SlideShare a Scribd company logo

Gigamon - Network Visibility Solutions

Tom Kopko
Tom Kopko
1 of 5
Download to read offline
1 Active Visibility for Multi-Tiered Security // Solutions Overview Copyright © 2014 Gigamon. All rights reserved. Introduction Cyber threats are becoming ever more sophisticated and prevalent. Traditional security approaches such as firewalls and anti-virus protection are not equipped to mitigate and manage modern security threats and risks on their own. Fortunately, security tools are also becoming more sophisticated. The latest generation firewalls, intrusion prevention and detection systems, malware protection appliances, data loss prevention devices, and other security tools have risen to tackle advanced, complex threats. The struggle information security officers often face is not which tools to deploy, but how to deploy them. Overview of Multi-tiered Security Multi-tiered security is about not relying on silver bullets and point solutions. It assumes that intruders will get in and acknowledges that guarding the gate is not enough. It means taking a zero-trust stance and applying security monitoring and best practices throughout the network and for all traffic. Broadly speaking, the tiers are: • Out-of-band Tools—These tools receive packets from SPAN and TAP ports and analyze the sessions and payloads for threats. The tools can look at traffic in great detail but only have a partial view of the traffic depending on where and how they are deployed. Examples include intrusion detection, data loss prevention, and malware detection systems. • Inline Tools—Integrated into the production network, inline tools analyze packets as they pass through. These tools can immediately block suspicious traffic as it comes in rather than waiting for administrative action. Many such tools can operate either out-of-band or inline. Examples include intrusion protection systems, web application firewalls, and tools designed to defend against malware or denial of service attacks. • Flow-based Analytics—Security analytics and heuristics use NetFlow and related technologies to go beyond signature identification to discover new threats and catch behaviors that may be invisible at the packet level. • Regulatory Compliance—Rigorous regulatory standards imposed by PCI-DSS and other government mandates such as HIPAA, SOX, and the GLB Act make maintaining user privacy and compliance a challenge. It is not enough to be compliant—you must also be able to prove your compliance during an audit. Gigamon not only provides security tools the visibility they need, but also improves their performance and resiliency while helping to reduce troubleshooting times and accelerating the return on investment (ROI). Security Challenges Deploying a multi-tiered security platform can include the following challenges: • SPAN port contention and bandwidth thresholds limit visibility • Encrypted and cloud traffic cannot be monitored • Inline security tools introduce points-of-failure for the network • Security monitoring may not keep up with growing network speeds and the number of users and applications • NetFlow generation may not be enabled or even available on the production switches and routers • Network security and application performance can often conflict • Budget constraints prevent the deployment of best-of- breed solutions
2 Active Visibility for Multi-Tiered Security // Solutions Overview Copyright © 2014 Gigamon. All rights reserved. Steps to Active Visibility for Multi-tiered Security Multi-tiered, zero-trust security requires a platform with the flexibility and scalability to adapt as IT infrastructure and threats evolve. The following steps identify the key elements to building end-to-end visibility that can help maximize the effectiveness of a multi-tiered security approach and illustrate how you can achieve this by leveraging the Gigamon Visibility Fabric™ architecture. SPAN ports should be used only when necessary. SPAN ports are the lowest priority for production elements and traffic can be throttled down to a fraction of its true state. This results in an inaccurate view to what is happening on the network and opens up the potential for threats to go unnoticed. Security tools are often completely blind to threats within the virtual world. Tapping traffic flowing to, from, or between virtual machines is critical to ensuring security for the private or public cloud. Especially for inter-VM traffic, tapping only at the physical layer does not provide full coverage. GigaVUE-VM ties into the hypervisor and virtual switch to not only tap virtual traffic, but also select which traffic is forwarded to the Visibility Fabric. Step 2 – Connect Links to a Visibility Fabric Sitting between the IT infrastructure and the security and monitoring tools that need the access to data, the Gigamon Visibility Fabric nodes provide an extensible and elastic platform to technological and network evolution. The Visibility Fabric consists of one or more visibility nodes which receive traffic from network TAPs and SPANs. Once within the fabric, the traffic can be forwarded to any out-of-band tools regardless of where they are physically connected. This provides a flexible, extensible platform on which to build multi-tiered security. As the state of the art of security monitoring advances and network speeds accelerate, new tools can be added and existing tools can be upgraded seamlessly, without network disruption. With the Visibility Fabric, you can aggregate, filter, replicate, and intelligently modify traffic to your security tools. Gigamon uses its patented Flow Mapping® technology to selectively forward traffic to specific tools without dropping traffic that other tools need to analyze. After all the tool-specific traffic has been forwarded, a collector map will forward all the remaining traffic to a generic monitoring system or storage device, eliminating security blind spots. Flow Mapping also works for inline tools, defining different traffic profiles for different tools such that each only has to process packets of the type of traffic they want. Traffic that is known to be secure can bypass the inline tools entirely and/or be sent in parallel to out-of-band tools such as an IDS. This application awareness not only improves efficiency, but also improves application performance for traffic that does not need inspection. Step 1 – TAP All Critical Links Security begins with visibility and visibility begins by tapping the network. By tapping multiple places in the network and supplementing with SPAN ports, you can gain visibility to one-hundred percent of the traffic. TAPs can be deployed at dozens or hundreds of points in the network with zero impact on network or application performance. Optical TAPs are completely passive, require no power, and do not require management. Even high-speed networks with 40G bidirectional links can be tapped and monitored. 1Gb and 10Gb copper connections can also be tapped with active, managed devices.
3 Active Visibility for Multi-Tiered Security // Solutions Overview Copyright © 2014 Gigamon. All rights reserved. Advantages of the Visibility Fabric include: • Instant and pervasive visibility across the network, including physical to virtual environments • Reduce expenses by simplifying operations and centralizing monitoring • Eliminate contention among tools and IT departments for access to data • Optimize security tool performance for greater ROI Step 3 – Connect Inline Security Tools Inline tools from simple firewalls to advanced Intrusion Prevention Systems (IPS) are vital to any multi-tiered security solution. Naturally, any inline deployment represents a potential point of failure, but these risks can be mitigated through bypass technology. Physical bypass protection refers to the ability to fail to wire, allowing network traffic to flow in the event of a power failure. Logical bypass protection is the ability to detect the failure of an inline tool and bypass the tool (uninspected) or bring down the network link to allow failover to a redundant path. Bidirectional heartbeat packets are inserted into the traffic stream to verify continued tool health. Should the heartbeat be lost or the link lost to the inline tool, the bypass action is taken. When monitoring networks with redundant paths, inline tools can be shared between the paths or deployed independently. Network link state propagation ensures that downstream or upstream link state can be translated across the inline bypass and network failover can occur. Inline tools also represent a potential network bottleneck. Scaling inline inspection requires distributing traffic across multiple inline tools so that they share the load and can handle higher network speeds. When a tool goes down, the traffic can be redistributed to the remaining tools providing continued traffic inspection. Alternatively, a standby tool can be used for N+1 redundancy. Different inline tools can be sent different types of traffic, allowing tools to be optimized for specific applications. Trusted traffic can bypass the inline tool entirely, minimizing latency