A couple months ago I had a pleasure and honor to attend at the Cloud Field Day 2. One of presenting companies was Gigamon which showed their solutions for public/hybrid cloud. Gigamon was founded in 2004 and their products are physical and virtual network visibility technologies such as network TAP (Terminal Access Point, an external monitoring device that mirrors the traffic that is passing between network nodes), traffic manipulation applications and visibility fabric nodes.
The first time I heard about Gigamon when I was researching products on visibility for VMware workloads (integration with NSX). GigaSMART features such as Adaptive Packet Filtering (filtering and monitoring traffic at virtual network level), Header Stripping (decapsulating VXLAN traffic), SSL/TLS decryption or Masking (hiding private data) provide deep visibility and security in virtual environment. The same features can be used when data is moving from one place to another (data in motion) specially entering, traversing or leaving the cloud. Gigamon Visibility Platform allows protecting and monitoring workloads by existing security operations:
- Intrusion Detection (IDS)
- Advanced Threat Detection (ATD)
- Data Loss Prevention (DLP)
- Forensics and SIEM
Gigamon Visibility Platform for AWS
During CFD2, Sesh Sayani, Director of Product Management presented Gigamon Visibility Platform for Amazon Web Services (AWS). This solution is based on below components:
- G-vTAP agents (offered as a Debian or Redhat Package Manager (RPM) package) deployed on EC2 instances that mirror traffic (using GRE or VXLAN tunneling) to the V Series nodes and providing possibility to "aggregate" functions and removing multi-agents requirement (when various security tools are used).
- GigaVUE V Series for traffic aggregation, intelligence and distribution.
- G-vTAP Controller manages multiple G-vTAP agents and orchestrates the flow of mirrored traffic to GigaVUE V Series nodes.
- GigaVUE Fabric Manager (GigaVUE-FM) for centralized orchestration and management - single-pane-of-glass visualization of the Gigamon Visibility Platform deployed across the enterprise, not only AWS but on-premises, private, and hybrid cloud.
The Visibility Platform for AWS provides a consistent way to access network traffic within and across VPCs.There are two types of deployment:
- Single VPC - G-vTAP Controllers, GigaVUE V Series Controllers, GigaVUE V Series nodes and GigaVUE-FM configured in the same VPC as the monitoring tools.
- Multiple VPCs - G-vTAP Controllers, GigaVUE V Series Controllers, and GigaVUE V Series nodes configured within each availability zone, and in multiple VPCs.
Additionally, in hybrid cloud deplyments the Gigamon Visibility Platform for AWS distributes the aggregated and optimized traffic from VPCs to the on-premise monitoring tools through a tunnel over the existing VPN connections.
To see demo, please watch below video: