Premier Partner Technology Dinner

Premier Partner Technology Dinner Aruba Networks, Gigamon, NetApp, & Palo Alto Networks Fogo De Chao, Baltimore, MD September 25 th, 2014

Key Take Away s Headquartered in Malvern, PA with offices in NYC & MD Technical Staff includes 20 Engineers and Consultants Average industry tenure of 10-15 years Continuous training and education, multi-vendor Partner with Best in Class technology vendors Technology practices include: Security, Wireless, Storage, Virtualization, WAN Optimization All vertical and client sizes

GigaVUE-HC2 Visibility Fabric Node 2014 Gigamon, Inc. All rights reserved. 3

The Gigamon Traffic Visibility Fabric A Revolutionary Way to Securely Access Critical Data at a Fraction of the Cost Enhances the Visibility of all Full Packet Based Data Anywhere on the Network Lowers the Total Cost of Network Monitoring, Security and Compliance 2014 Gigamon, Inc. All rights reserved. 4

Top 10 Reasons for Gigamon Problems we Solve 1 Eliminate Span Port Contention 6 Enable Centralized Monitoring Prevent span port shortages from hindering troubleshooting & diagnostics or forcing choices between which tool can be used. Provide a centralized pool of monitoring tools with access to traffic from a large number of network links. 2 3 4 5 Monitor 10 Gbps Network with 1 Gbps Tools up to 100 Gbps / 40 Gbps Enable 1 Gbps tools to support 10 Gbps links, and 10 Gbps tools to monitor traffic aggregated from multiple 1 Gbps links. Maximize Network Tool Utilization Ensure tools are fully utilized by mapping data from many network access points to the tools Increase Network Visibility Points Gain access to many network access points (taps/spans) allow the entire network to be mapped to all tools Prevent Tool Oversubscription Ensure only the data that matters is mapped to the tools by prefiltering and mapping the appropriate traffic flows to the tools. 7 8 9 10 Reduce Management Complexity Complete data access through patented flow mapping simplifying change control, security burden, and IT group contention. Increase Operational Agility Simplify sharing of network access points, data, and tools among IT groups. Reduce Operational Costs Eliminate or delay tools upgrades, expedite troubleshooting and diagnostics, simplify data access burden, and enable infrastructure upgrades. Completely Open Architecture Our solution is agnostic to all tools, infrastructure, and vendors with the market leading scalability, density, and reliability. 2014 Gigamon, Inc. All rights reserved. 2013 Gigamon, Inc. Company Confidential 5

The GigaVUE-HC2 Node Flexible Visibility Addressing IT Needs 2014 Gigamon, Inc. All rights reserved. 6

GigaVUE-HC2 Modular & Flexible, Multi-Functional GigaVUE HC Series Visibility Node TAPs TAPs TAPs TAPs Aggregation Packet Slicing NetFlow Generation Replication Future Modules & Software Future Possibilities Load Balancing/ Streaming The GigaVUE H Series already enjoys high-density and scalability Out-of-Band De-duplication Multi-purpose capabilities are required for optimized visibility 2014 Gigamon, Inc. All rights reserved. 7

Introducing GigaVUE H Series GigaVUE (High Capacity) Node Product Family: Product: Target markets: Specifications: Fully-capable GigaVUE H Series node 2RU medium-sized chassis exceeding 1Tb throughput Highly modular (4 Bays in front / 1 GigaSMART Bay in rear) GigaSMART capable (Rear) Modules for: 10Gb, 40Gb, TAPs 2014 Gigamon, Inc. All rights reserved. 8

GigaVUE-HC2 Overview Front to Back Airflow Mgmt and Control ports Four Modular Bays for Front Ports, TAPs, etc. Redundant, Load-sharing Power Supplies Rear Fan Tray (blowing out) Removable Control Card Tray (behind Fans) Rear GigaSMART 2014 Gigamon, Inc. All rights reserved. 9