and improving performance. Inline tools that need to inspect the same traffic can be configured in a serial fashion. In the event that one tool goes down, traffic can be bypassed to the next tool in series. Thus, multiple points of failure are consolidated and protected, making the network more secure and more robust. Multiple network links, whether part of a link aggregated group or independent segments, can be aggregated and protected by the same tools while maintaining data path integrity and without any cross-traffic. This optimizes usage of inline tool investment and maximizes security for lower-speed links. In order to be more responsive to detected threats, many out-of-band security tools which used to passively monitor traffic are moving to inline deployments. It is often useful to first install, configure, and optimize a tool out-of-band before bringing it inline. This can be done simply with a software setting rather than having to rewire and reconfigure. Because the inline tools are not connected directly to the production network, tools can be added, upgraded, or removed with little to no disruption of production traffic. Alerts sent from the Visibility Fabric when a bypass action is taken allows for timely and orderly maintenance rather than triggering an emergency escalation. Step 4 – Connect Out-of-Band Security Tools The majority of security tools operate out-of-band, passively monitoring the network for threats and sending alerts when action is required. Multi-tiered security requires that security tools have access to all the traffic though the Visibility Fabric. Malicious payloads that get past sentries at the perimeter can be detected in the core or when they move to different hosts in an effort to conceal their location. Tools can selectively choose which traffic to monitor and ignore the rest, but simply making that choice uses up CPU cycles. A security tool that specializes in monitoring emails for threats, for example, does not need to see any non-email traffic. At the same time, tools geared towards web applications or database monitoring will want to see that traffic but not emails. Flow Mapping forwards specific traffic to one or more tools based on user-defined map rules. Out-of-band tools can also supplement inline tools by inspecting a copy of the traffic sent to, or received from, the inline tools. Intrusion detection can take place in parallel with intrusion prevention. In addition, out-of-band traffic can be distributed across multiple out-of-band tools to share the load and achieve full security visibility.
4 Active Visibility for Multi-Tiered Security // Solutions Overview Copyright © 2014 Gigamon. All rights reserved. Figure 1: Multi-tiered security supported by Gigamon’s Visibility Fabric architecture Step 5 – Leverage GigaSMART® Traffic Intelligence GigaSMART technology extends the intelligence and value of the Gigamon Visibility Fabric architecture by expanding visibility, generating NetFlow data, improving tool performance, and protecting privacy while easing regulatory compliance. Any traffic bound for out-of-band monitoring tools can benefit from GigaSMART intelligence regardless of where it entered the Visibility Fabric. • SSL Decryption—Encrypted traffic can be a sizable portion of the traffic on the network, yet most tools are either unable to decrypt and monitor encrypted traffic or take a severe throughput penalty in doing so. Furthermore, malware can hide its activities within encrypted sessions. GigaSMART has the power to decrypt packets and send clear traffic to out-of-band monitoring tools. • Header Stripping—Traffic encapsulated in protocols such as VXLAN or Cisco FabricPath can vex monitoring tools or use precious processing resources. GigaSMART can strip off those headers before sending the packets to the tools. • Tunneling—Security tools are often too costly to deploy at remote sites, leaving them vulnerable to attacks or data loss. GigaSMART can tunnel traffic from remote sites back to the tools in the main data center where it can be inspected. • NetFlow Generation—GigaSMART can offload NetFlow generation from the production network and send the data to multiple collectors. It does this without traffic sampling so flow-based security tools get the most complete and clear picture possible. • De-duplication—Duplicate packets waste resources and processing power. By removing duplicates from the traffic stream before sending them to the tools, GigaSMART improves the performance and scalability of security monitoring. • Load Balancing—Distributing traffic to multiple tools without GigaSMART maintains sessions, but does not always result in an even balance of traffic across tools. GigaSMART load balancing can take bandwidth, connections, and weighting into account.
Active Visibility for Multi-Tiered Security // Solutions Overview Copyright © 2014 Gigamon. All rights reserved. Gigamon and the Gigamon logo are trademarks of Gigamon in the United States and/or other countries. Gigamon trademarks can be found at www.gigamon.com/legal-trademarks. All other trademarks are the trademarks of their respective owners. Gigamon reserves the right to change, modify, transfer, or otherwise revise this publication without notice. Gigamon® | 3300 Olcott Street Santa Clara, CA 95054 | PH +1 (408) 831-4000 | www.gigamon.com 3127-02 10/14 • Adaptive Packet Filtering— GigaSMART provides traffic forwarding decisions based on inner and outer packet headers as well as Layer 7 and payload data. This allows security tools to focus on specific applications even if they are using the same IP addresses and TCP ports. • Packet Slicing and Masking—Private and sensitive information contained within packets can be a regulatory headache. By removing that data before sending packets to the tools, GigaSMART removes worries over data storage and compliance audits. These applications can be combined and/or applied to different traffic profiles to maximize security coverage. For example, SSL traffic can be decrypted and then masked to keep private data secure. Or NetFlow can be generated from traffic before or after encapsulation headers have been removed. Step 6 – Add Non-Security Tools to Maximize ROI Once in place, the Visibility Fabric can also provide traffic to non-security tools, including application and network performance, user experience, and business services monitoring. Because traffic can be replicated to multiple tools, security and non-security monitoring can inspect the same packets without having to contend for the same SPAN ports. Non-security tools can be added, removed, and upgraded without impacting security monitoring or leaving the network vulnerable. These tools also benefit from expanded visibility across the network, into the cloud, and within encrypted sessions and encapsulated packets. Providing visibility to multiple business units and improving tool performance while detecting and mitigating more threats can provide an immediate return on investment. Summary The changing threat landscape and evolving network infrastructure are forcing organizations to fundamentally rethink their approach to security in order to keep advanced threats at bay. Security teams are turning to multi-tiered deployments, leveraging the latest threat intelligence tools to protect their network. However, these tools are only as effective as the information they see. The ability to scrutinize through the deluge of Big Data from across the network in real time is vital to identifying and mitigating today’s and tomorrow’s threats. Gigamon’s Visibility Fabric offers a comprehensive and sophisticated security services delivery platform. It provides scalability while improving resiliency, simplifying management, and enabling the deployment of best-of-breed solutions. Gigamon works with security tools to increase their field of vision, improve their performance, support resiliency, reduce troubleshooting times, and accelerate return on investment. The Gigamon Visibility Fabric provides the platform for end-to-end visibility coupled with traffic intelligence that is needed to efficiently manage risks and address threats in this ever- evolving threat and network environment. About Gigamon Gigamon provides an intelligent Traffic Visibility Fabric for enterprises, data centers and service providers around the globe. Our technology empowers infrastructure architects, managers and operators with pervasive visibility and control of traffic across both physical and virtual environments without affecting the performance or stability of the production network. Through patented technologies and centralized management, the Gigamon GigaVUE portfolio of high availability and high density products intelligently delivers the appropriate network traffic to security, monitoring or management systems. With over eight years’ experience designing and building traffic visibility products in the US, Gigamon solutions are deployed globally across vertical markets including over half of the Fortune 100 and many government and federal agencies. For more information about our Gigamon products visit: www.gigamon.com

