Solution Overview Gigamon Visibility Platform for AWS

Similar documents
Data Sheet Gigamon Visibility Platform for AWS

Data Sheet GigaSECURE Cloud

Product Brief GigaVUE-VM

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

The Gigamon Visibility Platform

Securing Your Amazon Web Services Virtual Networks

Live traffic feeds are increasingly being used by the modern enterprise to gain visibility for security and operations management

GigaVUE-FM. Data Sheet

Securing Your Microsoft Azure Virtual Networks

Cisco CloudCenter Solution with Cisco ACI: Common Use Cases

VISIBILITY INTO CLOUD COMPUTING

DevOps and Continuous Delivery USE CASE

Automated Traffic Visibility for SDDC Solution Guide

AUTOMATE THE DEPLOYMENT OF SECURE DEVELOPER VPCs

The ADC Guide to Managing Hybrid (IT and DevOps) Application Delivery. Citrix.com ebook Align Cloud Strategy to Business Goals 1

The Why, What, and How of Cisco Tetration

Aligning Agency Cybersecurity Practices with the Cybersecurity Framework

Hitachi Enterprise Cloud Family of Solutions

CLOUDLENS PUBLIC, PRIVATE, AND HYBRID CLOUD VISIBILITY

The ADC Guide to Managing Hybrid (IT and DevOps) Application Delivery

Citrix SD-WAN for Optimal Office 365 Connectivity and Performance

Eucalyptus Overview The most widely deployed on-premise cloud computing platform

Man kann nur schützen was man sieht - oder Zentrales Entschlüsseln von SSL/TLS Verkehr Rethinking Security

BIG MON CONTROLLERS BIG MON ANALYTICS NODE. Multi-Terabytes L2-GRE 1/10/25/40/100G ETHERNET SWITCH FABRIC. Optional BIG MON BIG MON SERVICE NODES

AWS Reference Design Document

Cisco CloudCenter Solution Use Case: Application Migration and Management

EdgeConnectSP The Premier SD-WAN Solution

Check Point 4800 with Gigamon Inline Deployment Guide

Cisco Cloud Application Centric Infrastructure

The threat landscape is constantly

Datacenter Management and The Private Cloud. Troy Sharpe Core Infrastructure Specialist Microsoft Corp, Education

Cisco Cloud Services Router 1000V and Amazon Web Services CASE STUDY

STRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Transform Your Business with Hybrid Cloud

How your network can take on the cloud and win. Think beyond traditional networking toward a secure digital perimeter

DATA SHEET AlienVault USM Anywhere Powerful Threat Detection and Incident Response for All Your Critical Infrastructure

Managed Platform for Adaptive Computing mpac

Unity EdgeConnect SP SD-WAN Solution

THE IMPACT OF HYBRID AND MULTI CLOUDS TO CYBERSECURITY PRIORITIES

Features. HDX WAN optimization. QoS

CONFIDENTLY INTEGRATE VMWARE CLOUD ON AWS WITH INTELLIGENT OPERATIONS

Easily Managing Hybrid IT with Transformation Technology

SECURING THE NEXT GENERATION DATA CENTER. Leslie K. Lambert Juniper Networks VP & Chief Information Security Officer July 18, 2011

Hitachi Enterprise Cloud Container Platform

Simplify Hybrid Cloud

I D C T E C H N O L O G Y S P O T L I G H T. V i r t u a l and Cloud D a t a Center Management

SOLUTION BRIEF Enterprise WAN Agility, Simplicity and Performance with Software-Defined WAN

Move, manage, and run SAP applications in the cloud. SAP-Certified Infrastructure from IBM Cloud

Network Behavior Analysis

The State of Cloud Monitoring

A10 DDOS PROTECTION CLOUD

Enabling Long Distance Live Migration with F5 and VMware vmotion

Title DC Automation: It s a MARVEL!

Compare Security Analytics Solutions

PROTECT WORKLOADS IN THE HYBRID CLOUD

SYMANTEC DATA CENTER SECURITY

IBM Cloud Security for the Cloud. Amr Ismail Security Solutions Sales Leader Middle East & Pakistan

Simplifying WAN Architecture

CloudBridge and Get Ready for Desktops and Apps as a Service. Henrik Poulsen

Extending Enterprise Security to Multicloud and Public Cloud

McAfee Total Protection for Data Loss Prevention

Enabling Efficient and Scalable Zero-Trust Security

MODERNIZE INFRASTRUCTURE

Cisco HyperFlex and the F5 BIG-IP Platform Accelerate Infrastructure and Application Deployments

