Network Visibility and Security
Unified Visibility Fabric™
Visibility today means insight into infrastructure blind spots. Driven by the need for real-time decision making, network traffic provides network operations and security administrators with an authentic source of data to base these decisions. For pervasive visibility, the network traffic should be acquired from a variety of devices and applications—across physical, virtual and SDN/NFV environments—as well as private and public clouds. As infrastructure becomes more distributed, traffic volume and speeds increase, and the adoption of emerging technologies continues, the need to converge on a unified visibility infrastructure that not only simplifies and automates network traffic visibility, but also provides built-in intelligence, will drive the ongoing evolution of the Unified Visibility Fabric™.
Given the complexity in today’s infrastructure, it is important that the fabric provides visibility into physical, virtual, remote sites as well as emerging SDN/NFV infrastructure as a single unified fabric with a common management and policy model, rather than as a set of disjoint nodes. Such a unified management model allows rapid visibility into infrastructure blind spots.
Benefits
The Unified Visibility Fabric is an innovative solution that delivers pervasive and Active Visibility of network traffic across communication networks. A Unified Visibility Fabric can address the security and monitoring challenges facing today’s IT organizations by helping to:
Extend Visibility: Bridge islands of physical, virtual, and eventually SDN/NFV worlds with end-to-end visibility for tools across enterprise, data center, cloud, and service provider infrastructure. This unified management model allows rapid visibility into infrastructure blind spots by providing a common fabric for IT operations management tools such as security, APM, NPM, and others.
Respond Dynamically: Grow the security and monitoring infrastructure dynamically without impacting production traffic. This architecture also provides an open environment through RESTful APIs that address react and respond scenarios to real-time events that occur within the network through automation and orchestration.
Improve ROI: Control traffic to avoid oversubscription, extend the life of existing tools and ensure that the tools used to manage, analyze and secure the network receive the critical information they require to realize their full potential.
Reduce Costs: Centralize tools into a Unified Tool Rail to reduce CAPEX; simplify management to reduce OPEX with a flexible policy engine that enables parallel monitoring policies to serve multiple departments simultaneously.
Enable Scale: Invest in a solution that can grow to address future needs as your network grows from 1Gb to 10Gb, 40Gb, or 100Gb, and evolves from physical to virtual to SDN and NFV environments.
Gigamon GigaSECURE® – The Industry’s First Security Delivery Platform
Gigamon’s GigaSECURE Security Delivery Platform is an architectural approach to deploying security tools by providing unified access to any traffic for any security tool. The GigaSECURE platform applies specific attributes of the Visibility Fabric customized for delivery of network traffic and metadata specifically for security deployments.
By attaching security tools to the GigaSECURE Security Delivery Platform, security tools can see more and secure more of the infrastructure – both physical and virtual. Security appliances simply connect into the GigaSECURE platform, at whatever interface speeds they are capable of, to receive a high-fidelity stream of relevant traffic from across the network infrastructure. The GigaSECURE platform also extracts flow-based meta-data from network traffic, which can be routed to various security tools for analysis.
The GigaSECURE platform supports a wide variety of security solutions that can sit outside of the production network, for example, for the detection of malware and the lateral movement of malware, detection of exfiltration activity, post incident forensics, as well as other security initiatives. Additionally, it also serves as a platform for deployment of a diverse set of security solutions that need to sit inline with the network traffic. Inline security solutions typically provide the ability to take preventive measures in real-time on detection of threats, malware or anomalous behavior.
The GigaSECURE platform can support both inline and out-of-band deployments simultaneously. When supporting inline security deployments, the GigaSECURE Security Delivery Platform provides full failure protection and load distribution capabilities across a variety of inline deployment modes.
The Security Delivery Platform is comprised of GigaVUE® Fabric Nodes, GigaVUE-OS™ software with patented Flow Mapping® technology, traffic intelligence functions powered by GigaSMART® and a centralized fabric controller (GigaVUE-FM), which when implemented together provide an ideal platform for security delivery.
Contact us to find out more!