Recommended

Next generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsNext generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsAnthony Daniel
 
Why Its time to Upgrade a Next-Generation Firewall
Why Its time to Upgrade a Next-Generation FirewallWhy Its time to Upgrade a Next-Generation Firewall
Why Its time to Upgrade a Next-Generation FirewallAli Kapucu
 
Physical/Network Access Control
Physical/Network Access ControlPhysical/Network Access Control
Physical/Network Access Controljwpiccininni
 
NAC Solution Taarak
NAC Solution TaarakNAC Solution Taarak
NAC Solution TaarakMohit8780
 
Throughwave Day 2015 - ForeScout Automated Security Control
Throughwave Day 2015 - ForeScout Automated Security ControlThroughwave Day 2015 - ForeScout Automated Security Control
Throughwave Day 2015 - ForeScout Automated Security ControlAruj Thirawat
 
Traditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation FirewallTraditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation Firewall美兰 曾
 
DSS ITSEC Conference 2012 - Forescout NAC #1
DSS ITSEC Conference 2012 - Forescout NAC #1DSS ITSEC Conference 2012 - Forescout NAC #1
DSS ITSEC Conference 2012 - Forescout NAC #1Andris Soroka
 
Nac market
Nac marketNac market
Nac marketSumit Bhat
 

Recommended

Next generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsNext generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsAnthony Daniel
 
Why Its time to Upgrade a Next-Generation Firewall
Why Its time to Upgrade a Next-Generation FirewallWhy Its time to Upgrade a Next-Generation Firewall
Why Its time to Upgrade a Next-Generation FirewallAli Kapucu
 
Physical/Network Access Control
Physical/Network Access ControlPhysical/Network Access Control
Physical/Network Access Controljwpiccininni
 
NAC Solution Taarak
NAC Solution TaarakNAC Solution Taarak
NAC Solution TaarakMohit8780
 
Throughwave Day 2015 - ForeScout Automated Security Control
Throughwave Day 2015 - ForeScout Automated Security ControlThroughwave Day 2015 - ForeScout Automated Security Control
Throughwave Day 2015 - ForeScout Automated Security ControlAruj Thirawat
 
Traditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation FirewallTraditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation Firewall美兰 曾
 
DSS ITSEC Conference 2012 - Forescout NAC #1
DSS ITSEC Conference 2012 - Forescout NAC #1DSS ITSEC Conference 2012 - Forescout NAC #1
DSS ITSEC Conference 2012 - Forescout NAC #1Andris Soroka
 
Nac market
Nac marketNac market
Nac marketSumit Bhat
 
Network Access Control (NAC)
Network Access Control (NAC)Network Access Control (NAC)
Network Access Control (NAC)Forescout Technologies Inc
 
Sangfor ngfw 修订版
Sangfor ngfw 修订版Sangfor ngfw 修订版
Sangfor ngfw 修订版Ploynatcha Akkaraputtipat
 
UTM Unified Threat Management
UTM Unified Threat ManagementUTM Unified Threat Management
UTM Unified Threat ManagementLokesh Sharma
 
Symantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security SolutionSymantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security SolutionDLT Solutions
 
DSS ITSEC 2012 ForeScout Technical RIGA
DSS ITSEC 2012 ForeScout Technical RIGADSS ITSEC 2012 ForeScout Technical RIGA
DSS ITSEC 2012 ForeScout Technical RIGAAndris Soroka
 
Euro mGov Securing Mobile Services
Euro mGov Securing Mobile ServicesEuro mGov Securing Mobile Services
Euro mGov Securing Mobile ServicesMiguel Ponce de Leon @ TSSG / Waterford Institute of Technology
 