Building your Castle in the Cloud for Flash Memory

McAfee Virtual Network Security Platform

Introducing CloudGenix Clarity

SOLUTION BRIEF RSA NETWITNESS SUITE & THE CLOUD PROTECTING AGAINST THREATS IN A PERIMETER-LESS WORLD

WHITE PAPER. Five AWS Practices. Enhancing Cloud Security through Better Visibility

Securing the Software-Defined Data Center

ARIA SDS. Application

Why Microsoft Azure is the right choice for your Public Cloud, a Consultants view by Simon Conyard

C O M P E T E A T Y O U R P E A K

ebook ADVANCED LOAD BALANCING IN THE CLOUD 5 WAYS TO SIMPLIFY THE CHAOS

Rethinking Security CLOUDSEC2016. Ian Farquhar Distinguished Sales Engineer Field Lead for the Gigamon Security Virtual Team

HARNESSING THE HYBRID CLOUD TO DRIVE GREATER BUSINESS AGILITY

Pulse Secure Application Delivery

The Top 10 Reasons to Replace Your Branch Router with SD-WAN. An ebook presented by Silver Peak Systems

Security & Compliance in the AWS Cloud. Amazon Web Services

Smart Data Center From Hitachi Vantara: Transform to an Agile, Learning Data Center

McAfee Public Cloud Server Security Suite

Design and deliver cloud-based apps and data for flexible, on-demand IT

Introduction. Delivering Management as Agile as the Cloud: Enabling New Architectures with CA Technologies Virtual Network Assurance Solution

The McAfee MOVE Platform and Virtual Desktop Infrastructure

MASERGY S MANAGED SD-WAN

21CTL Disaster Recovery, Workload Mobility and Infrastructure as a Service Proposal. By Adeyemi Ademola E. Cloud Engineer

Self-driving Datacenter: Analytics

06 March INVESTOR DAY 2018 Sabre GLBL Inc. All rights reserved. 1

Cisco Enterprise Cloud Suite Overview Cisco and/or its affiliates. All rights reserved.

Next-Gen CASB. Patrick Koh Bitglass

SIEMLESS THREAT DETECTION FOR AWS

Solution Overview Cisco Tetration Analytics and AlgoSec: Business Application Connectivity Visibility, Policy Enforcement, and Business-Based Risk and

Module Day Topic. 1 Definition of Cloud Computing and its Basics

Safeguard Application Uptime and Consistent Performance

Fundamental Concepts and Models

ENTERPRISE-GRADE MANAGEMENT FOR OPENSTACK WITH RED HAT CLOUDFORMS

CyberPosture Intelligence for Your Hybrid Infrastructure

Best Practices in Securing a Multicloud World

Why the cloud matters?

Transcription:

Solution Overview Gigamon Visibility Platform for Background With the rapid evolution of the public cloud that brings instant advantages of economies of scale, elasticity and agility, IT and data center administrators are re-evaluating their investments to deploy or scale applications on-premise. They either deploy newer applications in the public cloud or use the public cloud for bursty needs to augment the on-premise private cloud. In either case, what enterprises end up with is a hybrid cloud environment. Other enterprises start in the cloud with no physical data center footprint, commonly referred to as a born-in-the-cloud model. Unlike Software-as-a-Service (SaaS) environments, in which application ownership and security of information is the responsibility of the SaaS provider, an Infrastructure-as-a-Service (IaaS), or public cloud environment, places the responsibility of application and information security on the enterprise. Challenges How does an enterprise which has migrated or deployed workloads into the public cloud now manage, secure and understand its data traversing the public cloud? The obvious challenges are as follows: Inability to access traffic, and by extension, information traversing the public cloud, for analysis Deep packet inspection for forensics, advanced threat detection, etc. Analysis of North-South [elastic load balancer () to web tier] and East-West [web tier to app tier or app tier to database] traffic for compliancy, lateral propagation of threats, etc. Lack of sufficient tools in the public cloud. While a plethora of security analysis and IT monitoring tools exist for on-premise deployments, many of these tools do not have an equivalent offering in the public cloud Increased and varied backhaul costs from the IaaS provider to an enterprise, should an enterprise choose to backhaul traffic from the public cloud infrastructure to the enterprise location where the tools are located In an on-premise deployment, there are options to get access to traffic from the infrastructure for real-time analysis: TAPs (physical or virtual), SPAN sessions although TAPs are the favored method to gain reliable, non-intrusive access to mission-critical data in motion or a network visibility solution can be used. When deploying applications in the public cloud, none of these options are available. Agent-based monitoring is an option, but that could lead to a very complex architecture, especially if you have multiple tools that need access to the same traffic for inspection and analysis, as depicted below. IaaS Visibility Challenges Inability to access all traffic Discreet vendor monitoring agents per instance Impacts workload and performance Increases complexity Static visibility with heavy disruption 1

