Data Sheet Gigamon Visibility Platform for AWS

Similar documents
Solution Overview Gigamon Visibility Platform for AWS

Data Sheet GigaSECURE Cloud

Product Brief GigaVUE-VM

GigaVUE-FM. Data Sheet

EdgeConnect for Amazon Web Services (AWS)

Live traffic feeds are increasingly being used by the modern enterprise to gain visibility for security and operations management

Cisco CloudCenter Solution with Cisco ACI: Common Use Cases

Securing Your Amazon Web Services Virtual Networks

DATA SHEET AlienVault USM Anywhere Powerful Threat Detection and Incident Response for All Your Critical Infrastructure

The Gigamon Visibility Platform

Automated Traffic Visibility for SDDC Solution Guide

Agenda. This Session: Azure Networking Basics, On-prem connectivity options DEMO Create VNET/Gateway Cost-estimation for VNET/Gateways

BIG MON CONTROLLERS BIG MON ANALYTICS NODE. Multi-Terabytes L2-GRE 1/10/25/40/100G ETHERNET SWITCH FABRIC. Optional BIG MON BIG MON SERVICE NODES

Check Point vsec for Microsoft Azure

NGF0502 AWS Student Slides


AWS Reference Design Document

VISIBILITY INTO CLOUD COMPUTING

Securing Your Microsoft Azure Virtual Networks

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

Man kann nur schützen was man sieht - oder Zentrales Entschlüsseln von SSL/TLS Verkehr Rethinking Security

Cisco Cloud Services Router 1000V and Amazon Web Services CASE STUDY

AWS Solutions Architect Associate (SAA-C01) Sample Exam Questions

Best Practices for Extending the WAN into AWS (IaaS) with SD-WAN

Cisco CloudCenter Solution Use Case: Application Migration and Management

AUTOMATE THE DEPLOYMENT OF SECURE DEVELOPER VPCs

Check Point 4800 with Gigamon Inline Deployment Guide

Extending Enterprise Security to Multicloud and Public Cloud

SECURING THE MULTICLOUD

DevOps and Continuous Delivery USE CASE

Silver Peak EC-V and Microsoft Azure Deployment Guide

Network Behavior Analysis

EBOOK: VMware Cloud on AWS: Optimized for the Next-Generation Hybrid Cloud

CLOUDLENS PUBLIC, PRIVATE, AND HYBRID CLOUD VISIBILITY

Cisco Enterprise Cloud Suite Overview Cisco and/or its affiliates. All rights reserved.

Citrix SD-WAN for Optimal Office 365 Connectivity and Performance

Hosting DesktopNow in Amazon Web Services. Ivanti DesktopNow powered by AppSense

SaaS. Public Cloud. Co-located SaaS Containers. Cloud

VM-SERIES FOR VMWARE VM VM

Aligning Agency Cybersecurity Practices with the Cybersecurity Framework

SYMANTEC DATA CENTER SECURITY

AWS Integration Guide

21CTL Disaster Recovery, Workload Mobility and Infrastructure as a Service Proposal. By Adeyemi Ademola E. Cloud Engineer

Unity EdgeConnect SP SD-WAN Solution

CyberPosture Intelligence for Your Hybrid Infrastructure

Rethinking Security CLOUDSEC2016. Ian Farquhar Distinguished Sales Engineer Field Lead for the Gigamon Security Virtual Team

SECURING THE NEXT GENERATION DATA CENTER. Leslie K. Lambert Juniper Networks VP & Chief Information Security Officer July 18, 2011

The ADC Guide to Managing Hybrid (IT and DevOps) Application Delivery. Citrix.com ebook Align Cloud Strategy to Business Goals 1

Getting Started Guide. VMware NSX Cloud services

IXIA PHANTOM VTAP WITH TAPFLOW FILTERING

BERLIN. 2015, Amazon Web Services, Inc. or its affiliates. All rights reserved

Title DC Automation: It s a MARVEL!