Network Access Control as a Network Security Solution
Network Access Control as a Network Security SolutionNetwork Access Control as a Network Security Solution
Network Access Control as a Network Security SolutionConor Ryan
 
Cloud Security - Made simple
Cloud Security - Made simpleCloud Security - Made simple
Cloud Security - Made simpleSameer Paradia
 
TACTiCS_WP Security_Addressing Security in SDN Environment
TACTiCS_WP Security_Addressing Security in SDN EnvironmentTACTiCS_WP Security_Addressing Security in SDN Environment
TACTiCS_WP Security_Addressing Security in SDN EnvironmentSaikat Chaudhuri
 
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)Andris Soroka
 
Defending Industrial Control Systems From Cyberattack
Defending Industrial Control Systems From CyberattackDefending Industrial Control Systems From Cyberattack
Defending Industrial Control Systems From CyberattackMountain States Engineering and Controls
 
What is NAC
What is NACWhat is NAC
What is NACIsrael Marcus
 
Network Control Access for Non-IT Professionals
Network Control Access for Non-IT ProfessionalsNetwork Control Access for Non-IT Professionals
Network Control Access for Non-IT ProfessionalsIncheon Park
 
Mobile slide
Mobile slideMobile slide
Mobile slideAman singh
 
Intrusion preventionintrusion detection
Intrusion preventionintrusion detectionIntrusion preventionintrusion detection
Intrusion preventionintrusion detectionIJCNCJournal
 
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...Shakeel Ali
 
Wireless Networking
Wireless NetworkingWireless Networking
Wireless NetworkingGulshanAra14
 
firewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptxfirewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptxShreyaBanerjee52
 
Deploying Network Taps for Improved Security
Deploying Network Taps for Improved SecurityDeploying Network Taps for Improved Security
Deploying Network Taps for Improved SecurityDatacomsystemsinc
 
A Complete Guide To Firewall How To Build A Secure Networking System.pptx
A Complete Guide To Firewall How To Build A Secure Networking System.pptxA Complete Guide To Firewall How To Build A Secure Networking System.pptx
A Complete Guide To Firewall How To Build A Secure Networking System.pptxBluechipComputerSyst
 
PACE-IT, Security+1.1: Introduction to Network Devices (part 2)
PACE-IT, Security+1.1: Introduction to Network Devices (part 2)PACE-IT, Security+1.1: Introduction to Network Devices (part 2)
PACE-IT, Security+1.1: Introduction to Network Devices (part 2)Pace IT at Edmonds Community College
 
Enhance Your Network Security with NGFW Firewall Solutions by SecurityGen
Enhance Your Network Security with NGFW Firewall Solutions by SecurityGenEnhance Your Network Security with NGFW Firewall Solutions by SecurityGen
Enhance Your Network Security with NGFW Firewall Solutions by SecurityGenSecurityGen1
 

More Related Content

What's hot

UTM Unified Threat Management
UTM Unified Threat ManagementUTM Unified Threat Management
UTM Unified Threat ManagementLokesh Sharma
 
Symantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security SolutionSymantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security SolutionDLT Solutions
 
DSS ITSEC 2012 ForeScout Technical RIGA
DSS ITSEC 2012 ForeScout Technical RIGADSS ITSEC 2012 ForeScout Technical RIGA
DSS ITSEC 2012 ForeScout Technical RIGAAndris Soroka
 
Network Access Control as a Network Security Solution
Network Access Control as a Network Security SolutionNetwork Access Control as a Network Security Solution
Network Access Control as a Network Security SolutionConor Ryan
 
Cloud Security - Made simple
Cloud Security - Made simpleCloud Security - Made simple
Cloud Security - Made simpleSameer Paradia
 
TACTiCS_WP Security_Addressing Security in SDN Environment
TACTiCS_WP Security_Addressing Security in SDN EnvironmentTACTiCS_WP Security_Addressing Security in SDN Environment
TACTiCS_WP Security_Addressing Security in SDN EnvironmentSaikat Chaudhuri
 
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)Andris Soroka
 
Network Control Access for Non-IT Professionals
Network Control Access for Non-IT ProfessionalsNetwork Control Access for Non-IT Professionals
Network Control Access for Non-IT ProfessionalsIncheon Park
 
Intrusion preventionintrusion detection
Intrusion preventionintrusion detectionIntrusion preventionintrusion detection
Intrusion preventionintrusion detectionIJCNCJournal
 
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...Shakeel Ali
 
Wireless Networking
Wireless NetworkingWireless Networking
Wireless NetworkingGulshanAra14
 

What's hot (17)

Network Access Control (NAC)
Network Access Control (NAC)Network Access Control (NAC)
Network Access Control (NAC)
 
Sangfor ngfw 修订版
Sangfor ngfw 修订版Sangfor ngfw 修订版
Sangfor ngfw 修订版
 
UTM Unified Threat Management
UTM Unified Threat ManagementUTM Unified Threat Management
UTM Unified Threat Management
 
Symantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security SolutionSymantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security Solution
 
DSS ITSEC 2012 ForeScout Technical RIGA
DSS ITSEC 2012 ForeScout Technical RIGADSS ITSEC 2012 ForeScout Technical RIGA
DSS ITSEC 2012 ForeScout Technical RIGA
 
Euro mGov Securing Mobile Services
Euro mGov Securing Mobile ServicesEuro mGov Securing Mobile Services
Euro mGov Securing Mobile Services
 
Network Access Control as a Network Security Solution
Network Access Control as a Network Security SolutionNetwork Access Control as a Network Security Solution
Network Access Control as a Network Security Solution
 
Cloud Security - Made simple
Cloud Security - Made simpleCloud Security - Made simple
Cloud Security - Made simple
 
TACTiCS_WP Security_Addressing Security in SDN Environment
TACTiCS_WP Security_Addressing Security in SDN EnvironmentTACTiCS_WP Security_Addressing Security in SDN Environment
TACTiCS_WP Security_Addressing Security in SDN Environment
 