Solution Overview: Gigamon Visibility Platform for Gigamon Solution An efficient and optimal solution to overcome these challenges is to use the Gigamon Visibility Platform for, the industry s first pervasive Visibility Platform that provides consistent visibility into data in motion across the entire enterprise: on-premise, remote sites, public, private, and hybrid clouds. Create a comprehensive visibility tier on an, with one consistent way to access, categorize and consolidate the delivery of network traffic to out-of-band security and performance management tools. Visibility Gigamon Visibility Platform for the Public Cloud Provides a consistent way to access network traffic within and across s Distributes traffic effectively to multiple tools Customizes network traffic to specific tools using policies Delivers elastic, on-demand visibility as workloads scale out 2

Solution Overview: Gigamon Visibility Platform for Extending the Solution to the Hybrid Cloud and Multi- Deployments Gigamon s Visibility Platform extends its capabilities to the following real-world, flexible deployment models: 1. Hybrid clouds for large enterprises providing on-premise visibility, while preserving tool investment. 2. Scale-out public cloud model with multiple s for applications, business units, or tenants. 3. Enterprises with an all-in approach and have migrated and deployed all their applications to the cloud. Use Case #1: Hybrid Cloud for Large Enterprises In this use case, an enterprise s on-premise Gigamon Visibility Platform can be extended to the cloud by: Integrating with APIs to identify inventory of the EC2 instances, the network configuration, etc. Selectively accessing EC2 instance traffic using G-vTAP Aggregating and applying traffic intelligence using a servicechained set of GigaVUE V Series nodes Optimizing the aggregated traffic by slicing to conserve network backhaul Masking the traffic before the backhaul can provide privacy and compliance Tunneling the aggregated and optimized traffic to on-premise over existing backhaul connections On-premise Data Center Visibility Amazon EC2 APIs and Amazon CloudWatch Visibility Tunneling 3

Solution Overview: Gigamon Visibility Platform for Use Cases #2 & #3: Centralized Visibility for Multi- Deployments (i.e. All-in Cloud Enterprise) In this combined use case: A centralized managed by the SecOps team can be used for security or analytics, removing a need for each to host a separate tool tier Enterprises can utilize Peering to save network costs for central traffic inspection and analysis Reduces tool proliferation while allowing for effective, centralized visibility for an all-in-the cloud enterprise With support for these flexible deployment models, the Gigamon Visibility Platform for provides pervasive visibility into data in motion across the entire enterprise: on-premise, remote sites, public, private, and hybrid clouds. A lications SecOps Business Units Visibility Visibility Visibility Amazon EC2 APIs Amazon CloudWatch On-premise Data Center Visibility Platform Security, Performance Management, and Analytics s Subnet Instances peering Data center Traffic distribution Management and control 4

Solution Overview: Gigamon Visibility Platform for Features and Benefits Features Traffic Access (G-vTAP Agent) Traffic Aggregation and Intelligence (GigaVUE V Series) Orchestration () Elastic and Automated Visibility (Automatic Target Selection) Benefits A user space agent deployed in the elastic compute cloud (EC2) instance to mirror selected traffic and deliver to GigaVUE V Series visibility nodes Single agent that can replace multiple vendor agents to consistently access and forward traffic Visibility node [available as an Amazon Machine Image (AMI)] that aggregates traffic from multiple agents lies intelligence and optimization to the aggregated traffic Flow Mapping select and filter traffic Slicing reduce packet size at a specified offset to conserve network backhaul Sampling conserve network backhaul by selecting packet rates, for ex. 1 in 10 or 1 in 100 Masking can provide compliancy and privacy of the traffic by masking specific offsets Distributes optimized traffic to cloud-based tools or backhaul to on-premise Gigamon Visibility Platform using standard IP GRE Tunnels Centralized management application can be deployed either on-premise or in the cloud Defines traffic policies using simple drag-n-drop UI Integrates with APIs for EC2 inventory and network topology Monitors Amazon CloudWatch events to identify EC2 instance spin-up Elastically scales-out GigaVUE V Series nodes based on traffic access points Automatically selects new EC2 instances as part of traffic policies Allows for continuous and automated visibility while identifying any lateral propagation of threats Reference Architecture Example with the Gigamon Visibility Platform N- lication Configure Policies GigaVUE V Series Tunneling On-Premise or Cloud s Gigamon and the Gigamon logo are trademarks of Gigamon in the United States and/or other countries. Gigamon trademarks can be found at www.gigamon.com/legal-trademarks. All other trademarks are the trademarks of their respective owners. Gigamon reserves the right to change, modify, transfer, or otherwise revise this publication without notice. 3213-02 03/17 3300 Olcott Street, Santa Clara, CA 95054 USA +1 (408) 831-4000 www.gigamon.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback