Gigamon introduced its "GigaSECURE" Security Delivery Platform for providing pervasive visibility of network traffic, users, applications and suspicious activity, and then delivering it to multiple security devices simultaneously without impacting network availability.
The idea is to counter Advanced Persistent Threats (APTs) by leveraging a traffic visibility fabric to extract scalable metadata across a network, including cloud and virtual environments, and thereby empower third party security applications. This enables improved forensics and the isolation of applications for targeted inspection. The company also said its solution is also able to deliver visibility to encrypted traffic for threat detection. The architecture supports inline and out-of-band security device deployments.
Gigamon's GigaSECURE is comprised of scalable hardware and software elements:
- Infrastructure-wide reach via GigaVUE-VM and GigaVUE nodes;
- High-fidelity, un-sampled Netflow/IPFIX generation;
- Application Session Filtering;
- SSL decryption; and
- Inline bypass capabilities.
Gigamon also highlighted its Application Session Filtering (ASF), a new, patent-pending GigaSMART application that can identifies applications based on signature or patterns that appear within a packet or packets. Once positively identified, ASF extracts the entire session corresponding to the matched application flow from the initial packet to the last packet of the flow, even if the match occurs well after the first packet. This allows an administrator to forward specific “traffic of interest” to security appliances thereby optimizing their operational efficiency and improving overall performance.
The GigaSECURE platform already supports a broad ecosystem of security partners and their respective security functions, including:
Advanced Malware Protection: Check Point, Cisco, Cyphort, FireEye and Lastline;
Behavior Analytics: Damballa, Lancope, LightCyber and Niara;
Forensics/Analytics: ExtraHop, PinDrop, RSA and Savvius;
IPS: Check Point and Cisco;
NGFW: Check Point, Cisco, Fortinet and Palo Alto Networks;
Secure Email Gateways: Cisco;
SIEMs: LogRythm and RSA;
WAFs: Imperva.
https://www.gigamon.com/
Gigamon's Shehzad Merchant: Intersection of Open and Security
By disaggregating the networking stack, you are, in principle, opening up new attack vectors across multiple surfaces. On the other hand, there will be a much broader ecosystem moving much quicker to address vulnerabilities.
This 9-minute sponsored video covers (1) whether the many open networking projects help or hurt the case for better network security (2) the overlapping trands of virtualization and higher networking speeds (3) security as the use case for SDN (4) redefining security boundaries with SDN
http://open.convergedigest.com/2015/05/gigamon.html
Automating Visibility inside the Cisco Live Network with Gigamon and JDSU
The Cisco Live Network and its state-of-the-art network operations center serve all of the attendees of Cisco's big annual event. Equipment must be deployed rapidly. As soon as the show begins, the network supports tens of thousands of clients and pushes terabytes of data to the Internet.This video takes a look at the Cisco Live Network and the use of Gigamon's new software-defined visibility, which leverages APIs to make real-times changes in the types of data under analysis. Software-defined visibility allows the NOC to change the nature of the visibility fabric to provide only the type data needed by the testing tools in real-time. In addition, the video features a live use-case presented by JDSU covering software-defined visibility and their tools.
Presented by Andy Huckridge, Director of Service Provider Solutions at Gigamon; Joe Clarke, Distinguished Engineer at Cisco; and Charles Thompson, Senior Director, Product Line Management, at JDSU.
See video: https://youtu.be/giYXwy2thlQ