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
 
Defending Industrial Control Systems From Cyberattack
Defending Industrial Control Systems From CyberattackDefending Industrial Control Systems From Cyberattack
Defending Industrial Control Systems From Cyberattack
 
What is NAC
What is NACWhat is NAC
What is NAC
 
Network Control Access for Non-IT Professionals
Network Control Access for Non-IT ProfessionalsNetwork Control Access for Non-IT Professionals
Network Control Access for Non-IT Professionals
 
Mobile slide
Mobile slideMobile slide
Mobile slide
 
Intrusion preventionintrusion detection
Intrusion preventionintrusion detectionIntrusion preventionintrusion detection
Intrusion preventionintrusion detection
 
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
 
Wireless Networking
Wireless NetworkingWireless Networking
Wireless Networking
 

Similar to Gigamon - Network Visibility Solutions

firewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptxfirewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptxShreyaBanerjee52
 
Deploying Network Taps for Improved Security
Deploying Network Taps for Improved SecurityDeploying Network Taps for Improved Security
Deploying Network Taps for Improved SecurityDatacomsystemsinc
 
A Complete Guide To Firewall How To Build A Secure Networking System.pptx
A Complete Guide To Firewall How To Build A Secure Networking System.pptxA Complete Guide To Firewall How To Build A Secure Networking System.pptx
A Complete Guide To Firewall How To Build A Secure Networking System.pptxBluechipComputerSyst
 
Enhance Your Network Security with NGFW Firewall Solutions by SecurityGen
Enhance Your Network Security with NGFW Firewall Solutions by SecurityGenEnhance Your Network Security with NGFW Firewall Solutions by SecurityGen
Enhance Your Network Security with NGFW Firewall Solutions by SecurityGenSecurityGen1
 
Elevating Network Security through NGFW Firewalls.pdf
Elevating Network Security through NGFW Firewalls.pdfElevating Network Security through NGFW Firewalls.pdf
Elevating Network Security through NGFW Firewalls.pdfSecurityGen1
 
Chrono Defend: Time-Traveling Safeguards through NGFW Firewall Innovation
Chrono Defend: Time-Traveling Safeguards through NGFW Firewall InnovationChrono Defend: Time-Traveling Safeguards through NGFW Firewall Innovation
Chrono Defend: Time-Traveling Safeguards through NGFW Firewall InnovationSecurityGen1
 
NGFW - An Updated Overview
NGFW - An Updated Overview NGFW - An Updated Overview
NGFW - An Updated Overview Security Gen
 
Zero trust model for cloud computing.pptx
Zero trust model for cloud computing.pptxZero trust model for cloud computing.pptx
Zero trust model for cloud computing.pptxkkhhusshi
 
Achieving high-fidelity security
Achieving high-fidelity securityAchieving high-fidelity security
Achieving high-fidelity securitybalejandre
 
IRJET- Data Security in Local Network through Distributed Firewalls: A Review
IRJET- Data Security in Local Network through Distributed Firewalls: A ReviewIRJET- Data Security in Local Network through Distributed Firewalls: A Review
IRJET- Data Security in Local Network through Distributed Firewalls: A ReviewIRJET Journal
 
Enterprise firewalls feature and benefits
Enterprise firewalls feature and benefitsEnterprise firewalls feature and benefits
Enterprise firewalls feature and benefitsAnthony Daniel
 
10 Criteria for Evaluating NPB, Security Architect Edition
10 Criteria for Evaluating NPB, Security Architect Edition10 Criteria for Evaluating NPB, Security Architect Edition
10 Criteria for Evaluating NPB, Security Architect EditionVSS Monitoring
 
Security Delivery Platform: Best practices
Security Delivery Platform: Best practicesSecurity Delivery Platform: Best practices
Security Delivery Platform: Best practicesMihajlo Prerad
 
DEPLOYMENT OF INTRUSION PREVENTION SYSTEM ON MULTI-CORE PROCESSOR BASED SECUR...
DEPLOYMENT OF INTRUSION PREVENTION SYSTEM ON MULTI-CORE PROCESSOR BASED SECUR...DEPLOYMENT OF INTRUSION PREVENTION SYSTEM ON MULTI-CORE PROCESSOR BASED SECUR...
DEPLOYMENT OF INTRUSION PREVENTION SYSTEM ON MULTI-CORE PROCESSOR BASED SECUR...IJCNCJournal
 
IRJET- Data Security in Local Network for Mobile using Distributed Firewalls
IRJET- Data Security in Local Network for Mobile using Distributed FirewallsIRJET- Data Security in Local Network for Mobile using Distributed Firewalls
IRJET- Data Security in Local Network for Mobile using Distributed FirewallsIRJET Journal
 
A NEW GENERATION OF DRIVER ASSISTANCE AND SECURITY
A NEW GENERATION OF DRIVER ASSISTANCE AND SECURITYA NEW GENERATION OF DRIVER ASSISTANCE AND SECURITY
A NEW GENERATION OF DRIVER ASSISTANCE AND SECURITYIJCI JOURNAL
 

Similar to Gigamon - Network Visibility Solutions (20)

firewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptxfirewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptx
 
Deploying Network Taps for Improved Security
Deploying Network Taps for Improved SecurityDeploying Network Taps for Improved Security
Deploying Network Taps for Improved Security
 
A Complete Guide To Firewall How To Build A Secure Networking System.pptx
A Complete Guide To Firewall How To Build A Secure Networking System.pptxA Complete Guide To Firewall How To Build A Secure Networking System.pptx
A Complete Guide To Firewall How To Build A Secure Networking System.pptx
 
PACE-IT, Security+1.1: Introduction to Network Devices (part 2)
PACE-IT, Security+1.1: Introduction to Network Devices (part 2)PACE-IT, Security+1.1: Introduction to Network Devices (part 2)
PACE-IT, Security+1.1: Introduction to Network Devices (part 2)
 