GigaVUE HC2 Bypass Modules: Key Capabilities Physical and Logical Bypass Protection for inline tool deployments Simultaneous inline and out-of-band tool support Bypass Options: One-to-One: Sending traffic to a single inline tool One-to-Many: Distributing inline traffic across multiple inline tools Bi-directional customizable heartbeats for monitoring health of inline tool Network link status propagation: allows failover to redundant path Selectable actions on inline tool failure: Forward traffic into network, bypassing the inline tool Bring network links down, allowing failover to redundant network path Drop traffic 2014 Gigamon, Inc. All rights reserved. 10

Active Visibility for Multi-Tiered Security A Better Approach to Integrated Security NetFlow Collector Intrusion Detection System GigaSMART Edge Router GigaStream Out-of-Band Malware Intrusion Prevention Systems Core Switch Saves Time Saves Money Improved Reliability Protects Traffic Throughput Integrates Best-of-Breed Solutions 2014 Gigamon, Inc. All rights reserved. Page 11

Introducing GigaVUE HC Series GigaSMART Module Introducing Target Market Benefits Details: 40Gb GigaSMART front processing per module Includes 16 fully functional 10Gb cages Up to 200 Gbps compute and 64 x 10Gb per GigaVUE-HC2 2014 Gigamon, Inc. All rights reserved. 12

GigaVUE HC Series Modules - Rear GigaSMART A Key Component of the Product 40Gb Rear GigaSMART Offering everything from De-Duplication to NetFlow Generation 2014 Gigamon, Inc. All rights reserved. 13

Unified Visibility Fabric Architecture Applications Write Read Management Flexible GUI and central provisioning of Fabric Nodes across physical, virtual, and future SDN islands Write Read Orchestration Write Read Services Slicing Masking Tunnel Time Stamp Load Balance Header Stripping Adaptive Packet Filtering Write Read API/SDK Visibility Fabric Nodes Pervasive visibility across physical (corporate to remote) virtual, and future SDN production networks GigaVUE-2404 GigaVUE-420 GigaVUE-212 G-SECURE-0216 GigaVUE-HD8 GigaVUE-HD4 GigaVUE-HC2 GigaVUE-HB1 TAPs & Aggregators G-TAP G-TAP A Series GigaVUE-TA1 Read Write Applications & Tools Infrastructure, User Community 2014 Gigamon, Inc. All rights reserved. 14 = Future Availability

Active Visibility for Multi-Tiered Security Internet GigaVUE-HB1 Server/ Virtual Farm Regional Centers Core Switches Distribution Switches VISIBILITY FABRIC ARCHITECTURE OUT-OF-BAND INLINE GigaVUE-HC2 with Bypass Module GigaVUE-HD8 IPS ANTI- MALWARE FILE ACTIVITY MONITORING SECURITY ANALYTICS SIEM DLP IDS Access Switches APM 2014 Gigamon, Inc. All rights reserved. 15

Secure Enterprise Mobility Aruba ClearPass Presenter Name and Title CONFIDENTIAL Copyright 2014. Aruba Networks, Inc. All rights reserved

Todays Secure Mobility Challenges Lack of Policy Solution, Access from Anywhere Unmanaged BYOD use Open Guest Wi-Fi CONFIDENTIAL Copyright 2014. Aruba Networks, Inc. All rights reserved

The ClearPass Platform Expandable Applications Guest Onboard OnGuard ClearPass Baseline Hardware or VM Appliances (500, 5,000 or 25,000) Remote Location CONFIDENTIAL Copyright 2014. Aruba Networks, Inc. All rights reserved

What s Needed: Policy Management as Foundation Policy with built-in AAA Services Better decisions based on context - access method, user, device status or location Comprehensive Feature Set Manage all security services from a single platform Granular Authentication Methods Leverage multiple identity stores and auth methods to fit any use case Login/password, certificates CONFIDENTIAL Copyright 2014. Aruba Networks, Inc. All rights reserved

AAA to Policy Examples Employees receive access to resources from anywhere based on ClearPass defined policy Staff no longer uses preshared keys for Wi-Fi as ClearPass delivers secure login services per user 14K+ Personnel in 100+ Offices Multi-site Magnet Hospital, Northeast U.S. CONFIDENTIAL Copyright 2014. Aruba Networks, Inc. All rights reserved

Personal devices create IT burden and security gaps CONFIDENTIAL Copyright 2014. Aruba Networks, Inc. All rights reserved

Solution: Secure Automated Workflows Employee Self-Service Configuration Users self-configure network settings and certificates without IT involvement Built-in Certificate Authority Automatically create and distribute device certificates without using internal PKI. Simple for users Integrate with Device Management Use MDM/EMM data to enforce wireless and wired privileges no jailbroken devices CONFIDENTIAL Copyright 2014. Aruba Networks, Inc. All rights reserved

Secure Onboarding Examples Physicians self-configure personal devices using ClearPass Onboard for secure Wi-Fi access Over 20 Facilities, 2600 Physicians Simplified certificate distribution for close to 50K BYOD user via ClearPass Onboard ~50000 Endpoints, Multinational Financial CONFIDENTIAL Copyright 2014. Aruba Networks, Inc. All rights reserved

Open guest networks leave security gaps and provide no visibility CONFIDENTIAL Copyright 2014. Aruba Networks, Inc. All rights reserved

Solution: Captive Portals, Per User Registration Guest Login Portal Workflows Each guest receives their own credentials or acknowledge acceptance of use Self or Sponsor Approved Registration Authorized access with full reporting and session controls for Wi-Fi / Wired Complete Customization IT can capture visitor information, cache MAC addresses, display ads, alter access privileges CONFIDENTIAL Copyright 2014. Aruba Networks, Inc. All rights reserved

Guest Access Services Standard and High Capacity Guest (HCG) Sponsor privileges with access verification Self-service Per session controls Automated SMS/email credential delivery Little IT involvement No more wide-open SSIDs and shared keys! CONFIDENTIAL Copyright 2014. Aruba Networks, Inc. All rights reserved

Recognized as an Industry Leader Leader: 2013 Wireless LAN MarketScape Leader: 2013 Network Access Control Magic Quadrant Leader: 2014 Wired & Wireless Magic Quadrant CONFIDENTIAL Copyright 2014. Aruba Networks, Inc. All rights reserved

Key Takeaways Security for wired and wireless access Single point of management for multivendor networks Simplified IT and user experience CONFIDENTIAL Copyright 2014. Aruba Networks, Inc. All rights reserved

THANK YOU

Product & Solutions Portfolio Overview NetApp Confidential - Internal Use Only

Industry Trends Flash Cloud Software Defined Data Center Converged Infrastructure Mobility NetApp Confidential - Internal Use Only 31

GK The Changing Role of IT NetApp Confidential Limited Use 32

GK NetApp Product Strategy Market-leading innovations, that are NetApp Confidential Limited Use 33

Clustered Data ONTAP & FAS Unified Scale-out Storage NetApp Confidential - Internal Use Only 34

Clustered Data ONTAP FAS System Highlights Unified architecture optimizes storage utilization Same hardware supports both SAN and NAS Single operating system Single management infrastructure Scale to 69PB and 2.6M IOPS 99.999% availability, zero planned downtime FAS2500 FAS8000 Comprehensive flash integration, server to array Investment protection and compatibility NetApp Confidential - Internal Use Only 35

Scalable Performance for SAN and NAS Scale Out by Adding Controllers (Maximum 24 Controllers) Scale Up Individual Controllers All-Flash FAS All-Flash FAS All-Flash FAS All-Flash FAS All-Flash FAS Hybrid FAS All-Flash FAS Hybrid FAS >2 million sub-millisecond IOPS and nearly 5PB of all-flash capacity NetApp all-flash FAS: Scalable high performance for dedicated workloads Mixed all-flash and hybrid FAS: One storage repository for all workloads 36