The threat landscape is constantly

McAfee Virtual Network Security Platform

AWS: Basic Architecture Session SUNEY SHARMA Solutions Architect: AWS

Developing Microsoft Azure Solutions (70-532) Syllabus

Introduction to Cloud Computing

EdgeConnectSP The Premier SD-WAN Solution

THE IMPACT OF HYBRID AND MULTI CLOUDS TO CYBERSECURITY PRIORITIES

Cross-Site Virtual Network Provisioning in Cloud and Fog Computing

TALK THUNDER SOFTWARE FOR BARE METAL HIGH-PERFORMANCE SOFTWARE FOR THE MODERN DATA CENTER WITH A10 DATASHEET YOUR CHOICE OF HARDWARE

Software Defined Storage for the Evolving Data Center

Securely Access Services Over AWS PrivateLink. January 2019

PROTECT WORKLOADS IN THE HYBRID CLOUD

and public cloud infrastructure, including Amazon Web Services (AWS) and AWS GovCloud, Microsoft Azure and Azure Government Cloud.

PrepAwayExam. High-efficient Exam Materials are the best high pass-rate Exam Dumps

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Amazon AWS-Solution-Architect-Associate Exam

Workload Mobility and Disaster Recovery to VMware Cloud IaaS Providers

The ADC Guide to Managing Hybrid (IT and DevOps) Application Delivery

Cisco Tetration Analytics

Advanced CSR Lab with High Availability and Transit VPC

What is. Thomas and Lori Duncan

STRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview

Cisco Cloud Application Centric Infrastructure

Apigee Edge Cloud. Supported browsers:

Enabling Long Distance Live Migration with F5 and VMware vmotion

Deploying the Cisco CSR 1000v on Amazon Web Services

Transit VPC Deployment Using AWS CloudFormation Templates. White Paper

Pass4test Certification IT garanti, The Easy Way!

Deploy. A step-by-step guide to successfully deploying your new app with the FileMaker Platform

Amazon Web Services. Block 402, 4 th Floor, Saptagiri Towers, Above Pantaloons, Begumpet Main Road, Hyderabad Telangana India

Apigee Edge Cloud. Supported browsers:

CHARTING THE FUTURE OF SOFTWARE DEFINED NETWORKING

Training on Amazon AWS Cloud Computing. Course Content

Managed Platform for Adaptive Computing mpac

vcloud Air - Virtual Private Cloud OnDemand Networking Guide

Transform Your Business with Hybrid Cloud

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Building your Castle in the Cloud for Flash Memory

Enroll Now to Take online Course Contact: Demo video By Chandra sir

PROTECT YOUR DATA FROM MALWARE AND ENSURE BUSINESS CONTINUITY ON THE CLOUD WITH NAVLINK MANAGED AMAZON WEB SERVICES MANAGED AWS

VMware Cloud on AWS. A Closer Look. Frank Denneman Senior Staff Architect Cloud Platform BU

Easily Managing Hybrid IT with Transformation Technology

Hitachi Enterprise Cloud Family of Solutions

Cloud Computing. Amazon Web Services (AWS)

Compare Security Analytics Solutions

Cisco SD-WAN and DNA-C

VMWARE ENTERPRISE PKS

Architectural overview Turbonomic accesses Cisco Tetration Analytics data through Representational State Transfer (REST) APIs. It uses telemetry data

Transcription:

Data Sheet Gigamon Visibility Platform for Overview The rapid evolution of Infrastructure-as-a-Service (IaaS), or public clouds, brings instant advantages of economies of scale, elasticity, and agility to organizations seeking to modernize their IT infrastructures. Migrating workloads into the public cloud, however, introduces a new set of responsibilities and challenges for the teams that manage this move. How does an enterprise manage, secure and understand all of its data now traversing the public cloud? The obvious challenges include the inability to access all traffic and data in support of forensics, customer experience management, advanced threat detection, and monitoring tools, but also includes the lack of visibility into East-West (i.e. web-tier-to-app tier or app tier-to-database) traffic needed for compliancy, lateral threat mitigation, and more. Current security tools that operate in public clouds are lacking complete access to this data of interest. In an on-premise deployment, there are options to get access to traffic from the infrastructure for real-time analysis via TAPs (physical or virtual), SPAN sessions although TAPs are usually the favored method to gain reliable, non-intrusive access to mission-critical data in motion or a network visibility solution. When deploying applications and workloads in the public cloud, none of these options are available. Agent-based monitoring is an option for monitoring in public clouds, but it could lead to a very complex architecture, especially if multiple tools need access to the same traffic for inspection and analysis, as depicted below. Region Region Tool Public Cloud Visibility Visibility RDS RDS Tool AZ AZ IaaS Visibility Challenges Inability to access all traffic Discreet vendor monitoring agents per instance Impacts workload and performance Increases complexity Static visibility with heavy disruption Visibility Solution with Gigamon Consistent way to access network traffic Distribute traffic to multiple tools Customize traffic to specific tools Elastic visibility as workloads scale out Elastic Load Balancing () Subnet Instances Tool Amazon Relational Database Service (RDS) Availability Zone (AZ) Traffic distribution Management and control 1

The Solution Gigamon Visibility Platform for Amazon Services () An efficient and optimal solution to overcome these challenges is to use the Gigamon Visibility Platform for, the industry s first pervasive visibility platform that provides consistent visibility into data in motion across the entire enterprise: on-premise, remote sites, public, private and hybrid clouds. Use Cases Gigamon s Visibility Platform extends its capabilities to the following real-world, flexible cloud deployment models: 1. Hybrid clouds for large enterprises providing on-premise visibility, while preserving tool investment. 2. Scale-out public cloud model with multiple Virtual Public Clouds (s) for applications, business units, or tenants. 3. Enterprises with an all-in approach and have migrated and deployed all their applications to the cloud. Region A lications SecOps Business Units Visibility Tool Visibility Visibility Amazon EC2 APIs Amazon CloudWatch On-premise Data Center Visibility Platform Security, Performance Management, and Analytics Tools Subnet Instances peering Tool Data center Traffic distribution Management and control 2

Features and Benefits Features Traffic Access (G-vTAP Agent) Traffic Aggregation and Intelligence (GigaVUE V Series) Orchestration () Elastic and Automated Visibility (Automatic Target Selection) Benefits A user space agent deployed in the elastic compute cloud (EC2) instance to mirror selected traffic and deliver to GigaVUE V Series visibility nodes Single agent that can replace multiple vendor agents to consistently access and forward traffic Visibility node [available as an Amazon Machine Image (AMI)] that aggregates traffic from multiple agents lies intelligence and optimization to the aggregated traffic Flow Mapping Select and filter traffic Slicing Reduce packet size at a specified offset to conserve network backhaul Sampling Conserve network backhaul by selecting packet rates, for ex. 1 in 10 or 1 in 100 Masking Can provide compliancy and privacy of the traffic by masking specific offsets Distributes optimized traffic to cloud-based tools or backhaul to on-premise Gigamon Visibility Platform using standard IP GRE Tunnels Centralized management application can be deployed either on-premise or in the cloud Defines traffic policies using simple drag-n-drop UI Integrates with APIs for EC2 inventory and network topology Monitors CloudWatch events to identify EC2 instances spin-up Elastically scales-out GigaVUE V Series nodes based on traffic access points Automatically selects new EC2 instances as part of traffic policies Allows for continuous and automated visibility, while identifying any lateral propagation of threats In support of flexible deployment models, the Gigamon Visibility Platform for provides pervasive visibility into data in motion across the entire enterprise: on-premise, remote sites, public, private, and hybrid clouds. Visibility Deployment Architecture Most deployments in use private IP addresses for EC2 instances within a, thereby shielding public or elastic IP access to the instances. To support multiple and flexible deployment models (hybrid, single, multi-) at scale and to control the agents (G-vTAP) and visibility nodes (V Series) within a, the Gigamon Visibility Platform supports a controller-based architecture to proxy the command-and-control APIs while preserving existing NAT or IP Addressing schemes. EC2 APIs Amazon CloudWatch Integration G-vTAP Controller G-vTAPs GigaVUE V Series Controller The command-and-control proxy components are: 1. G-vTAP Controller Controller AMI to proxy commands from to the G-vTAP agents. 2. GigaVUE V Series Controller Controller AMI to proxy commands from to the GigaVUE V Series nodes. Tunneling Target VM app to be monitored Tools Monitored data traffic Control traffic 3

Requirements for the Gigamon Visibility Platform Components Table 1: EC2 Computing Requirements for the Solution Solution Component Minimum EC2 Instance Type Description G-vTAP Agent t2.medium with additional ENI Available as rpm or debian package. Additional ENI (Elastic Network Interface) is required for the mirrored/monitored traffic. G-vTAP Controller t2.medium Based on the number of agents being monitored, multiple controllers will be required to scale out horizontally. V Series Node c4.large (2 ENIs) c4.large supports throughput up to 500 Mbps. ENI 1: Monitored Network IP (mirrored traffic from G-vTAP) ENI 2: Tunnel IP (traffic to tools or on prem GigaVUE H/W) ENI 2: Management IP (commands from the controller) V Series Controller t2.medium Based on the number of GigaVUE V Series nodes being monitored, multiple controllers will be required to scale out horizontally. m4.large 40GB root disk 40GB data disk needs to be able to access both the controller instances for relaying the commands. automatically spins up additional EC2 instances for GigaVUE V Series nodes based on a pre-defined configuration in the user interface. For on-premise requirements and ordering information, please refer to the Data Sheet. Table 2: Recommended EC2 Computing Requirements for the Visibility Platform Platform Component 100 Virtual TAP Points 1000 Virtual TAP Points 1 m4.large 1 m4.xlarge G-vTAP Controller 1 t2.medium 10 t2.medium GigaVUE V Series Nodes 2 c4.large 20 c4.large GigaVUE V Series Controller 1 t2.medium 2 t2.medium Based on the number of virtual TAP points, GigaVUE V Series nodes will be auto-launched by fabric manager. Refer to the Gigamon Visibility Platform for Getting Started Guide for deployment instructions for the visibility components of. Customers can access this guide in our Customer Portal. Support and Services Gigamon offers a range of support and maintenance services. For details regarding Gigamon s Limited Warranty and its Product Support and Software Maintenance Programs, visit www.gigamon.com/support-and-services/overview-and-benefits 4

Ordering Information, Renewals The Visibility Platform is activated using a Term Bring Your Own License (BYOL). Table 3: Part Numbers for the Solution Part Number GFM--100 GFM--1000 Description Monthly Term license for traffic visibility up to 100 virtual TAP points in. Min Term is 3 months with a max of 12 months Monthly Term license for traffic visibility up to 1000 virtual TAP Points in. Min Term is 3 months with a max of 12 months Note: 1. Virtual TAP Point: Any end point from which traffic can be mirrored using the G-vTAP agent, for example, an Elastic Network Interface (ENI) in a EC2 instance. A single Amazon Machine Image (AMI) could have multiple ENIs that can be tapped. For example, if a application uses 10 EC2 instances with 2 ENIs each, then the total Virtual Tap Points are 20. 2. Try-and-Buy: To try Visibility for 10 vtaps for 30-days, launch as a community AMI or download it from the Gigamon customer portal. Refer to the ordering section to purchase additional term-based visibility. 3. Licensing: Licenses are activated from. 4. Renewal: notifies the customer of term license expiration with advance notice of 30 days. Contact Gigamon for renewals. Gigamon and the Gigamon logo are trademarks of Gigamon in the United States and/or other countries. Gigamon trademarks can be found at www.gigamon.com/legal-trademarks. All other trademarks are the trademarks of their respective owners. Gigamon reserves the right to change, modify, transfer, or otherwise revise this publication without notice. 4095-02 03/17 3300 Olcott Street, Santa Clara, CA 95054 USA +1 (408) 831-4000 www.gigamon.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback