Gigamon U - You Will See, Content Monitoring, Alerting, and Forensic Analysis


Published on

Reconnex is the leader in information monitoring and protection appliances designed for any organization, including enterprises, government agencies or education institutions that want to protect their brands, maintain compliance, or protect sensitive information. A privately-held company based in Silicon Valley, Calif., Reconnex protects information for companies such as Cadence, WebEx Communications, The George Washington University, SIRVA and Maimonides Medical Center.

Published in: Business, Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Gigamon U - You Will See, Content Monitoring, Alerting, and Forensic Analysis

  1. 1. Ratinder Paul Singh Ahuja, Ph.D C.O.O & C.T.O 05/02/06 Reconnex Confidential
  2. 2. Reconnex performs content monitoring, alerting, and forensic analysis Switch The Reconnex iGuard Competitive Advantage • IP theft • Defensibility of Trade Secrets • Competitive Intelligence Critical Corporate Compliance Information Governance Security • • • “Insider” Threats SOX SB1386 • Workplace Safety • • Forensics GLBA • Appropriate Use of • • Social Engineering HIPAA Corporate Resources 05/02/06 Reconnex Confidential
  3. 3. Traditional Bottom UP Approach • Firewalls/antivir us • Network intrusion Communication detection/protec tion Protocols • Network flow tools Ports • limited session Bits reconstruction 05/02/06 Reconnex Confidential
  4. 4. The Bottom Up View: Bytes, Ports and Protocols 05/02/06 Reconnex Confidential
  5. 5. More Bottom Up 05/02/06 Reconnex Confidential
  6. 6. New Approach: Top Down WORD JPG GIF BMP TIFF C++ Objects, document & applications Communication Protocols Ports Bits 05/02/06 Reconnex Confidential
  7. 7. What Can You See? Over 150 content types Microsoft PowerPoint E-Mail Microsoft Excel Proprietary Schematics Format India Romania Source code Confidential Documents Offshore Development 05/02/06 Reconnex Confidential
  8. 8. Reconnex has the ONLY Solution That Addresses the Known and Unknown Threats The Reconnex iController Executive Team Finance Gigabit Databases The Reconnex Ethernet or Repositories Sales iManager Off-Shore Integration Points InfoSec/IT • SIM • Storage • AD/LDAP Switch • URL Filtering or Tap Signature • Web & Mail Proxies Match Rule “Reconnex’s forensics Match capabilities are a key piece of my compliance policy.” The Reconnex iGuard — Detect — Remediate Register — Report 05/02/06 Reconnex Confidential
  9. 9. Reconnex Surveillance Types • General Surveillance of all content, documents and communications • Document/Date/Time/Size/Watermarks/Sender/Recipient … • Targeted Surveillance, powered by Reconnex Document Registration • Exact or Generic Phrases/Individuals… • “A Unique Solution to the Problem of False Positives” • Can be operated on an ad hoc or scheduled basis CONFIDENTIAL - All Rights ReservedReconnex Confidential
  10. 10. What does Reconnex iGuard do? • Captures, classifies and stores in real time all content going in or out of a network • Alerts are generated for policy violations in real time • Allows for forensic searches over captured content for issues that you may become aware of in the future Gigabit network 05/02/06 Reconnex Confidential
  11. 11. The Reconnex Difference Real-Time End User Alerts Inbound capture(?) RCPE Network Traffic Rule Creator Outbound capture Content Historical Forensic Summarization Content Investigator Look Up Table (RFS) 05/02/06 Reconnex Confidential
  12. 12. Why don’t other products do this? !!Because it’s HARD!! Content Historical Summarization Content Look Up Table (RFS) Forensic Investigator 05/02/06 Reconnex Confidential
  13. 13. Easy to use Browser based access 05/02/06 Reconnex Confidential
  14. 14. Drill down to actual content 05/02/06 Reconnex Confidential
  15. 15. Moments of Revelation from “Top Down” Work with Reconnex CONFIDENTIAL - All Rights ReservedReconnex Confidential
  16. 16. 05/02/06 Reconnex Confidential