The Gigamon Visibility Platform See what matters. Andrea Baraldi - Sales Engineer Marco Romagnoli Sales Director 1
Safe Harbor Statement Any forward-looking indication of plans for products is preliminary and all future release dates are tentative and subject to change. Any future release of products or planned modifications to product capability, functionality, or features are subject to ongoing evaluation by Gigamon, and may or may not be implemented and should not be considered firm commitments by Gigamon and should not be relied upon in making purchasing decisions. This presentation contains forward-looking statements within the meaning of Section 27A of the Securities Act of 1933 and Section 21E of the Securities Exchange Act of 1934. Forward-looking statements generally relate to future events or our future financial or operating performance. In some cases, you can identify forward-looking statements because they contain words such as "may," "will," "should," "expects," "plans," "anticipates," "could," "intends," "target," "projects," "contemplates," "believes," "estimates," "predicts," "potential" or "continue" or the negative of these words or other similar terms or expressions that concern our expectations, strategy, plans or intentions. Forward-looking statements in this presentation include, but are not limited to, our expectations that the market for our products will continue to grow and develop; and our expectations regarding product developments and enhancements and adoption of those products by our customers. Our expectations and beliefs regarding these matters may not materialize, and actual results in future periods are subject to risks and uncertainties that could cause actual results to differ materially from those projected. These risks include our ability to continue to deliver and improve our products and successfully develop new products; customer acceptance and purchase of our existing products and new products; our ability to retain existing customers and generate new customers; the market for network traffic visibility solutions not continuing to develop; competition from other products and services; and general market, political, economic and business conditions. The forward-looking statements contained in this presentation are also subject to other risks and uncertainties, including those more fully described in our filings with the Securities and Exchange Commission, including our Prospectus for our public offering of common stock filed pursuant to Rule 424(b) under the Securities Act of 1933 (Registration No. 333-191581) and our Quarterly Report on Form 10-Q for the most recent quarterly period. The forward-looking statements in this presentation are based on information available to Gigamon as of the date hereof, and Gigamon disclaims any obligation to update any forward-looking statements, except as required by law. 6/2014 2
Corporate Overview See what matters. Gigamon Visibility Platform provides pervasive visibility into data in motion across your entire network, enabling stronger security and network performance. Founded in 2004 IPO in 2013, NYSE: GIMO Headquarters: Santa Clara, CA, U.S. Global Offices: 30 countries 750 employees As of FY2017 CEO: Paul Hooper Over 2,300 customers Verticals: Federal, Financial Services, Healthcare, Retail, Technology, Service Providers Global Patents Issued: 35 3
The World s Top Organizations Rely on Gigamon for Their Business Fortune 100 and 1000 statistics from FY 16-Q3 Top 50 Banks in the World." http://www.relbanks.com/worlds-top-banks/assets Banks around the World. June 30, 2015. Web. Laura Lorenzetti "The 10 biggest health-care companies in the Fortune 500." https://gigamon.my.salesforce.com/00o14000008ef5s Fortune. June 20, 2015. Web. Pablo Erbar "20 Largest Stock Exchanges in the World." http://www.insidermonkey.com/blog/trading-places-the-20-largest-stock-exchanges-in-the-world-335310/ Insider Monkey. November 11 2014. Web. Liyan Chen "The World's Largest Tech Companies: Apple Beats Samsung, Microsoft, Google.http://www.forbes.com/sites/liyanchen/2015/05/11/the-worlds-largesttech-companies-apple-beats-samsung-microsoft-google/ Forbes. May 11, 2015. Web. Kantar Retail "Top 100 Retailers Chart 2015." https://nrf.com/2015/top100-table National Retail Federation. 2015. Web. Liyan Chen "The World's Largest Telecom Companies: China Mobile Beats Verizon, AT&T Again." http://www.forbes.com/pictures/fjlj45fkkh/china-mobile/ Forbes. June 1, 2015. Web. 4
See what matters. Tools & Applications Security Experience Management Monitoring Analysis Gigamon Visibility Platform Manage Secure Understand Any Network Data Center and Private Cloud Public Cloud Service Provider Networks Remote Sites 5
Gigamon Product Portfolio A P I Tools & Applications Security Experience Management Monitoring Analysis Orchestration GigaVUE-FM API Gigamon Visibility Platform NSX Manager vcenter Traffic Intelligence Adaptive Packet Filtering GTP Correlation Application Session Filtering Header Stripping De-duplication Masking FlowVUE NetFlow and Metadata Generation Slicing SSL Decryption Tunneling Visibility Nodes Flow Mapping Clustering Inline Bypass GigaStream Manage Secure Understand Intelligent Visibility Public Cloud Virtual Traffic Aggregators Network TAPs Any Network Data Center and Private Cloud Public Cloud Service Provider Networks Remote Sites 6
The Defender Lifecycle Model A New Security Model
Real-time Threat Prevention May Not Be Possible PARTICULARLY FOR UNKNOWN THREATS Too Little Time 6.7ns inter-packet gap at 100Gb Insufficient time for decision making on unknown, potential threats Too Many Bad Guys Large established ecosystem of distributors for malware With sophisticated kits for rent Along with support infrastructure Breaches are inevitable! 8
What Can Be Done BREAK THE CHAIN, DON T JUST TRY TO PREVENT IT 1 2 3 4 5 6 Reconnaissance Phishing and Zero Day Attack Back Door Lateral Movement Data Gathering Exfiltrate Traditional security focus: PREVENTION The new security focus : DETECT, PREDICT, CONTAIN 9
Legacy Approaches Provide Limited Visibility VISIBILITY LIMITED TO A POINT IN TIME OR PLACE Public Cloud User Behavior Analytics User Behavior Analytics User Behavior Analytics Internet Next-Generation Firewall Next-Generation Next-Generation Firewall Firewall Significant blind spots Extraordinary costs Data Loss Prevention Data Loss Prevention Data Loss Prevention Routers Spine Switches Advanced Persistent Threat Advanced Advanced Persistent Persistent Threat Threat Contention for access to traffic Inconsistent view of traffic Blind to encrypted traffic Email Threat Detection Email Threat Detection Leaf Switches SIEM SIEM SIEM Too many false positives Email Threat Detection Virtualized Server Farm 10
Transform Security: The Security Delivery Platform LOOK INSIDE THE NETWORK Public Cloud User Behavior Analytics User Behavior Analytics User Behavior Analytics Internet Next-Generation Firewall Next-Generation Next-Generation Firewall Advanced Firewall Persistent Threat Data Loss Prevention User Behavior Analytics SIEM Email Threat Detection Data Loss Prevention Data Loss Prevention Data Loss Prevention On-premiseRouters Data Center Remote Sites Spine Switches Advanced Persistent Threat Advanced Advanced Persistent Persistent Threat Threat Security Delivery Platform Email Threat Detection Email Threat Detection Email Threat Detection Private Leaf Switches Cloud Public Virtualized Cloud Server Farm SIEM Reach physical and virtual networks SIEM SIEM Metadata for Improved Forensics Targeted inspection Detection of encrypted threats Inline mode for visibility and control Security Delivery Platform: A Foundation for Effective Network Security 11
GigaSECURE THE INDUSTRY S FIRST SECURITY DELIVERY PLATFORM Shifting the advantage from the attacker to the defender 12
The Current Security Model Basic Hygiene: Firewall, Endpoint, Segmentation, etc. Building Context: Big Data and Machine Learning Triangulating Intent: Artificial Intelligence and Cognitive Solutions Taking Action: Firewalls, IPS, Endpoints, Routers Prevention Detection Prediction Containment Automated Manual 13
A New Security Model: The Defender Lifecycle Basic Hygiene: Firewall, Endpoint, Segmentation, etc. Building Context: Big Data and Machine Learning Triangulating Intent: Artificial Intelligence and Cognitive Solutions Taking Action: Firewalls, IPS, Endpoints, Routers Prevention Detection Prediction Containment Automated Automated Manual Inline Bypass SSL Decryption Metadata Engine App Session Filtering SSL Decryption Metadata Engine, App Session Filtering, SSL Decryption Inline Bypass REST API Physical Virtual Cloud 14
Gigamon Visibility Platform Gigamon Partner Ecosystem Security and Vulnerability Management Service Provider Network & Application Performance Management Infrastructure 15
Gigamon Product Portfolio A P I Tools & Applications Security Experience Management Monitoring Analysis Orchestration GigaVUE-FM API NSX Manager vcenter Traffic Intelligence Adaptive Packet Filtering GTP Correlation Application Session Filtering Header Stripping De-duplication Masking FlowVUE NetFlow and Metadata Generation Slicing SSL Decryption Tunneling Flow Mapping Clustering Inline Bypass GigaStream Visibility Nodes Intelligent Visibility Public Cloud Virtual Traffic Aggregators Network TAPs Any Network Data Center and Private Cloud Public Cloud Service Provider Networks Remote Sites 16
GigaSmart features
GigaSMART Summary SSL Decryption De-duplication Adaptive Packet Filtering Application Session Filtering Packet Slicing Masking NetFlow/IPFIX Generation Header Stripping IP Tunneling ERSPAN Termination GTP Correlation FlowVUE 18
Security delivery platform
GigaSECURE INDUSTRY S FIRST SECURITY DELIVERY PLATFORM Internet IPS (Inline) Anti-Malware (Inline) Data Loss Prevention Intrusion Detection System Forensics Email Threat Detection Routers Spine Switches Security Delivery Platform Leaf Switches GigaVUE-VM A completeand network-wide GIgaVUE Nodes reach: physical and virtual Scalable Metadata metadata extraction Enginefor improved forensics Application Isolation of Session applications Filtering for targeted inspection Visibility SSL to encrypted Decryption traffic for threat detection Inline Inline bypass for connected Bypassecurity applications Virtualized Server Farm All tools still connected Fewer network touch points Enhanced tool efficiency Decreased OPEX costs 20
Inline Bypass to Scale Security Delivery SOLVING PAIN POINTS OF BOTH SECURITY & NETWORK TEAMS Inline Bypass Link Aggregtion HA Designs Add, remove, and upgrade tools seamlessly Consolidate multiple points of failure into a single, bypass-protected solution Integrate Inline, Out-of-Band, and Flow-based tools via the GigaSECURE Security Delivery Platform 21
SSL Decryption on Gigamon Products Encrypted Traffic Decrypted / Unencrypted Traffic 1 Corporate servers Clients Internet Servers Enterprise has server keys RSA key exchange Supported Since 2014 Internet 3 RSA/DH 2 Corporate servers Diffie-Hellman (DH) key exchange Active, Inline Appliance(s) Passive, Out-of-Band Appliance(s) Emerging TLS 1.3 standard Need to be inline to decrypt SSL NGFW IPS Network Forensics Anti-malware 3 Internet Servers or SaaS services Enterprise does not have server keys Need to be inline to decrypt SSL Corporate Servers Any forward-looking indication of plans for products is preliminary and all future release dates are tentative and subject to change. 1 RSA 2 DH, PFS? Clients 22
Gigamon Inline SSL Visibility Solution 3 SSL Session Leg 2 (encrypted) Inline Tool Group (decrypted traffic) 4 1 SSL Session Leg 1 (encrypted) 2 Web Monitor Tool (decrypted traffic) Highlights Servers and clients located internally or externally Private keys not needed RSA, DH, PFS can be used Supports inline and out-of-band tools 2 Out-of-Band Tool (decrypted traffic) Encrypted traffic Decrypted traffic Any forward-looking indication of plans for products is preliminary and all future release dates are tentative and subject to change. 23
Cloud and Virtual visibility
Virtual Visibility: More Important Than Ever 5 REASONS WHY YOU MUST CARE 1. Security no longer an after-thought during virtualization 2. Increasing VM density with mission-critical workloads 3. Visibility into VM-VM traffic needed for Security and Application Performance Monitoring (APM) 4. Creating new virtual instances of tools affects workload performance 5. Automated visibility after VM migration GigaVUE-VM IDS VIRTUAL IDS VM1 VIRTUAL ANTI- MALWARE VIRTUAL APM VM VIRTUAL SWITCH HYPERVISOR SERVER VIRTUAL SWITCH HYPERVISOR SERVER ANTI-MALWARE APM 25
GigaVUE-VM - Virtual Workload Monitoring EXTENDING VISIBILITY INTO VIRTUAL DATA CENTERS Small footprint Virtual Tap guest VM appliance Access, Select, Transform, and Deliver Virtual traffic Visibility into Hosted Applications Visibility into Physical to Virtual traffic Advanced Traffic Intelligence De-duplication Packet Masking Packet Slicing Header Stripping NetFlow Generation SSL Decryption Adaptive Packet Filtering Application Session Filtering Centralized tools Core Core DB Server GigaVUE-VM Flow Mapping Filter on VM, application ports Packet slicing at any offset Tunneling for multi-tenant Leaf Spine Leaf Spine Leaf Network Tunnel Port Leaf Application Performance Network Performance DB OS Tunneling Security 26
Dynamic Traffic Visibility Service Insertion Monitoring Policy GigaVUE-FM Security/Monitor Admin Internet Copy Packet Tools and Analytics Application Performance Network Management Security 27
Partner Solution Categories and Integration Options Automated Traffic Visibility for VMware powered SDDC Solution Category SDDC Operations and Visibility Integration Options Port Mirroring, NSX-API, NetX 28
Public Cloud Visibility Challenges and Gigamon Solution AWS AWS Region Region VPC ELB VPC ELB Web Tier ELB Tool Tier Gigamon Visibility Platform Web Tier ELB Visibility Tool Tier Tier GigaVUE-FM App Tier App Tier RDS RDS Tool Tier AZ AZ Inability to access all traffic Discreet vendor monitoring agents per instance Impacts workload and VPC performance Increases complexity Static visibility with heavy disruption Consistent way to access network traffic Distribute traffic to multiple tools Customize traffic to specific tools Elastic Visibility as workloads scale-out Elastic Load Balancing (ELB) Subnet Instances Tool Amazon Relational Database Service (RDS) Availability Zone (AZ) 29
Private & Confidential Deployment Examples: Hybrid Clouds USE CASE 1: TOOLS IN THE ENTERPRISE DATA CENTER AWS VPC AWS EC2 Integration Virtual Traffic Policies Enterprise Data Center GigaVUE-FM GigaVUE V Series L2 GRE Tunnel Tools Monitored traffic backhauled from AWS to tools in an enterprise s data center VPC: Virtual Private Cloud Control Traffic Monitored Data Traffic 30
Private & Confidential Deployment Examples: Tools in the Same VPC USE CASE 2: TOOLS IN THE SAME AWS VPC AWS Management Console AWS VPC Virtual Traffic Policies GigaVUE V Series GigaVUE-FM AWS EC2 Integration Corporate Data Center L2 GRE Tunnel Virtual Tools Monitored traffic in AWS sent to virtual tools located in the same VPC 31
Virtual Physical Service Chain with Other GigaSMART Apps DELIVER RELEVANT TRAFFIC AFTER DECRYPTION Filter on decrypted data and send to tools using ASF Adaptive Packet Filtering GigaVUE-VM GigaVUE-VM Tunnel Termination Flow Mapping Inline SSL Decryption METADATA Generate metadata and feed to SIEM Select target network for decryption with Flow Mapping, Decrypt and Filter on decrypted data with ASF, Generate metadata and forward to tools 32
VISIBILITY MATTERS 33