servers)

+

Scales to 25,000 workloads (servers required for redundant policy controller)

(36 servers)

+

Scales greater than 25,000 workloads (servers required for redundant policy controller)

x
+

High availability and policy management across geographies

x
+

Illumio Free Trial