Visibility for Security. A Security Delivery Platform: See More. Secure More.

Similar documents
Active Visibility for Multi-Tiered Security. Juergen Kirchmann Director Enterprise Sales EMEA

Whitepaper Unified Visibility Fabric A New Approach to Visibility

Enhancing Cisco Networks with Gigamon // White Paper

Solutions Guide End-to-End Visibility for Your Cisco Infrastructure

Visibility in the Modern Data Center // Solution Overview

Whitepaper Active Visibility into SSL Traffic for Multi-tiered Security

End-to-End Visibility

Whitepaper SSL Decryption: Uncovering The New Infrastructure Blind Spot

In-Band Security Solution // Solutions Overview

Whitepaper Software-Defined Visibility (SDV): The New Paradigm for IT

Whitepaper Addressing the Threat Within: Rethinking Network Security Deployment

VSS - Game Changing Technology

Enabling Visibility for Wireshark across Physical, Virtual and SDN. Patrick Leong, CTO Gigamon

Intelligent Data Access Networking TM

Visibility into the Cloud and Virtualized Data Center // White Paper

Secure Access Complete Visibility

Out-of-Band Security Solution // Solutions Overview

Pervasive Security Enabled by Next Generation Monitoring Fabric

Intro to NSX. Network Virtualization VMware Inc. All rights reserved.

Market Update Intelligent Network Packet Brokers

Visibility into the Cloud and Virtualized Data Center // White Paper

Monitoring, Managing, and Securing SDN Deployments // White Paper

The Advanced Attack Challenge. Creating a Government Private Threat Intelligence Cloud

Five Steps For Securing The Data Center: Why Traditional Security May Not Work

Open SDN for Network Visibility

Packet Optimization & Visibility with Wireshark and PCAPs. Gordon Beith Director of Product Management VSS Monitoring

Network Packet Monitoring Optimizations in Data Centre

Blind as a Bat? Supporting Packet Decryption for Security Scanning

Orchestrating Software Defined Networks (SDN) to Disrupt the APT Kill Chain

2016 Firewall Management Trends Report

Requirements When Considering a Next- Generation Firewall

Enhancing Cisco Networks with Gigamon // White Paper

SOFTWARE DEFINED NETWORKING

STEALTHWATCH MANAGEMENT CONSOLE

Introduction to Software Defined Networking (SDN) and how it will change the inside of your DataCentre

Network Monitoring Fabrics Are Key to Scaling IT

An Application-Centric Infrastructure Will Enable Business Agility

Cisco Security Strategy Update Integrated Threat Defense. Oct 28, 2015

Traffic Visibility Fabric for Revenue and Differentiation in the Cloud Provider Market // White Paper

Solving Monitoring Challenges in the Data Center

DMZ Virtualization Using VMware vsphere 4 and the Cisco Nexus 1000V Virtual Switch

FROM PRODUCT TO PLATFORM

QRadar SIEM and FireEye MPS Integration

Affording the Upgrade to Higher Speed & Density

Riverbed SteelCentral. Product Family Brochure

Cisco Virtualization Experience Infrastructure: Secure the Virtual Desktop

Scalable Network Monitoring with SDN-Based Ethernet Fabrics

Best Practices for Network Monitoring How a Network Monitoring Switch Helps IT Teams Stay Proactive

Best Practices for Network Monitoring

Overview of NetFlow NetFlow and ITSG-33 Existing Monitoring Tools Network Monitoring and Visibility Challenges Technology of the future Q&A

STEALTHWATCH MANAGEMENT CONSOLE

Transform Your Business and Protect Your Cisco Nexus Investment While Adopting Cisco Application Centric Infrastructure

Simplify IT. With Cisco Application Centric Infrastructure. Roberto Barrera VERSION May, 2015

EVOLVED DATA CENTER ARCHITECTURE

Cisco Cyber Threat Defense - Visibility and Network Prevention

Conference. Smart Future Networks THE NEXT EVOLUTION OF THE INTERNET FROM INTERNET OF THINGS TO INTERNET OF EVERYTHING

RIDE THE SDN AND CLOUD WAVE WITH CONTRAIL

Virtualization, SDN and NFV

Threat-Centric Security for Service Providers

QRadar Security Intelligence Platform Appliances

Update On Smart Grid Cyber Security

Network Virtualization Solutions - A Practical Solution

How To Make A Vpc More Secure With A Cloud Network Overlay (Network) On A Vlan) On An Openstack Vlan On A Server On A Network On A 2D (Vlan) (Vpn) On Your Vlan

Installation Guide Avi Networks Cloud Application Delivery Platform Integration with Cisco Application Policy Infrastructure

Network Performance + Security Monitoring

Premier Partner Technology Dinner

Observer Probe Family

What is Security Intelligence?

