Gigamon Extends Real-Time IT Security Visibility

Slide Show

Don't Let the IT Security Paradigm Shift Leave You Stranded

As a provider of appliances that govern network traffic in real time, Gigamon has steadily built a base of customers that need maximum visibility into their network traffic. Today, Gigamon is looking to extend that visibility to security applications in a way that is being endorsed by Check Point, Cisco, Cyphort, FireEye, Lastline, Damballa, Lancope, LightCyber, Niara, ExtraHop, PinDrop, RSA, Savvius, Fortinet, Palo Alto Networks, LogRythm and Imperva.

Johnnie Konstantas, director of security solutions marketing and business development for Gigamon, says that with the launch of GigaSecure, contention issues between security applications trying to access the same network data will soon be a thing of the past. While Gigamon appliances have been used to feed data into security applications before, GigaSecure makes use of Application Session Filtering (ASF), a filtering engine developed by Gigamon that uses application signatures or patterns within packets to identify the application flow of network traffic.

Once positively identified, ASF extracts the entire session corresponding to the matched application flow from the initial packet to the last packet of the flow, which enables administrators to forward specific “traffic of interest” to security applications and appliances in real time. Additional benefits of this approach, adds Konstantas, include the ability to extract metadata in a way that scales to providing visibility to encrypted traffic.

IT organizations are keenly aware that most of the threats they are trying to mitigate are entering their organizations via porous networks. The challenge IT organizations routinely face is that they can adversely affect the performance of applications by slowing them down to be inspected by a variety of security applications and appliances. By using Gigamon network traffic management functionality to steer that traffic in real time, Konstantas says packets can be deeply inspected without negatively affecting the performance of applications.

It won’t come as much of a surprise to most IT organizations to discover that they are between a rock and a hard place when it comes to IT security and application performance. Much more surprising may be the simple fact that there is finally a solution to the issue.