SlideShare a Scribd company logo

Visibility and Automation for Enhanced Security

P
patmisasi

The document discusses the increasing need for pervasive visibility in network security due to evolving threats and changes in traffic patterns, particularly with the shift towards a zero trust security model. It emphasizes the gaps in traditional security approaches, highlighting the importance of advanced monitoring solutions such as Gigamon's visibility fabric to provide comprehensive insights and improve security effectiveness. Ultimately, the document argues that a programmable visibility architecture is essential for managing modern network complexities and ensuring robust security measures.

Technology
Related topics:
IT Security
1 of 27
Downloaded 121 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
Visibility and Automation for Enhanced Security VP, Product Line Management Ananda Rajagopal
3©2015 Gigamon. All rights reserved. Pervasive Monitoring for Pervasive Visibility WHAT IS DRIVING THIS EMERGING NEED? • Increasing Security Threats • “Zero Trust” Security model: network traffic monitoring • Distributed applications create east-west traffic patterns • Dynamically changing traffic patterns demand better visibility • Maintain visibility through emerging network architecture changes • E.g. White Box, SDN, VMware NSX, Cisco ACI, OpenFlow • Eliminate blind spots due to new encapsulations, encryption* • E.g. VXLAN, SSL traffic Security, Distributed Apps, SDN, New Blind Spots Driving Pervasive Monitoring * ‘Avoid These "Dirty Dozen" Network Security Worst Practices’, Andrew Lerner and Jeremy D'Hoinne, Gartner, January 2015
4©2015 Gigamon. All rights reserved. Gaps in Traditional Security Model Perimeter or Endpoint Based Simple Trust Model Static Environment • Inside vs. outside • Focus on prevention • Trusted vs Un-trusted • Corporate vs. personal asset • Fixed locations, zones, perimeters • Rule based • Signature based • Insider-outsider boundary dissolved • BYOD • Mobility of users, devices and applications
5©2015 Gigamon. All rights reserved. ©2015 Gigamon. All rights reserved. Gaps in Traditional Security Model Perimeter or Endpoint Based Simple Trust Model Static Environment • Inside vs. outside • Focus on prevention • Trusted vs Un-trusted • Corporate vs. personal asset • Fixed locations, zones, perimeters • Rule based • Signature based • Insider-outsider boundary dissolved • BYOD • Mobility of users, devices and applications More importantly … THE VERY NATURE OF CYBER THREATS HAS CHANGED!
6©2015 Gigamon. All rights reserved. Source: RSA Anatomy of an Advanced Persistent Threat (APT) 65432 In Many Cases the System Stays Breached After Exfiltration! Phishing & zero day attack Back door Lateral movement Data gathering Exfiltrate 1 Reconnaissance
7©2015 Gigamon. All rights reserved. *Trustwave 2014 global security report **FireEye: Maginot revisited Current State of Global Security The mean number of days from initial intrusion to detection* The average lifespan of a zero-day before it is discovered or disclosed* of organizations had active Command & Control (C&C) communications** of organizations in the study were breached during the test period**
8©2015 Gigamon. All rights reserved. Internet Firewall DMZ IPS Spine Leaf IDS Server Farm Core Switch What Else Has Changed That Impacts Security? FUNDAMENTAL SHIFT IN TRAFFIC PATTERNS No visibility into lateral propagation of threats!
9©2015 Gigamon. All rights reserved. What Else Has Changed That Impacts Security? DISSOLVING BOUNDARIES BETWEEN THE EDGE AND THE DATA CENTER Internet Firewall DMZ IPS Spine Leaf IDS Server Farm Core Switch Virtual Desktop
10©2015 Gigamon. All rights reserved. What Else Has Changed That Impacts Security? MOBILITY Internet Firewall DMZ IPS Spine Leaf IDS Server Farm Core Switch Virtual Desktop
11©2015 Gigamon. All rights reserved. Visibility: Catalyst for the Right Security Architecture WHAT IS NEEDED? Deliver network wide view, regardless of mobility Take the guesswork out of where to place security tools! Condense large volumes of data into manageable data Peek into encrypted traffic
12©2015 Gigamon. All rights reserved. • Proliferation of tools • Contention for access to traffic • Extraordinary costs • Inconsistent view of traffic • Model breaks down during a network upgrade The Spaghetti of Today’s Monitoring Infrastructure WHY HAS IT NOT BEEN DONE YET? Core Switches Access Switches Internet Internet Distribution Switches ANTI- MALWARE SIEM DLP IDS IPS FORENSICS APT ANALYTIC S
13©2015 Gigamon. All rights reserved. Example Security Delivery Architecture OFFERED BY GIGAMON TODAY Leaf switch Spine switch Spine switch Core switch Core switch Leaf switch APM IPS (Inline) Anti-Malware (Inline) Network Forensics Web Analytics SIEM DLP IDS APT Detection Security Tool Rack GigaVUE-VM Inline Bypass SSL Decryption NetFlow Generation GigaVUE-FM
14©2015 Gigamon. All rights reserved. Third Party Applications, SDN Controller Integration, etc… Applications & Tools Infrastructure, User Community Unified Visibility Fabric™ FOR PERVASIVE VISIBILITY INTO BUSINESS INFRASTRUCTURE Traffic Intelligence Visibility Fabric Nodes (Pervasive visibility across physical, virtual, remote sites, and future SDN/NFV production networks) Fabric Services Flow Mapping® Fabric Control (Management) Applications Inline Bypass GigaVUE-HD8 GigaVUE-HD4 GigaVUE-HB1 GigaVUE-HC2 HSeries TASeries GigaVUE-TA1 GigaVUE-OS on white box* VirtualVisibility GigaVUE-VM TAPs G-TAP G-TAP A Series G-TAP BiDi Embedded TAPs GSeries GigaVUE-2404 GigaVUE-420 G-SECURE-0216 Deduplication Packet Slicing FlowVUE™ Masking GTP Correlation Header Stripping NetFlow Generation Tunneling SSL Decryption Adaptive Packet Filtering GigaVUE-FM Clustering API API API API API