Netzwerkvirtualisierung? Aber mit Sicherheit!

POLIWALL: AHEAD OF THE FIREWALL

WHITE PAPER SPLUNK SOFTWARE AS A SIEM

AVI NETWORKS CLOUD APPLICATION DELIVERY PLATFORM INTEGRATION WITH CISCO APPLICATION CENTRIC INFRASTRUCTURE

COMMAND YOUR DATA CENTER

Cisco Network Analysis Module Software 4.0

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

SANS Top 20 Critical Controls for Effective Cyber Defense

Q1 Labs Corporate Overview

Data Center Infrastructure of the future. Alexei Agueev, Systems Engineer

How To Protect Your Network From Intrusions From A Malicious Computer (Malware) With A Microsoft Network Security Platform)

The Evolving Data Center. Past, Present and Future Scott Manson CISCO SYSTEMS

The Purview Solution Integration With Splunk

INCREASE NETWORK VISIBILITY AND REDUCE SECURITY THREATS WITH IMC FLOW ANALYSIS TOOLS

Riverbed SteelCentral. Product Family Brochure

Symantec Advanced Threat Protection: Network

Remote Management Services Portfolio Overview

Unified Threat Management, Managed Security, and the Cloud Services Model

ADVANCED SECURITY MECHANISMS TO PROTECT ASSETS AND NETWORKS: SOFTWARE-DEFINED SECURITY

Transcription:

Visibility for Security A Security Delivery Platform: See More. Secure More.

Our Vision 2

Gigamon Customers Today AS OF Q2 2015 Enterprise Service Providers TECHNOLOGY INDUSTRIAL RETAIL FINANCE HEALTHCARE & INSURANCE GOVERNMENT 1700+ End Customers 75+ of the Fortune-100 50 of the Top 100 Global SPs A broad spectrum of brand-name customers. 3

Ecosystem Partners Network Security and Vulnerability Management Customer Experience Management Network Performance Management Application Performance Management Network Forensics/Big Data Analytics 4

The Security Operations Challenge THE ATTACKER-DEFENDER ASYMMETRY BYOD, mobility increase attack surface Virtualization increases security blind spots Rising use of encryption to embed malware and hide threats Volume, variance and velocity of today s network data Attacker sophistication and low-and-slow network movement Security analytics impossible with legacy means 5

Legacy Approaches Have Limited Visibility THERE IS SO MUCH TO PROTECT AND SO MANY PATHS TO MONITOR Intrusion Intrusion System Intrusion System System Data Loss Prevention Data Loss Prevention Data Loss Prevention Email Threat Email Threat Email Threat Leaf Switches Virtualized Server Farm Internet Routers Spine Switches IPS (Inline) IPS (Inline) IPS (Inline) Anti-Malware (Inline) Anti-Malware Anti-Malware (Inline) (Inline) Forensics Forensics Forensics The Security Ops Challenge: How do all these security tools gain pervasive visibility? Where should these security tools be placed? How does one rapidly investigate a new threat source? 6

The Challenge with Legacy Approaches Security Tool Security Tool Security Tool Security Tool Irrelevant Traffic Relevant Traffic Partial infrastructure view No control on traffic selected Reduced efficiency of security tool Enterprise LAN 7

Security Delivery Platform: See Everything A FOUNDATIONAL BUILDING BLOCK TO EFFECTIVE SECURITY Intrusion Intrusion System Intrusion System System Internet IPS IPS (Inline) IPS IPS (Inline) (Inline) (Inline) Anti-Malware (Inline) Data Loss Prevention Intrusion System Forensics Email Threat Data Loss Prevention Data Loss Prevention Data Loss Prevention Routers Spine Switches Anti-Malware (Inline) Anti-Malware Anti-Malware (Inline) (Inline) Security Delivery Platform Email Threat Email Threat Email Threat Leaf Switches Virtualized Server Farm A complete network-wide Forensics reach: physical and virtual Forensics Forensics Scalable metadata extraction for improved forensics All tools still connected Fewer network touch points Isolation of applications for targeted inspection Visibility to encrypted traffic for threat detection Enhanced tool efficiency Decreased OPEX costs Inline bypass for connected security applications 8