MW FlexArray Virtualization Software New V-Series delivery model Now a software feature that can be enabled from ONTAP Can be purchased and activated at any time One controller type supports both FAS & 3 rd party storage Native SAN & NAS support Available with all FAS8000 systems Delivers a guaranteed 9- month payback Value proposition of FlexArray Unify and simplify IT management under a single framework Enable SDS, decoupling storage from data management Improve the return on existing IT assets Deliver ONTAP value to more IT operations at a lower cost NetApp Confidential Limited Use 37

Clustered Data ONTAP Extending the Reach of Data ONTAP Data ONTAP Edge Remote Office Storage Solution NetApp Private Storage For AWS FlexArray (V-Series) Third-party Array Virtualization NetApp Connect Secure Mobile Access Data ONTAP On Command Management Software NetApp Confidential Limited Use 38

Clustered Data ONTAP Comprehensive Flash Integration Server Controller Disk Flash Accel Flash Cache Flash Pool All Flash FAS Best for specific applications 90% better latency; 80% better throughput Best for file services 34% lower $/TB; 40% lower $/IOPs Best for OLTP 46% lower $/TB; 18% lower $/IOPs Low-latency performance coupled with best-in-class data management NetApp Confidential - Internal Use Only 39

Flash Arrays Flash Technology Leadership Flash for FAS Flash Pool, Flash Cache, Flash Accel Flash for E-Series 75PB SSD Cache Flash Arrays EF-Series, FlashRay NetApp Confidential - Internal Use Only 40

NetApp Confidential - Internal Use Only 41

Palo Alto Networks Next Generation Enterprise Security Platform Raazi Zain Regional Sales Manager State of Maryland

Palo Alto Networks Company Overview Corporate Highlights Founded in 2005; first customer shipment in 2007 Safely Enabling Applications Able to address all enterprise cybersecurity needs $MM $400 $350 $300 $250 $200 $150 $100 $50 $0 Revenue $396 $255 $119 $13 $49 FY09 FY10 FY11 FY12 FY13 Enterprise customers Exceptional ability to support global customers 14,000 13,500 12,000 Experienced Technology and Management Team 10,000 8,000 6,000 4,000 4,700 9,000 1300+ Employees / 16,000+ Customers Globally 2,000 0 Jul-11 Jul-12 Jul-13 Page 43 2012 Palo Alto Networks. Proprietary and Confidential.

2014 Magic Quadrant for Enterprise Network Firewalls Palo Alto Networks is assessed as a Leader, mostly because of its NGFW focus, because it set the direction of the market along the NGFW path, and because of its consistent visibility in shortlists, increasing revenue and market share, and its proven ability to disrupt the market. --Gartner Magic Quadrant for Enterprise Network Firewalls 44 2014, Palo Alto Networks. Confidential and Proprietary.

Cyber Security in the News

Common Security Challenges Sophisticated user base Disperse environment multiple locations Mobile / multiple devices difficult to identify users Unable to identify many of the newer / custom applications Lots of evasive applications (Ultrasurf, Tor, Hamachi) Many new, sophisticated malware / attacks Need to protect data (financial/proprietary/employee) Lot s untrusted zones (wlan/mobile devices/partners) Shrinking budgets, limited staff and increased malware cleanup costs The list goes on

The Gaps in Legacy Network Security Based on legacy stateful inspection port / protocol Limited visibility into network traffic Point products focusing on single area Bolt on solutions not integrated Signature based need an exact match Simple Allow/Block rules Basic url static web pages Difficult to manage / aggregate data Expensive Page 47 2011 Palo Alto Networks. Proprietary and Confidential.