15©2015 Gigamon. All rights reserved. Physical • Service chain GigaSMART® applications • Leverage hybrid port capability • Create flexible service chains Advanced Traffic Intelligence Using GigaSMART MULTIPLE APPLICATIONS CAN BE SERVICE CHAINED TOGETHER Flow Mapping® Tunnel Termination SSL Decryption Adaptive Packet Filtering Virtual GigaVUE-VM GigaVUE-VM Remote site traffic to DLP Web Server Connect Requests to NPM / CEM East-West traffic between virtual workloads to IDS
Visibility Fabric: A Customer’s Journey A Programmable Fabric to Detect, React and Respond 16
17©2015 Gigamon. All rights reserved. The Customer Journey Visibility Enables Consolidation & Optimization Cost, Network & Tool Efficiency, Traffic Productivity Visibility Fabric: Physical & Virtual Nodes Ability to Manage Fabric Clusters Themes Pain Point/ Value Business Value Gigamon Solutions Best Practices Visibility Assures Security & Compliance Risk Management: Compliance, Security, Privacy, Data Integrity Visibility Platform Ability to Tie IT Teams Together Visibility Delivers Insight & Action Business Agility to Anticipate, React, and Respond Active Visibility: Detect & Respond Ability to Have the Platform Act as a Real-time Sensor CAPEX OPEX ASSURANCE CAPEX OPEX ASSURANCE CAPEX OPEX AGILITY + + Stages of Customer Adoption and Maturity
18©2015 Gigamon. All rights reserved. DAY 1 ROI ASSURED! NPM NPM NPM NPM Edge Switches Internet Routers Core Switches Distribution Switches Case Study: Large Utility 18 $6.25M $3.1M NPM NPM NPM NPM NPM NPM NPM NPM NPM NPM NPM NPM  New data center with NPM deployment  Original Quote for NPM: $6.25M  Rejected by Utility’s Budget Approvers  NPM + Gigamon: $3.1M  Results: 1. Better deployment 2. Improved 4-5 additional tools 3. Visibility Fabric architecture now in place 4. 50% savings in CAPEX
Software Defined Visibility Programmable Fabric 19
20©2015 Gigamon. All rights reserved. The Case for a Programmable Visibility Fabric USE CASE: SECURITY (PROVISIONING AND NOTIFICATIONS) ‘Suspicious’ Pattern • Generate NetFlow • Change Flow Map • Decrypt SSL APIs Software Defined Data Center Virtual Workloads Production Network Internet Security Tools and Analytics GigaVUE-FM APIs to Provision Visibility Fabric™
21©2015 Gigamon. All rights reserved. The Case for a Programmable Visibility Fabric USE CASE – INVENTORY, ANALYTICS, PROVISIONING AND ADMINISTRATION Customer / Partner Applications (Auto Provisioning) GigaVUE-FM Production Network Tools and Analytics Application Performance Network Management • Configure Network Port • Create / Update Flow Map APIsAPIs Customer Application (CMDB) Vendor APIs (Inventory, Stats) Use Case 2 (Inventory/Stats): • Heterogeneous monitoring • Reporting • Capacity Planning Use Case 3 (Ticketing/Provisioning): • Configure network port • Monitor new IP subnet / VLANs • Upgrade SW image • Get Inventory / Status • Get Statistics Security APIs to Provision Visibility Fabric
22©2015 Gigamon. All rights reserved. The Case for a Programmable Visibility Fabric USE CASE – PRIVATE CLOUD PROVISIONING Software Defined Data Center Virtual Workloads Internet Use Case 4 (Private Cloud Orchestration): 1. Create new Workloads / VMs 2. Enable Virtual Visibility vCenter APIs vCenter APIs APIs • Deploy GigaVUE-VM • Create Traffic Policies GigaVUE-FM Production Network Tools and Analytics Application Performance Network Management Security APIs to Provision Visibility Fabric™
23©2015 Gigamon. All rights reserved. The Programmable Fabric AGILE VISIBILITY FABRIC Inventory Provisioning Analytics Notifications Administration Inventory / Orchestration (OSS, Homegrown) SDN Controllers (OpenStack, NSX, ODL) Monitoring Tools (NPM, APM, SEIM) North Bound Integration (NBI) APIs . . . . . . GigaVUE-FM
About Gigamon 24
25©2015 Gigamon. All rights reserved. As of Q4 2014 Gigamon Customers Today A BROAD SPECTRUM OF BRAND-NAME CUSTOMERS Enterprise TECHNOLOGY INDUSTRIAL RETAIL FINANCE HEALTHCARE & INSURANCE GOVERNMENT 50 of the Top 100 Global SPs Service Providers 1600+ End Customers 67 of the Fortune-100
26©2015 Gigamon. All rights reserved. The Complete Visibility Ecosystem INTEROPERABILITY WITH ANY TOOL AND ANY NETWORK
27©2015 Gigamon. All rights reserved. • One architecture, One Software, One Management Platform for all visibility • Holistic Physical + Virtual Visibility • Zero packet loss through patented hardware filtering and asymmetric reassembly • Clustering: Extend scale beyond a single node • GigaSMART: Common platform for advanced traffic intelligence, service chaining • Best De-duplication in the market: 100x better • Only vendor with advanced visibility: SSL Decryption, Adaptive Packet Filtering, … • High fidelity NetFlow for advanced traffic insight • Advanced Traffic Visualization and Automation with GigaVUE-FM • Multi-tiered security architecture vs. standalone bypass Why Gigamon? PROVEN ACROSS MORE THAN 1600 CUSTOMERS INCLUDING 67 FORTUNE 100
28©2015 Gigamon. All rights reserved. VISIBILITY MATTERS

More Related Content

PPTX
Harnessing the Power of Metadata for Security
John Pollack
 
PPT
Gigamon Systems Case Studies
gigamon
 
PDF
Intent Based Networking: turning intentions into reality with network securit...
shira koper
 
PPTX
NetScout nGeniusONE overview
BAKOTECH
 
PDF
End to End Application Visibility and Troubleshooting Across the Virtual Clou...
NETSCOUT
 
PPTX
Close your security gaps and get 100% of your traffic protected with Cloudflare
Cloudflare
 
PPTX
Cloud vs. On-Premises Security: Can you afford not to switch?
Zscaler
 
PPTX
The evolution of IT in a cloud world
Zscaler
 
Harnessing the Power of Metadata for Security
John Pollack
 
Gigamon Systems Case Studies
gigamon
 
Intent Based Networking: turning intentions into reality with network securit...
shira koper
 
NetScout nGeniusONE overview
BAKOTECH
 
End to End Application Visibility and Troubleshooting Across the Virtual Clou...
NETSCOUT
 
Close your security gaps and get 100% of your traffic protected with Cloudflare
Cloudflare
 
Cloud vs. On-Premises Security: Can you afford not to switch?
Zscaler
 
The evolution of IT in a cloud world
Zscaler
 

What's hot (20)

PDF
Three Key Steps for Moving Your Branches to the Cloud
Zscaler
 
PPTX
Migration to microsoft_azure_with_zscaler
Zscaler
 
PPTX
Cisco Security DNA
Matteo Masi
 
PDF
Netpluz corp presentation 2020
Netpluz Asia Pte Ltd
 
PDF
Cybersecurity and continuous intelligence
NISIInstituut
 
PDF
Cisco Connect Toronto 2018 DNA assurance
Cisco Canada
 
PPTX
Fortinet Perspectiva Coporativa
Suministros Obras y Sistemas
 
PDF
NETSCOUT Threat Intelligence Report: Findings Summary 1st half of 2018
NETSCOUT
 
PPTX
3 reasons-sdp-is-replacing-vpn-in-2019
Zscaler
 
PPTX
Fight bad bot on the internet
Cloudflare
 
PDF
PLNOG14: Firewalls In Modern Data Centers - Piotr Wojciechowski
PROIDEA
 
PPTX
Three ways-zero-trust-security-redefines-partner-access-ch
Zscaler
 
PDF
Cisco connect winnipeg 2018 introducing the network intuitive
Cisco Canada
 
PPTX
Kentik and Cloudflare Partner to Mitigate Advanced DDoS Attacks
Cloudflare
 
PPTX
Maximize your cloud app control with Microsoft MCAS and Zscaler
Ankit Dua
 
PPTX
Ma story then_now_webcast_10_17_18
Zscaler
 
PDF
NETSCOUT Threat Intelligence Report 1H 2019: Cybercrime’s Innovation Machine
NETSCOUT
 
PDF
06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMware
VMUG IT
 
PPTX
Digital Transformation - Cisco's Journey
Cisco Canada
 
PDF
Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...
Cisco Canada
 
Three Key Steps for Moving Your Branches to the Cloud
Zscaler
 
Migration to microsoft_azure_with_zscaler
Zscaler
 
Cisco Security DNA
Matteo Masi
 
Netpluz corp presentation 2020
Netpluz Asia Pte Ltd
 
Cybersecurity and continuous intelligence
NISIInstituut
 
Cisco Connect Toronto 2018 DNA assurance
Cisco Canada
 
Fortinet Perspectiva Coporativa
Suministros Obras y Sistemas
 
NETSCOUT Threat Intelligence Report: Findings Summary 1st half of 2018
NETSCOUT
 
3 reasons-sdp-is-replacing-vpn-in-2019
Zscaler
 
Fight bad bot on the internet
Cloudflare
 
PLNOG14: Firewalls In Modern Data Centers - Piotr Wojciechowski
PROIDEA
 
Three ways-zero-trust-security-redefines-partner-access-ch
Zscaler
 
Cisco connect winnipeg 2018 introducing the network intuitive
Cisco Canada
 
Kentik and Cloudflare Partner to Mitigate Advanced DDoS Attacks
Cloudflare
 
Maximize your cloud app control with Microsoft MCAS and Zscaler
Ankit Dua
 
Ma story then_now_webcast_10_17_18
Zscaler
 
NETSCOUT Threat Intelligence Report 1H 2019: Cybercrime’s Innovation Machine
NETSCOUT
 
06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMware
VMUG IT
 
Digital Transformation - Cisco's Journey
Cisco Canada
 
Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...
Cisco Canada
 
Ad

Viewers also liked (20)

PDF
Gigamon 1Q15 Investor Relations Presentation
InvestorRelations
 
PPTX
Giga vue hb1 event rolling presentation-final-1
Christopher Lee
 
PPTX
Wireless Investigations using Xplico
Chris Harrington
 
PPTX
Eyeing the Onion
bsidesaugusta
 
PDF
Security Onion: peeling back the layers of your network in minutes
bsidesaugusta
 
PPTX
Detecting Malicious SSL Certificates Using Bro
Andrew Beard
 
PPTX
Optimizing your google local listing for search
WebFX
 
PDF
Wired Update 7 22 09
bigalgonzo
 
PPT
Gigamon GigaVue 2404 Hardware Tour
Bill Sipovic
 
PDF
Q1 fy15 earnings call slides draft 9-3-2014
Jo Thorgen
 
PDF
Gigamon U - Real Time Real Clear, Real Time Solutions for Today’s Application...
Grant Swanson
 
PPT
Fujitsu Iccad Presentation--Enable 100G
kennliu
 
PPTX
Everything you wanted to know about cabling but were afraid to ask
Emulex Corporation
 
PPTX
WebEx Avago Presentation for Eccolo Media 2010
Matthew McHale
 
PPS
Gigamon Systems GigaVUE-420 Hardware Tour
gigamon_systems
 
PPT
2013 datwyler training 4 fibre product overview - info tech middle east
Ali Shoaee
 
PPTX
NetScout Systems corporate overview
BAKOTECH
 
PPT
Gigamon GigaVue 420 Hardware Tour
Bill Sipovic
 
PDF
Metro High-Speed Product Line Manager
CPqD
 
PPT
Gigamon Systems
gigamon
 
Gigamon 1Q15 Investor Relations Presentation
InvestorRelations
 
Giga vue hb1 event rolling presentation-final-1
Christopher Lee
 
Wireless Investigations using Xplico
Chris Harrington
 
Eyeing the Onion
bsidesaugusta
 
Security Onion: peeling back the layers of your network in minutes
bsidesaugusta
 
Detecting Malicious SSL Certificates Using Bro
Andrew Beard
 
Optimizing your google local listing for search
WebFX
 
Wired Update 7 22 09
bigalgonzo
 
Gigamon GigaVue 2404 Hardware Tour
Bill Sipovic
 
Q1 fy15 earnings call slides draft 9-3-2014
Jo Thorgen
 
Gigamon U - Real Time Real Clear, Real Time Solutions for Today’s Application...
Grant Swanson
 
Fujitsu Iccad Presentation--Enable 100G
kennliu
 
Everything you wanted to know about cabling but were afraid to ask
Emulex Corporation
 
WebEx Avago Presentation for Eccolo Media 2010
Matthew McHale
 
Gigamon Systems GigaVUE-420 Hardware Tour
gigamon_systems
 
2013 datwyler training 4 fibre product overview - info tech middle east
Ali Shoaee
 
NetScout Systems corporate overview
BAKOTECH
 
Gigamon GigaVue 420 Hardware Tour
Bill Sipovic
 
Metro High-Speed Product Line Manager
CPqD
 
Gigamon Systems
gigamon
 
Ad

Similar to Visibility and Automation for Enhanced Security (20)

PPTX
Securing Beyond the Cloud Generation
Forcepoint LLC
 
PPTX
Wavefront presentation-May-2019
Anil Gupta (AJ) - vExpert
 
PPTX
Sam Herath - Six Critical Criteria for Cloud Workload Security
centralohioissa
 
PDF
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Canada
 
PDF
Presentation cloud security the grand challenge
xKinAnx
 
PDF
THE ESSENTIAL ELEMENT OF YOUR SECURITY
ETDAofficialRegist
 
PDF
Smau Padova 2018 - Cisco
SMAU
 
PPTX
Rethinking Cybersecurity for the Digital Transformation Era
Zscaler
 
PDF
2021 01-27 reducing risk of ransomware webinar
AlgoSec
 
PDF
Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...
NetworkCollaborators
 
PPTX
Key Elements of a Security Delivery Platform
John Pollack
 
PDF
Extend Network Visibility and Secure Applications and Data in Azure
Fidelis Cybersecurity
 
PPTX
End-to-end Assurance for SD-WAN & SASE with ThousandEyes
ThousandEyes
 
PDF
Advanced threat security - Cyber Security For The Real World
Cisco Canada
 
PDF
cisco-20meraki-20overview-20-285-29-140501114803-phpapp01
Sergiy Pitel
 
PDF
Cisco Meraki Overview | Voyager Networks
NTS UK - Part of Capita
 
PPTX
Alpha & Omega's Managed Security
Darryl Santa
 
PPT
Palo alto networks next generation firewalls
Castleforce
 
PPTX
Identity privacy and data protection in the cloud – what is being done is it ...
Mark Skilton
 
PPTX
Segurdad de red para la generacion de la nube symantec
CSA Argentina
 
Securing Beyond the Cloud Generation
Forcepoint LLC
 
Wavefront presentation-May-2019
Anil Gupta (AJ) - vExpert
 
Sam Herath - Six Critical Criteria for Cloud Workload Security
centralohioissa
 
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Canada
 
Presentation cloud security the grand challenge
xKinAnx
 
THE ESSENTIAL ELEMENT OF YOUR SECURITY
ETDAofficialRegist
 
Smau Padova 2018 - Cisco
SMAU
 
Rethinking Cybersecurity for the Digital Transformation Era
Zscaler
 
2021 01-27 reducing risk of ransomware webinar
AlgoSec
 
Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...
NetworkCollaborators
 
Key Elements of a Security Delivery Platform
John Pollack
 
Extend Network Visibility and Secure Applications and Data in Azure
Fidelis Cybersecurity
 
End-to-end Assurance for SD-WAN & SASE with ThousandEyes
ThousandEyes
 
Advanced threat security - Cyber Security For The Real World
Cisco Canada
 
cisco-20meraki-20overview-20-285-29-140501114803-phpapp01
Sergiy Pitel
 
Cisco Meraki Overview | Voyager Networks
NTS UK - Part of Capita
 
Alpha & Omega's Managed Security
Darryl Santa
 
Palo alto networks next generation firewalls
Castleforce
 
Identity privacy and data protection in the cloud – what is being done is it ...
Mark Skilton
 
Segurdad de red para la generacion de la nube symantec
CSA Argentina
 

More from patmisasi (20)

PDF
Scalar Managed Infrastructure Services Overview
patmisasi
 
PDF
Scalar Corporate Overview FY17 patmisasi
patmisasi
 
PDF
Scalar Cloud Consulting Advisory Services
patmisasi
 
PDF
Scalar Cisco Hyperflex Presentation, May 13 2016, Part III: Scalar Lunch & Le...
patmisasi
 
PPTX
Task Incident Readiness with Veris, Judy Nowak at TASK Toronto, April 27, 2...
patmisasi
 
PDF
Keys-to-Success-and-Security-in-the-Cloud
patmisasi
 
PDF
Scalar_Managed_Security_Services_2016
patmisasi
 
PDF
2016 Scalar Security Study Executive Summary
patmisasi
 
PDF
Scalar Whiteboard
patmisasi
 
PDF
Top 10 Executive IT concerns in 2016
patmisasi
 
PDF
Top Executive IT concerns in 2016
patmisasi
 
PDF
Power of Leasing for Pat Misasi at Scalar
patmisasi
 
PDF
Scalar_Security_Overview October 2015
patmisasi
 
PDF
ScalarTASK_One-Pager_FINAL
patmisasi
 
PDF
2015 Scalar Security Study Executive Summary
patmisasi
 
PDF
corp-overview-about-us-FY15
patmisasi
 
PDF
Scalar Decisions: Emerging Trends and Technologies in Storage
patmisasi
 
PDF
F5 Synthesis Toronto February 2014 Roadshow
patmisasi
 
PDF
Vdi storage challenges_presented at vmug_toronto 2014 by scalar decisions
patmisasi
 
PDF
Scalar Decisions Sunnybrook Health Sciences VDI Case Study
patmisasi
 
Scalar Managed Infrastructure Services Overview
patmisasi
 
Scalar Corporate Overview FY17 patmisasi
patmisasi
 
Scalar Cloud Consulting Advisory Services
patmisasi
 
Scalar Cisco Hyperflex Presentation, May 13 2016, Part III: Scalar Lunch & Le...
patmisasi
 
Task Incident Readiness with Veris, Judy Nowak at TASK Toronto, April 27, 2...
patmisasi
 
Keys-to-Success-and-Security-in-the-Cloud
patmisasi
 
Scalar_Managed_Security_Services_2016
patmisasi
 
2016 Scalar Security Study Executive Summary
patmisasi
 
Scalar Whiteboard
patmisasi
 
Top 10 Executive IT concerns in 2016
patmisasi
 
Top Executive IT concerns in 2016
patmisasi
 
Power of Leasing for Pat Misasi at Scalar
patmisasi
 
Scalar_Security_Overview October 2015
patmisasi
 
ScalarTASK_One-Pager_FINAL
patmisasi
 
2015 Scalar Security Study Executive Summary
patmisasi
 
corp-overview-about-us-FY15
patmisasi
 
Scalar Decisions: Emerging Trends and Technologies in Storage
patmisasi
 
F5 Synthesis Toronto February 2014 Roadshow
patmisasi
 
Vdi storage challenges_presented at vmug_toronto 2014 by scalar decisions
patmisasi
 
Scalar Decisions Sunnybrook Health Sciences VDI Case Study
patmisasi
 

Recently uploaded (20)

PDF
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
PDF
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
PPTX
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
PDF
Encapsulation theory and applications.pdf
gurumoop
 
PDF
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
PDF
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
PDF
KodekX | Application Modernization Development
KodekX
 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PDF
Bridging biosciences and deep learning for revolutionary discoveries: a compr...
IAESIJAI
 
PPTX
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PDF
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
PDF
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PDF
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PDF
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
Encapsulation theory and applications.pdf
gurumoop
 
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
Cloud computing and distributed systems.
kkkkkhan
 
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
KodekX | Application Modernization Development
KodekX
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
Bridging biosciences and deep learning for revolutionary discoveries: a compr...
IAESIJAI
 