GigaSECURE from Gigamon THE INDUSTRY S FIRST SECURITY DELIVERY PLATFORM Internet IPS (Inline) Anti-Malware (Inline) Data Loss Prevention Intrusion System Forensics Email Threat Routers Spine Switches Security Delivery Platform Leaf Switches GigaVUE-VM A complete and network-wide GIgaVUE Nodes reach: physical and virtual Scalable NetFlow metadata / IPFIX extraction Generation for improved forensics Application Isolation of Session applications Filtering for targeted inspection Visibility SSL to encrypted Decryption traffic for threat detection Inline Inline bypass for connected Bypass security applications Virtualized Server Farm All tools still connected Fewer network touch points Enhanced tool efficiency Decreased OPEX costs 9

Benefit for Security Operations Legacy Approach Without Gigamon Security Tool Security Tool Security Tool Security Tool With Gigamon Security Delivery Platform Security Tool Security Tool Security Tool Security Tool Irrelevant Traffic Relevant Traffic Relevant Traffic Enterprise LAN Enterprise LAN Partial infrastructure view No control on traffic selected Reduced tool efficiency Pervasive infrastructure visibility Granular traffic selection controls Enhanced tool efficiency Run multiple POCs in parallel 10

Gigamon GigaSECURE: Supported by the Industry GIGAMON ECOSYSTEM PARTNERS our joint customers will benefit from some of the most advanced security technology available. Even the best security appliance will fail to deliver if it does not get the right traffic, Gigamon s high performance security delivery platform is the right match a robust and systematic framework to deliver pervasive network visibility to security appliances critical manageability and control to traffic and flow visibility. To be effective, a security appliance needs to be able to access the right network traffic a security delivery platform addresses the real need for pervasive, high fidelity visibility Together, Lancope and Gigamon enable customers to solve today s tough security challenges." much needed operational efficiency to the task of ensuring pervasive visibility for security tools. allows joint customers to leverage Gigamon's Security Delivery Platform to effectively extend and access the critical data flows efficient access to traffic flows and high fidelity meta-data from anywhere in the network significantly increasing the efficiency and effectiveness of [business] security teams GigaSECURE Security Delivery Platform sheds light on insider initiated threats, it can provide complementary visibility to the network traffic that Palo Alto Networks sees access to high fidelity network traffic is a vital step in the implementation of advanced protections " Gigamon s Security Delivery Platform will allow Savvius's products to continue to provide the insight our customers depend on... 11

Bridging the Gap 12

Benefits FASTER DETECTION, FASTER CONTAINMENT Consistent network-wide traffic view for all security appliances, all of the time Eliminate departmental and appliance level contention for access to data No disruption to network traffic as security solutions get deployed or upgraded, or when moving from out-of-band to inline deployments Eliminate blind spots associated with encrypted traffic, mobility Significantly offload security appliances through full session offload and full flow metadata Faster identification of malware movement, faster time to containment 13

Unified Visibility Fabric Applications Gigamon Applications FabricVUE Traffic Analyzer API 3 rd Party Apps (e.g. Splunk, Viavi) Applications & Tools Infrastructure, User Community API Fabric Control (Management) GigaVUE-FM Fabric Services Flow Mapping API Traffic Intelligence De-duplication Header Stripping Masking Tunneling NetFlow Generation FlowVUE API SSL Decryption Adaptive Packet Filtering Clustering Inline Bypass Slicing Time Stamping GTP Correlation Application Session Filtering Visibility Fabric Nodes (Pervasive visibility across physical, virtual, remote sites, and future SDN production networks) H Series GigaVUE-HD8 GigaVUE-HD4 GigaVUE-HC2 GigaVUE-HB1 TA Series GigaVUE-TA1 / TA10 GigaVUE-TA40 GigaVUE-OS on white box Virtual Visibility GigaVUE-VM TAPs G-TAP M Series G-TAP G-TAP BiDi G-TAP A Series Embedded TAPs G Series GigaVUE-2404 GigaVUE-420 G-SECURE-0216 14

