Deep visibility of cloud by Gigamon

By | January 13, 2018
0 Comment

A couple months ago I had a pleasure and honor to attend at the Cloud Field Day 2. One of presenting companies was Gigamon which showed their solutions for public/hybrid cloud. Gigamon was founded in 2004 and their products are physical and virtual network visibility technologies such as network TAP (Terminal Access Point, an external monitoring device that mirrors the traffic that is passing between network nodes), traffic manipulation applications and visibility fabric nodes.

The first time I heard about Gigamon when I was researching products on visibility for VMware workloads (integration with NSX). GigaSMART features such as Adaptive Packet Filtering (filtering and monitoring traffic at virtual network level), Header Stripping (decapsulating VXLAN traffic), SSL/TLS decryption or Masking (hiding private data) provide deep visibility and security in virtual environment. The same features can be used when data is moving from one place to another (data in motion) specially entering, traversing or leaving the cloud. Gigamon Visibility Platform allows protecting and monitoring workloads by existing security operations:

  • Intrusion Detection (IDS)
  • Advanced Threat Detection (ATD)
  • Data Loss Prevention (DLP)
  • Forensics and SIEM

Gigamon Visibility Platform for AWS

During CFD2, Sesh Sayani, Director of Product Management presented Gigamon Visibility Platform for Amazon Web Services (AWS). This solution is based on below components:

  • G-vTAP agents (offered as a Debian or Redhat Package Manager (RPM) package) deployed on EC2 instances that mirror traffic (using GRE or VXLAN tunneling) to the V Series nodes and providing possibility to "aggregate" functions and removing multi-agents requirement (when various security tools are used).
  • GigaVUE V Series for traffic aggregation, intelligence and distribution.
  • G-vTAP Controller manages multiple G-vTAP agents and orchestrates the flow of mirrored traffic to GigaVUE V Series nodes.
  • GigaVUE Fabric Manager (GigaVUE-FM) for centralized orchestration and management - single-pane-of-glass visualization of the Gigamon Visibility Platform deployed across the enterprise, not only AWS but on-premises, private, and hybrid cloud.

Deep visibility of hybrid cloud by Gigamon

The Visibility Platform for AWS provides a consistent way to access network traffic within and across VPCs.There are two types of deployment:

  • Single VPC - G-vTAP Controllers, GigaVUE V Series Controllers, GigaVUE V Series nodes and GigaVUE-FM configured in the same VPC as the monitoring tools.

Deep visibility of hybrid cloud by Gigamon - single vpc

  • Multiple VPCs - G-vTAP Controllers, GigaVUE V Series Controllers, and GigaVUE V Series nodes configured within each availability zone, and in multiple VPCs.

Deep visibility of hybrid cloud by Gigamon - multi vpcAdditionally, in hybrid cloud deplyments the Gigamon Visibility Platform for AWS distributes the aggregated and optimized traffic from VPCs to the on-premise monitoring tools through a tunnel over the existing VPN connections.

To see demo, please watch below video:

Summary

Security has been always one of the most important field in IT. Nowadays as there is "cloud time", the solutions and tools to manage, monitor and protect data in motion across the entire enterprise: on-premise, public, private, or hybrid clouds are necessary and Gigamon Visibility Platform addresses these opportunities.

Useful resources

Gigamon Visibility Platform for AWS

Gigamon Remakes Itself For Cloud by Justin Warren

Product Brief - GigaVUE-FM

Product Brief - GigaSmart