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 

Visibility and Automation for Enhanced Security

  • 1. Visibility and Automation for Enhanced Security VP, Product Line Management Ananda Rajagopal
  • 2. 3©2015 Gigamon. All rights reserved. Pervasive Monitoring for Pervasive Visibility WHAT IS DRIVING THIS EMERGING NEED? • Increasing Security Threats • “Zero Trust” Security model: network traffic monitoring • Distributed applications create east-west traffic patterns • Dynamically changing traffic patterns demand better visibility • Maintain visibility through emerging network architecture changes • E.g. White Box, SDN, VMware NSX, Cisco ACI, OpenFlow • Eliminate blind spots due to new encapsulations, encryption* • E.g. VXLAN, SSL traffic Security, Distributed Apps, SDN, New Blind Spots Driving Pervasive Monitoring * ‘Avoid These "Dirty Dozen" Network Security Worst Practices’, Andrew Lerner and Jeremy D'Hoinne, Gartner, January 2015
  • 3. 4©2015 Gigamon. All rights reserved. Gaps in Traditional Security Model Perimeter or Endpoint Based Simple Trust Model Static Environment • Inside vs. outside • Focus on prevention • Trusted vs Un-trusted • Corporate vs. personal asset • Fixed locations, zones, perimeters • Rule based • Signature based • Insider-outsider boundary dissolved • BYOD • Mobility of users, devices and applications
  • 4. 5©2015 Gigamon. All rights reserved. ©2015 Gigamon. All rights reserved. Gaps in Traditional Security Model Perimeter or Endpoint Based Simple Trust Model Static Environment • Inside vs. outside • Focus on prevention • Trusted vs Un-trusted • Corporate vs. personal asset • Fixed locations, zones, perimeters • Rule based • Signature based • Insider-outsider boundary dissolved • BYOD • Mobility of users, devices and applications More importantly … THE VERY NATURE OF CYBER THREATS HAS CHANGED!
  • 5. 6©2015 Gigamon. All rights reserved. Source: RSA Anatomy of an Advanced Persistent Threat (APT) 65432 In Many Cases the System Stays Breached After Exfiltration! Phishing & zero day attack Back door Lateral movement Data gathering Exfiltrate 1 Reconnaissance
  • 6. 7©2015 Gigamon. All rights reserved. *Trustwave 2014 global security report **FireEye: Maginot revisited Current State of Global Security The mean number of days from initial intrusion to detection* The average lifespan of a zero-day before it is discovered or disclosed* of organizations had active Command & Control (C&C) communications** of organizations in the study were breached during the test period**
  • 7. 8©2015 Gigamon. All rights reserved. Internet Firewall DMZ IPS Spine Leaf IDS Server Farm Core Switch What Else Has Changed That Impacts Security? FUNDAMENTAL SHIFT IN TRAFFIC PATTERNS No visibility into lateral propagation of threats!
  • 8. 9©2015 Gigamon. All rights reserved. What Else Has Changed That Impacts Security? DISSOLVING BOUNDARIES BETWEEN THE EDGE AND THE DATA CENTER Internet Firewall DMZ IPS Spine Leaf IDS Server Farm Core Switch Virtual Desktop
  • 9. 10©2015 Gigamon. All rights reserved. What Else Has Changed That Impacts Security? MOBILITY Internet Firewall DMZ IPS Spine Leaf IDS Server Farm Core Switch Virtual Desktop
  • 10. 11©2015 Gigamon. All rights reserved. Visibility: Catalyst for the Right Security Architecture WHAT IS NEEDED? Deliver network wide view, regardless of mobility Take the guesswork out of where to place security tools! Condense large volumes of data into manageable data Peek into encrypted traffic
  • 11. 12©2015 Gigamon. All rights reserved. • Proliferation of tools • Contention for access to traffic • Extraordinary costs • Inconsistent view of traffic • Model breaks down during a network upgrade The Spaghetti of Today’s Monitoring Infrastructure WHY HAS IT NOT BEEN DONE YET? Core Switches Access Switches Internet Internet Distribution Switches ANTI- MALWARE SIEM DLP IDS IPS FORENSICS APT ANALYTIC S
  • 12. 13©2015 Gigamon. All rights reserved. Example Security Delivery Architecture OFFERED BY GIGAMON TODAY Leaf switch Spine switch Spine switch Core switch Core switch Leaf switch APM IPS (Inline) Anti-Malware (Inline) Network Forensics Web Analytics SIEM DLP IDS APT Detection Security Tool Rack GigaVUE-VM Inline Bypass SSL Decryption NetFlow Generation GigaVUE-FM
  • 13. 14©2015 Gigamon. All rights reserved. Third Party Applications, SDN Controller Integration, etc… Applications & Tools Infrastructure, User Community Unified Visibility Fabric™ FOR PERVASIVE VISIBILITY INTO BUSINESS INFRASTRUCTURE Traffic Intelligence Visibility Fabric Nodes (Pervasive visibility across physical, virtual, remote sites, and future SDN/NFV production networks) Fabric Services Flow Mapping® Fabric Control (Management) Applications Inline Bypass GigaVUE-HD8 GigaVUE-HD4 GigaVUE-HB1 GigaVUE-HC2 HSeries TASeries GigaVUE-TA1 GigaVUE-OS on white box* VirtualVisibility GigaVUE-VM TAPs G-TAP G-TAP A Series G-TAP BiDi Embedded TAPs GSeries GigaVUE-2404 GigaVUE-420 G-SECURE-0216 Deduplication Packet Slicing FlowVUE™ Masking GTP Correlation Header Stripping NetFlow Generation Tunneling SSL Decryption Adaptive Packet Filtering GigaVUE-FM Clustering API API API API API
  • 14. 15©2015 Gigamon. All rights reserved. Physical • Service chain GigaSMART® applications • Leverage hybrid port capability • Create flexible service chains Advanced Traffic Intelligence Using GigaSMART MULTIPLE APPLICATIONS CAN BE SERVICE CHAINED TOGETHER Flow Mapping® Tunnel Termination SSL Decryption Adaptive Packet Filtering Virtual GigaVUE-VM GigaVUE-VM Remote site traffic to DLP Web Server Connect Requests to NPM / CEM East-West traffic between virtual workloads to IDS
  • 15. Visibility Fabric: A Customer’s Journey A Programmable Fabric to Detect, React and Respond 16
  • 16. 17©2015 Gigamon. All rights reserved. The Customer Journey Visibility Enables Consolidation & Optimization Cost, Network & Tool Efficiency, Traffic Productivity Visibility Fabric: Physical & Virtual Nodes Ability to Manage Fabric Clusters Themes Pain Point/ Value Business Value Gigamon Solutions Best Practices Visibility Assures Security & Compliance Risk Management: Compliance, Security, Privacy, Data Integrity Visibility Platform Ability to Tie IT Teams Together Visibility Delivers Insight & Action Business Agility to Anticipate, React, and Respond Active Visibility: Detect & Respond Ability to Have the Platform Act as a Real-time Sensor CAPEX OPEX ASSURANCE CAPEX OPEX ASSURANCE CAPEX OPEX AGILITY + + Stages of Customer Adoption and Maturity
  • 17. 18©2015 Gigamon. All rights reserved. DAY 1 ROI ASSURED! NPM NPM NPM NPM Edge Switches Internet Routers Core Switches Distribution Switches Case Study: Large Utility 18 $6.25M $3.1M NPM NPM NPM NPM NPM NPM NPM NPM NPM NPM NPM NPM  New data center with NPM deployment  Original Quote for NPM: $6.25M  Rejected by Utility’s Budget Approvers  NPM + Gigamon: $3.1M  Results: 1. Better deployment 2. Improved 4-5 additional tools 3. Visibility Fabric architecture now in place 4. 50% savings in CAPEX
  • 19. 20©2015 Gigamon. All rights reserved. The Case for a Programmable Visibility Fabric USE CASE: SECURITY (PROVISIONING AND NOTIFICATIONS) ‘Suspicious’ Pattern • Generate NetFlow • Change Flow Map • Decrypt SSL APIs Software Defined Data Center Virtual Workloads Production Network Internet Security Tools and Analytics GigaVUE-FM APIs to Provision Visibility Fabric™
  • 20. 21©2015 Gigamon. All rights reserved. The Case for a Programmable Visibility Fabric USE CASE – INVENTORY, ANALYTICS, PROVISIONING AND ADMINISTRATION Customer / Partner Applications (Auto Provisioning) GigaVUE-FM Production Network Tools and Analytics Application Performance Network Management • Configure Network Port • Create / Update Flow Map APIsAPIs Customer Application (CMDB) Vendor APIs (Inventory, Stats) Use Case 2 (Inventory/Stats): • Heterogeneous monitoring • Reporting • Capacity Planning Use Case 3 (Ticketing/Provisioning): • Configure network port • Monitor new IP subnet / VLANs • Upgrade SW image • Get Inventory / Status • Get Statistics Security APIs to Provision Visibility Fabric
  • 21. 22©2015 Gigamon. All rights reserved. The Case for a Programmable Visibility Fabric USE CASE – PRIVATE CLOUD PROVISIONING Software Defined Data Center Virtual Workloads Internet Use Case 4 (Private Cloud Orchestration): 1. Create new Workloads / VMs 2. Enable Virtual Visibility vCenter APIs vCenter APIs APIs • Deploy GigaVUE-VM • Create Traffic Policies GigaVUE-FM Production Network Tools and Analytics Application Performance Network Management Security APIs to Provision Visibility Fabric™
  • 22. 23©2015 Gigamon. All rights reserved. The Programmable Fabric AGILE VISIBILITY FABRIC Inventory Provisioning Analytics Notifications Administration Inventory / Orchestration (OSS, Homegrown) SDN Controllers (OpenStack, NSX, ODL) Monitoring Tools (NPM, APM, SEIM) North Bound Integration (NBI) APIs . . . . . . GigaVUE-FM
  • 24. 25©2015 Gigamon. All rights reserved. As of Q4 2014 Gigamon Customers Today A BROAD SPECTRUM OF BRAND-NAME CUSTOMERS Enterprise TECHNOLOGY INDUSTRIAL RETAIL FINANCE HEALTHCARE & INSURANCE GOVERNMENT 50 of the Top 100 Global SPs Service Providers 1600+ End Customers 67 of the Fortune-100
  • 25. 26©2015 Gigamon. All rights reserved. The Complete Visibility Ecosystem INTEROPERABILITY WITH ANY TOOL AND ANY NETWORK
  • 26. 27©2015 Gigamon. All rights reserved. • One architecture, One Software, One Management Platform for all visibility • Holistic Physical + Virtual Visibility • Zero packet loss through patented hardware filtering and asymmetric reassembly • Clustering: Extend scale beyond a single node • GigaSMART: Common platform for advanced traffic intelligence, service chaining • Best De-duplication in the market: 100x better • Only vendor with advanced visibility: SSL Decryption, Adaptive Packet Filtering, … • High fidelity NetFlow for advanced traffic insight • Advanced Traffic Visualization and Automation with GigaVUE-FM • Multi-tiered security architecture vs. standalone bypass Why Gigamon? PROVEN ACROSS MORE THAN 1600 CUSTOMERS INCLUDING 67 FORTUNE 100
  • 27. 28©2015 Gigamon. All rights reserved. VISIBILITY MATTERS