ExtraHop Adds Application-Level Visibility to Cisco Tetration

New Integration Brings ExtraHop Real-Time Network Traffic Analytics to Cisco Tetration Analytics to Rapidly Detect Advanced Security Threats Like Ransomware

LAS VEGAS & SEATTLE - June 26, 2017 – Today at CiscoLive, ExtraHop announced it has completed integration efforts with Cisco Tetration Analytics™, adding essential threat detection and security policy enforcement from the data center to the cloud to the edge.

Through this integration, ExtraHop and Cisco customers can now realize the benefits of network traffic analysis for security. By combining industry-leading behavioral analytics, machine learning, and application layer visibility, Cisco and ExtraHop now deliver the industry's most targeted, accurate, and rapid security policy enforcement, helping customers thwart major threats. Cisco and ExtraHop will demo the new integration during CiscoLive, June 25-29, 2017 in Las Vegas. Visit ExtraHop Booth 329 or the Cisco Solutions showcase to learn more.


Cisco Tetration provides security policy enforcement for zero-trust implementations, detecting anomalous network behavior and automatically triggering enforcement policies. ExtraHop adds a new layer of valuable context through real-time application-level visibility, revealing the specific activity behind abnormal traffic patterns. This integration delivers both powerful insight, as well as the ability to detect incidents including:

  • Brute Force Logins: With this new ExtraHop integration, Tetration users can now detect a spike in database traffic and determine whether the traffic spike is due to brute-force login attempts, along with the specific tables that are being queried. ExtraHop applies Tetration annotations to identify the clients and servers involved. Tetration then executes security policies to isolate at-risk clients and servers.
  • Ransomware: Tetration customers can now detect Ransomware attacks in real-time with the ExtraHop platform's deep analysis of CIFS traffic and then take action to stop it. When ExtraHop detects a Ransomware attack, Tetration annotations are applied to identify the compromised hosts, which are then instantly quarantined with the application of security policies.
  • Certificate and Cipher Audits: ExtraHop audits the network to identify rogue and expired certificates and weak ciphers, and applies Tetration annotations to identify affected servers so that users can take remedial action.

"The powerful combination of Cisco Tetration and ExtraHop provides customers with a high degree of network security and manageability," said Raja Mukerji, co-founder and Chief Customer Officer at ExtraHop. "IT and security operations teams now have the visibility they need to understand the who, the what, and the where, and automatically enforce crucial security policies based on that real-time insight."

To learn more about the power of ExtraHop and Cisco, visit our technology partner page: https://www.extrahop.com/company/tech-partners/cisco-systems/.

For more details on the integration, check out the datasheet.

About ExtraHop

ExtraHop is the leading provider of cloud-native network detection and response for the hybrid enterprise. With complete visibility, real-time threat detections, and automated investigation powered by cloud-scale machine learning, ExtraHop enables security teams at leading enterprises including Credit Suisse, The Home Depot, Caesars Entertainment, and Liberty Global to rise above the noise of alerts, organizational silos, and runaway technology in order to accelerate investigations, unify policies across hybrid environments, and build their security the way they're building their business: cloud-first. To experience the power of ExtraHop, explore our interactive online demo or connect with us on LinkedIn and Twitter.

© 2019 ExtraHop Networks, Inc., Reveal(x), and ExtraHop are registered trademarks or marks of ExtraHop Networks, Inc.

Press Contact

Mentha Benek

ExtraHop Networks