The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Organizations use the public cloud infrastructure to improve their business agility, responsiveness, and availability while reducing costs. Cisco Secure Cloud Analytics (formerly Stealthwatch Cloud) protects these benefits by providing visibility and effective, low-noise threat detection in your public cloud without inhibiting innovation. In as little as 10 minutes, you can deploy Secure Cloud Analytics and see security value in your Google Cloud Platform (GCP) environments.
Google VPC Flow Logs, which offers detailed flow-level metadata down to an individual virtual interface, is a powerful source of security insight. By itself, VPC Flow Logs provides transparency into all IP flows in a virtual private cloud network. However, VPC Flow Logs is also useful for flow analysis, such as entity modeling provided by Secure Cloud Analytics. By using this data source, Secure Cloud Analytics can easily instrument GCP environments, without customers deploying agents or software sensors, and provide high-fidelity threat detection.
VPC Flow Logs are similar to Cisco IOS NetFlow, but with additional features. VPC Flow Logs can track:
● Internal virtual port channel (VPC) traffic
● Flows between your VPC and on-premises deployments over both VPNs and Google Cloud Interconnects
● Flows between your VPC resources, such as servers and virtual appliances, and any Internet endpoint
● Flows between your VPC resources and any Google services
Secure Cloud Analytics has a simple and intuitive pricing model based on usage. It is priced based on the amount of flow log information that you send to us. In addition—and to your benefit—Secure Cloud Analytics optimizes the flow log data to reduce your costs. This usage based metric is called “Effective Mega Flows.”
For a better idea of what your costs could be, please sign up for a 60-day trial of entity modeling. This no-obligation trial is completely free and helps you see your exact costs based on actual VPC data usage.
Entity modeling with Google VPC Flow Logs
Secure Cloud Analytics uses entity modeling to help companies gain actionable security insight from flow metadata. Entity modeling uses flow data much in the same way a credit card company uses transaction data. The technology builds a model of normal activity from observed device behavior and uses this model to spot changes in behavior that may be due to misuse, malware, or compromise.
Instead of detecting threats based on signatures, Secure Cloud Analytics detects suspicious and malicious behavior. Ultimately, this allows you to focus your security resources on a very small number of deviations from normal patterns and activities identified by entity modeling. And it is available as a subscription service, so you don’t have to worry about capital expenditures and long-term financial commitments.
With Google VPC Flow Logs, gaining the security benefits of Secure Cloud Analytics in GCP environments has never been easier or quicker. Simply subscribe to our service and configure access to your VPC Flow Logs from within the Secure Cloud Analytics customer portal. It’s fast and easy. And after that initial setup, entity modeling will help you gain security awareness and stay ahead of potential adversaries.
Consider this example: A customer’s Google VPC is usually only accessed remotely from locations within the United States, but a user logs in from Europe. This is highly unusual and could represent a security risk. Secure Cloud Analytics would automatically alert the customer to this activity in near real time, allowing them to assess and respond to the threat before any significant damage is done.
To sign up for a free, 60-day trial visit https://www.cisco.com/go/secure-cloud-analytics