Enhance Your Network Security with NGFW Firewall Solutions by SecurityGen
Enhance Your Network Security with NGFW Firewall Solutions by SecurityGenEnhance Your Network Security with NGFW Firewall Solutions by SecurityGen
Enhance Your Network Security with NGFW Firewall Solutions by SecurityGen
 
Elevating Network Security through NGFW Firewalls.pdf
Elevating Network Security through NGFW Firewalls.pdfElevating Network Security through NGFW Firewalls.pdf
Elevating Network Security through NGFW Firewalls.pdf
 
Chrono Defend: Time-Traveling Safeguards through NGFW Firewall Innovation
Chrono Defend: Time-Traveling Safeguards through NGFW Firewall InnovationChrono Defend: Time-Traveling Safeguards through NGFW Firewall Innovation
Chrono Defend: Time-Traveling Safeguards through NGFW Firewall Innovation
 
NGFW - An Updated Overview
NGFW - An Updated Overview NGFW - An Updated Overview
NGFW - An Updated Overview
 
Zero trust model for cloud computing.pptx
Zero trust model for cloud computing.pptxZero trust model for cloud computing.pptx
Zero trust model for cloud computing.pptx
 
Achieving high-fidelity security
Achieving high-fidelity securityAchieving high-fidelity security
Achieving high-fidelity security
 
IRJET- Data Security in Local Network through Distributed Firewalls: A Review
IRJET- Data Security in Local Network through Distributed Firewalls: A ReviewIRJET- Data Security in Local Network through Distributed Firewalls: A Review
IRJET- Data Security in Local Network through Distributed Firewalls: A Review
 
Enterprise firewalls feature and benefits
Enterprise firewalls feature and benefitsEnterprise firewalls feature and benefits
Enterprise firewalls feature and benefits
 
10 Criteria for Evaluating NPB, Security Architect Edition
10 Criteria for Evaluating NPB, Security Architect Edition10 Criteria for Evaluating NPB, Security Architect Edition
10 Criteria for Evaluating NPB, Security Architect Edition
 
Security Delivery Platform: Best practices
Security Delivery Platform: Best practicesSecurity Delivery Platform: Best practices
Security Delivery Platform: Best practices
 
Firewall
FirewallFirewall
Firewall
 
DEPLOYMENT OF INTRUSION PREVENTION SYSTEM ON MULTI-CORE PROCESSOR BASED SECUR...
DEPLOYMENT OF INTRUSION PREVENTION SYSTEM ON MULTI-CORE PROCESSOR BASED SECUR...DEPLOYMENT OF INTRUSION PREVENTION SYSTEM ON MULTI-CORE PROCESSOR BASED SECUR...
DEPLOYMENT OF INTRUSION PREVENTION SYSTEM ON MULTI-CORE PROCESSOR BASED SECUR...
 
Firewall
FirewallFirewall
Firewall
 
IRJET- Data Security in Local Network for Mobile using Distributed Firewalls
IRJET- Data Security in Local Network for Mobile using Distributed FirewallsIRJET- Data Security in Local Network for Mobile using Distributed Firewalls
IRJET- Data Security in Local Network for Mobile using Distributed Firewalls
 
A NEW GENERATION OF DRIVER ASSISTANCE AND SECURITY
A NEW GENERATION OF DRIVER ASSISTANCE AND SECURITYA NEW GENERATION OF DRIVER ASSISTANCE AND SECURITY
A NEW GENERATION OF DRIVER ASSISTANCE AND SECURITY
 
Security sdn
Security sdnSecurity sdn
Security sdn
 

Gigamon - Network Visibility Solutions

  • 1. 1 Active Visibility for Multi-Tiered Security // Solutions Overview Copyright © 2014 Gigamon. All rights reserved. Introduction Cyber threats are becoming ever more sophisticated and prevalent. Traditional security approaches such as firewalls and anti-virus protection are not equipped to mitigate and manage modern security threats and risks on their own. Fortunately, security tools are also becoming more sophisticated. The latest generation firewalls, intrusion prevention and detection systems, malware protection appliances, data loss prevention devices, and other security tools have risen to tackle advanced, complex threats. The struggle information security officers often face is not which tools to deploy, but how to deploy them. Overview of Multi-tiered Security Multi-tiered security is about not relying on silver bullets and point solutions. It assumes that intruders will get in and acknowledges that guarding the gate is not enough. It means taking a zero-trust stance and applying security monitoring and best practices throughout the network and for all traffic. Broadly speaking, the tiers are: • Out-of-band Tools—These tools receive packets from SPAN and TAP ports and analyze the sessions and payloads for threats. The tools can look at traffic in great detail but only have a partial view of the traffic depending on where and how they are deployed. Examples include intrusion detection, data loss prevention, and malware detection systems. • Inline Tools—Integrated into the production network, inline tools analyze packets as they pass through. These tools can immediately block suspicious traffic as it comes in rather than waiting for administrative action. Many such tools can operate either out-of-band or inline. Examples include intrusion protection systems, web application firewalls, and tools designed to defend against malware or denial of service attacks. • Flow-based Analytics—Security analytics and heuristics use NetFlow and related technologies to go beyond signature identification to discover new threats and catch behaviors that may be invisible at the packet level. • Regulatory Compliance—Rigorous regulatory standards imposed by PCI-DSS and other government mandates such as HIPAA, SOX, and the GLB Act make maintaining user privacy and compliance a challenge. It is not enough to be compliant—you must also be able to prove your compliance during an audit. Gigamon not only provides security tools the visibility they need, but also improves their performance and resiliency while helping to reduce troubleshooting times and accelerating the return on investment (ROI). Security Challenges Deploying a multi-tiered security platform can include the following challenges: • SPAN port contention and bandwidth thresholds limit visibility • Encrypted and cloud traffic cannot be monitored • Inline security tools introduce points-of-failure for the network • Security monitoring may not keep up with growing network speeds and the number of users and applications • NetFlow generation may not be enabled or even available on the production switches and routers • Network security and application performance can often conflict • Budget constraints prevent the deployment of best-of- breed solutions
  • 2. 2 Active Visibility for Multi-Tiered Security // Solutions Overview Copyright © 2014 Gigamon. All rights reserved. Steps to Active Visibility for Multi-tiered Security Multi-tiered, zero-trust security requires a platform with the flexibility and scalability to adapt as IT infrastructure and threats evolve. The following steps identify the key elements to building end-to-end visibility that can help maximize the effectiveness of a multi-tiered security approach and illustrate how you can achieve this by leveraging the Gigamon Visibility Fabric™ architecture. SPAN ports should be used only when necessary. SPAN ports are the lowest priority for production elements and traffic can be throttled down to a fraction of its true state. This results in an inaccurate view to what is happening on the network and opens up the potential for threats to go unnoticed. Security tools are often completely blind to threats within the virtual world. Tapping traffic flowing to, from, or between virtual machines is critical to ensuring security for the private or public cloud. Especially for inter-VM traffic, tapping only at the physical layer does not provide full coverage. GigaVUE-VM ties into the hypervisor and virtual switch to not only tap virtual traffic, but also select which traffic is forwarded to the Visibility Fabric. Step 2 – Connect Links to a Visibility Fabric Sitting between the IT infrastructure and the security and monitoring tools that need the access to data, the Gigamon Visibility Fabric nodes provide an extensible and elastic platform to technological and network evolution. The Visibility Fabric consists of one or more visibility nodes which receive traffic from network TAPs and SPANs. Once within the fabric, the traffic can be forwarded to any out-of-band tools regardless of where they are physically connected. This provides a flexible, extensible platform on which to build multi-tiered security. As the state of the art of security monitoring advances and network speeds accelerate, new tools can be added and existing tools can be upgraded seamlessly, without network disruption. With the Visibility Fabric, you can aggregate, filter, replicate, and intelligently modify traffic to your security tools. Gigamon uses its patented Flow Mapping® technology to selectively forward traffic to specific tools without dropping traffic that other tools need to analyze. After all the tool-specific traffic has been forwarded, a collector map will forward all the remaining traffic to a generic monitoring system or storage device, eliminating security blind spots. Flow Mapping also works for inline tools, defining different traffic profiles for different tools such that each only has to process packets of the type of traffic they want. Traffic that is known to be secure can bypass the inline tools entirely and/or be sent in parallel to out-of-band tools such as an IDS. This application awareness not only improves efficiency, but also improves application performance for traffic that does not need inspection. Step 1 – TAP All Critical Links Security begins with visibility and visibility begins by tapping the network. By tapping multiple places in the network and supplementing with SPAN ports, you can gain visibility to one-hundred percent of the traffic. TAPs can be deployed at dozens or hundreds of points in the network with zero impact on network or application performance. Optical TAPs are completely passive, require no power, and do not require management. Even high-speed networks with 40G bidirectional links can be tapped and monitored. 1Gb and 10Gb copper connections can also be tapped with active, managed devices.
  • 3. 3 Active Visibility for Multi-Tiered Security // Solutions Overview Copyright © 2014 Gigamon. All rights reserved. Advantages of the Visibility Fabric include: • Instant and pervasive visibility across the network, including physical to virtual environments • Reduce expenses by simplifying operations and centralizing monitoring • Eliminate contention among tools and IT departments for access to data • Optimize security tool performance for greater ROI Step 3 – Connect Inline Security Tools Inline tools from simple firewalls to advanced Intrusion Prevention Systems (IPS) are vital to any multi-tiered security solution. Naturally, any inline deployment represents a potential point of failure, but these risks can be mitigated through bypass technology. Physical bypass protection refers to the ability to fail to wire, allowing network traffic to flow in the event of a power failure. Logical bypass protection is the ability to detect the failure of an inline tool and bypass the tool (uninspected) or bring down the network link to allow failover to a redundant path. Bidirectional heartbeat packets are inserted into the traffic stream to verify continued tool health. Should the heartbeat be lost or the link lost to the inline tool, the bypass action is taken. When monitoring networks with redundant paths, inline tools can be shared between the paths or deployed independently. Network link state propagation ensures that downstream or upstream link state can be translated across the inline bypass and network failover can occur. Inline tools also represent a potential network bottleneck. Scaling inline inspection requires distributing traffic across multiple inline tools so that they share the load and can handle higher network speeds. When a tool goes down, the traffic can be redistributed to the remaining tools providing continued traffic inspection. Alternatively, a standby tool can be used for N+1 redundancy. Different inline tools can be sent different types of traffic, allowing tools to be optimized for specific applications. Trusted traffic can bypass the inline tool entirely, minimizing latency and improving performance. Inline tools that need to inspect the same traffic can be configured in a serial fashion. In the event that one tool goes down, traffic can be bypassed to the next tool in series. Thus, multiple points of failure are consolidated and protected, making the network more secure and more robust. Multiple network links, whether part of a link aggregated group or independent segments, can be aggregated and protected by the same tools while maintaining data path integrity and without any cross-traffic. This optimizes usage of inline tool investment and maximizes security for lower-speed links. In order to be more responsive to detected threats, many out-of-band security tools which used to passively monitor traffic are moving to inline deployments. It is often useful to first install, configure, and optimize a tool out-of-band before bringing it inline. This can be done simply with a software setting rather than having to rewire and reconfigure. Because the inline tools are not connected directly to the production network, tools can be added, upgraded, or removed with little to no disruption of production traffic. Alerts sent from the Visibility Fabric when a bypass action is taken allows for timely and orderly maintenance rather than triggering an emergency escalation. Step 4 – Connect Out-of-Band Security Tools The majority of security tools operate out-of-band, passively monitoring the network for threats and sending alerts when action is required. Multi-tiered security requires that security tools have access to all the traffic though the Visibility Fabric. Malicious payloads that get past sentries at the perimeter can be detected in the core or when they move to different hosts in an effort to conceal their location. Tools can selectively choose which traffic to monitor and ignore the rest, but simply making that choice uses up CPU cycles. A security tool that specializes in monitoring emails for threats, for example, does not need to see any non-email traffic. At the same time, tools geared towards web applications or database monitoring will want to see that traffic but not emails. Flow Mapping forwards specific traffic to one or more tools based on user-defined map rules. Out-of-band tools can also supplement inline tools by inspecting a copy of the traffic sent to, or received from, the inline tools. Intrusion detection can take place in parallel with intrusion prevention. In addition, out-of-band traffic can be distributed across multiple out-of-band tools to share the load and achieve full security visibility.
  • 4. 4 Active Visibility for Multi-Tiered Security // Solutions Overview Copyright © 2014 Gigamon. All rights reserved. Figure 1: Multi-tiered security supported by Gigamon’s Visibility Fabric architecture Step 5 – Leverage GigaSMART® Traffic Intelligence GigaSMART technology extends the intelligence and value of the Gigamon Visibility Fabric architecture by expanding visibility, generating NetFlow data, improving tool performance, and protecting privacy while easing regulatory compliance. Any traffic bound for out-of-band monitoring tools can benefit from GigaSMART intelligence regardless of where it entered the Visibility Fabric. • SSL Decryption—Encrypted traffic can be a sizable portion of the traffic on the network, yet most tools are either unable to decrypt and monitor encrypted traffic or take a severe throughput penalty in doing so. Furthermore, malware can hide its activities within encrypted sessions. GigaSMART has the power to decrypt packets and send clear traffic to out-of-band monitoring tools. • Header Stripping—Traffic encapsulated in protocols such as VXLAN or Cisco FabricPath can vex monitoring tools or use precious processing resources. GigaSMART can strip off those headers before sending the packets to the tools. • Tunneling—Security tools are often too costly to deploy at remote sites, leaving them vulnerable to attacks or data loss. GigaSMART can tunnel traffic from remote sites back to the tools in the main data center where it can be inspected. • NetFlow Generation—GigaSMART can offload NetFlow generation from the production network and send the data to multiple collectors. It does this without traffic sampling so flow-based security tools get the most complete and clear picture possible. • De-duplication—Duplicate packets waste resources and processing power. By removing duplicates from the traffic stream before sending them to the tools, GigaSMART improves the performance and scalability of security monitoring. • Load Balancing—Distributing traffic to multiple tools without GigaSMART maintains sessions, but does not always result in an even balance of traffic across tools. GigaSMART load balancing can take bandwidth, connections, and weighting into account.
  • 5. Active Visibility for Multi-Tiered Security // Solutions Overview Copyright © 2014 Gigamon. All rights reserved. Gigamon and the Gigamon logo are trademarks of Gigamon in the United States and/or other countries. Gigamon trademarks can be found at www.gigamon.com/legal-trademarks. All other trademarks are the trademarks of their respective owners. Gigamon reserves the right to change, modify, transfer, or otherwise revise this publication without notice. Gigamon® | 3300 Olcott Street Santa Clara, CA 95054 | PH +1 (408) 831-4000 | www.gigamon.com 3127-02 10/14 • Adaptive Packet Filtering— GigaSMART provides traffic forwarding decisions based on inner and outer packet headers as well as Layer 7 and payload data. This allows security tools to focus on specific applications even if they are using the same IP addresses and TCP ports. • Packet Slicing and Masking—Private and sensitive information contained within packets can be a regulatory headache. By removing that data before sending packets to the tools, GigaSMART removes worries over data storage and compliance audits. These applications can be combined and/or applied to different traffic profiles to maximize security coverage. For example, SSL traffic can be decrypted and then masked to keep private data secure. Or NetFlow can be generated from traffic before or after encapsulation headers have been removed. Step 6 – Add Non-Security Tools to Maximize ROI Once in place, the Visibility Fabric can also provide traffic to non-security tools, including application and network performance, user experience, and business services monitoring. Because traffic can be replicated to multiple tools, security and non-security monitoring can inspect the same packets without having to contend for the same SPAN ports. Non-security tools can be added, removed, and upgraded without impacting security monitoring or leaving the network vulnerable. These tools also benefit from expanded visibility across the network, into the cloud, and within encrypted sessions and encapsulated packets. Providing visibility to multiple business units and improving tool performance while detecting and mitigating more threats can provide an immediate return on investment. Summary The changing threat landscape and evolving network infrastructure are forcing organizations to fundamentally rethink their approach to security in order to keep advanced threats at bay. Security teams are turning to multi-tiered deployments, leveraging the latest threat intelligence tools to protect their network. However, these tools are only as effective as the information they see. The ability to scrutinize through the deluge of Big Data from across the network in real time is vital to identifying and mitigating today’s and tomorrow’s threats. Gigamon’s Visibility Fabric offers a comprehensive and sophisticated security services delivery platform. It provides scalability while improving resiliency, simplifying management, and enabling the deployment of best-of-breed solutions. Gigamon works with security tools to increase their field of vision, improve their performance, support resiliency, reduce troubleshooting times, and accelerate return on investment. The Gigamon Visibility Fabric provides the platform for end-to-end visibility coupled with traffic intelligence that is needed to efficiently manage risks and address threats in this ever- evolving threat and network environment. About Gigamon Gigamon provides an intelligent Traffic Visibility Fabric for enterprises, data centers and service providers around the globe. Our technology empowers infrastructure architects, managers and operators with pervasive visibility and control of traffic across both physical and virtual environments without affecting the performance or stability of the production network. Through patented technologies and centralized management, the Gigamon GigaVUE portfolio of high availability and high density products intelligently delivers the appropriate network traffic to security, monitoring or management systems. With over eight years’ experience designing and building traffic visibility products in the US, Gigamon solutions are deployed globally across vertical markets including over half of the Fortune 100 and many government and federal agencies. For more information about our Gigamon products visit: www.gigamon.com