Visibility Fabric Architecture SIMPLE IN CONCEPT DIFFICULT IN EXECUTION A Revolutionary Way to Distribute Critical Packet Data at a Fraction of the Cost Enables the Visibility of Packet-Based Data from Anywhere on the Network Lowers the Total Cost of Network Monitoring, Security and Compliance Tool Farm Physical Flow Mapping (Packet Identification, Filtering, and Forwarding) Security Application Performance Management (APM) APM Virtual GigaVUE- VM GigaVUE- VM GigaSMART (Packet Modification and Transformation) Network Performance Management (NPM) Customer Experience Management (CEM) 15

Case Study: Global Manufacturer SECURITY MONITORING USING THE SECURITY DELIVERY PLATFORM Background & Challenge Solution Inline Tools: Sourcefire IPS, Imperva WAF Out-of-Band tools: FireEye, ExtraHop Needed many-to-one inline inspection, APP aware intelligence and capture the same traffic for out-of-band security functions like FireEye and ExtraHop GigaSECURE : Inline bypass technology to provide many-to-one (1x10Gb and 3x1Gb links) inline inspection APP aware capability only delivers WEB traffic to Imperva for inspection Capture same Internet traffic and send to out-of-band FireEye, ExtraHop Results & Key Benefits Use one Sourcefire appliance to protect 4 different physical links with different media/speed Feed same Internet traffic to both inline and out-of-band tools Significantly simplified security operations: upgrade any security tool at will 16

Case Study: Global Manufacturer SECURITY MONITORING USING THE SECURITY DELIVERY PLATFORM 17

Technical Benefits

Why Gigamon? PROVEN ACROSS MORE THAN 1700 GLOBAL CUSTOMERS INCLUDING 75+ FORTUNE 100 Industry s first Security Delivery Platform One Architecture, One Software, One Management Platform for all Visibility Holistic Physical + Virtual Visibility for any network including SDN (Cisco ACI, VMware NSX) Zero Packet Loss through Patented Flow Mapping Clustering: Extend Scale beyond a Single Node GigaSMART : Common Platform for Advanced Traffic Intelligence, Service Chaining Only Vendor with Advanced Visibility: SSL Decryption, Application Session Filtering High-fidelity NetFlow for Advanced Traffic Insight Advanced Traffic Visualization and Automation with GigaVUE-FM 100% Focused on Success of our Customers and Partners Customer numbers FY15Q2. 19

Eliminate SPAN Port Contention FEW SPAN PORTS, MANY TOOLS Without Gigamon With Gigamon Switch with two SPAN session limitation Intrusion System (IDS) Application Performance Management VoIP Analyzer Intrusion System (IDS) Application Performance Management VoIP Analyzer Packet Capture Packet Capture Customer is unable to use all tools! Customer has complete visibility for all tools! 20

Limited Access to Environment FEW TOOL PORTS, MANY SWITCHES Without Gigamon With Gigamon Switch 1 Switch 1 Switch 2 Switch 2 Switch 3 Switch 3 Switch 4 Analysis tool with only 2 NICs Switch 4 Analysis tool with only 2 NICs Switch 5 n Switch 5 n Limited connectivity to full environment Pervasive access Can connect to all points in the environment 21

Change Media and Speed 10, 40 OR 100GB TRAFFIC TO 1 OR 10GB TOOLS Without Gigamon With Gigamon 10Gb 1Gb Intrusion System (IDS) GigaVUE Matches Your Network to Your Tools 10Gb 1Gb Application Performance Management VoIP Analyzer Packet Capture Intrusion System Application Performance Management VoIP Monitor Packet Capture Customer migrates to a 10Gb network and 1Gb monitoring tools become useless Customer able to extend the life of their 1Gb network and security tools 22

Run Multiple POCs in Parallel ACCELERATE CERTIFICATION OF NEW TOOLS Without Gigamon With Gigamon POC #1 Vendor X Tool POC #2 Vendor Y Tool POC #3 Vendor Z Tool POC #1 Vendor X Tool Tool tested w/ NW Segment 4 weeks Tool tested w/ same NW Segment 4 weeks Tool tested w/ same NW Segment 4 weeks POC #2 Vendor Y Tool POC #3 Vendor Z Tool 1 month 2 month 3 month Customer performs each Proof-of-Concept (POC) serially at different times using different data 1 month 2 month 3 month Customer is able to run multiple POCs concurrently using same data 23

VISIBILITY MATTERS 24

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information