Palo Alto Networks Next-Generation Platform 1. Identify applications regardless of port, protocol, evasive tactic or SSL 2. Identify and control users regardless of IP address, location, or device 3. Protect against known and unknown application-borne threats 4. Fine-grained visibility and policy control over application access / functionality 5. Multi-gigabit, low latency, in-line deployment Page 48 2012 Palo Alto Networks. Proprietary and Confidential.

The Next Generation Firewall Not just a firewall An Integrated Enterprise Security Platform Also includes: - Application identification - User Identification - SSL decryption Quality of Service Firewall VPN Threat Prevention IPS/APT Web/URL

Granular Enablement of Applications. Allow for specific users Allow only certain functions Allow & shape (QoS) Allow & scan for confidential data Allow & scan for threats Allow & limit access time Allow All Block All

Prevention Against Unknown (Zero Day) Threats 3 SIGNATURE CREATION Anti-malware signatures DNS intelligence Malware URL database Anti-C2 signatures 2 Command-and-control Staged malware downloads Host ID and data exfil SANDBOX TESTING WildFire TM Soak sites, sinkholes, 3 rd party sources 4 Global intelligence and protection delivered to all users 1 SUSPICIOUS TRAFFIC Palo Alto Networks Customers

Virtual Firewall - Safely Enabling Private Clouds Segment traffic in virtual data center (Vmware ESXi) Visibility into east-west traffic Track adds, moves and changes (vmotion) Integrate into automated workflows (vcenter, etc) VLAN VLAN Page 52 2011 Palo Alto Networks. Proprietary and Confidential.

Pillars of An Effective Network Security Traffic Visibility Segmentation Threat Prevention Know what s on your network apps, users, devices, content Identify what shouldn t be on your network Centralize management: policies, logging and reporting Establish zones of similar security levels Control security policies based on apps, users, content Tier administrative tasks for better flexibility Stop known threats w/ native IPS, URL filtering Analyze all unknown/unidentified traffic Stop zero-day malware w/ sandbox analysis 53 2013, Palo Alto Networks. Confidential and Proprietary.

Security Best Practices Zero Trust Architecture WAN / Internet WildFire Analysis Center Branch IPSec VPN Perimeter Global Protect VPN Branch Cyvera Headquarters DR Central Management Data Center Mobile Users Hotels Wi-fi Home Page 54 2011 Palo Alto Networks. Proprietary and Confidential.

Upcoming Event Ultimate Test Drive Nov 18 th Baltimore, MD Page 55 2011 Palo Alto Networks. Proprietary and Confidential.

What you can do Today: Learn Which Apps Are On Your Network? Which User is Accessing What? Proof of Concept (PoC) - Our firewall in tap more or inline (w/o control) in your network - Gain visibility into Apps/Users/Content/Threats/URL/Countries - Application Visibility Report (AVR) provided with PoC PoC findings at enterprise accounts - Only 25% of port 80 traffic was from legitimate apps; the other 75% was not from authorized apps - Majority of bandwidth consumed by unauthorized apps: Skype, games, P2P - Inadequate segmentation to protect critical data Our security platform provides the visibility you need to improve your network security immediately 56 2013, Palo Alto Networks. Confidential and Proprietary.

Summary Identify and Control Applications - Visibility of applications, regardless of port, protocol, encryption, or evasive tactic - Fine-grained control over applications (allow, deny, limit, scan, shape) - Identify users regardless of ip address, location or device Prevent Threats - Stop a variety of known threats exploits (by vulnerability), viruses, spyware - Detect and stop unknown threats with WildFire - Integrated solution versus point products - Provide security throughout the network (trusted/untrusted zones) Simplify Security Infrastructure - Put the firewall at the center of the network security infrastructure - Reduce complexity in architecture and operations Page 57 2012 Palo Alto Networks. Proprietary and Confidential.

Thank You Thank you Page 58 2010 Palo Alto Networks. Proprietary and Confidential.