Cisco Secure Workload (CSW) extends beyond traditional workload protection to address zero trust across enterprises, including securing Internet of Things devices where agent deployment isn't feasible.
IoT ENVIRONMENT
CSW collects flow data from network switches connected to IoT devices for platform analysis. In environments with custom operating systems that prevent agent installation, switches can mirror traffic to CSW. Cisco environments typically use Encapsulated Remote Switched Port Analyzer (ERSPAN) to deliver traffic for analysis.
CSW processes data through AI/ML algorithms to identify all flows to and from IoT endpoints. While CSW doesn't enforce policy in this scenario, it provides data visibility and generates policy templates for deployment to enforcement points like Nexus 9K fabrics, firewalls, or Access Control Lists. Full micro segmentation becomes possible without agent installation.
AUTOMATION
BTA leverages CSW's API to automate policy analysis and development processes, reducing implementation time and resource requirements.
WE MAKE IT S.I.M.P.L.E.
Historically, manual policy discovery and deployment required 9-24 months. CSW with complete flow header collection and AI/ML analysis, combined with BTA's S.I.M.P.L.E. methodology, delivers enforcement in weeks. The approach establishes clear requirements, defined deliverables, and repeatable processes to reduce time to value and attack surface exposure.