Security Watch: Gigamon transforms security market - champions the Security Delivery Platform

Unveils GigaSECURE® – a Security Delivery Platform that provides pervasive visibility of network traffic and delivers it to multiple security devices simultaneously without impacting network availability

SYDNEY, July 22, 2015 – Gigamon Inc. (NYSE: GIMO), the leader in traffic visibility solutions, today transformed the industry by launching GigaSECURE®, the first Security Delivery Platform that provides pervasive visibility of network traffic, users, applications and suspicious activity, and delivers it to multiple security devices simultaneously without impacting network availability.

As a direct result, third party security appliances are more effective at protection and remediation, and the cost and complexity of security infrastructure is reduced.

“Given the multitude and magnitude of breaches around the world, it is no surprise that the industry needs to re-examine how security is architected and deployed,” said Scott Haugdahl, Senior Architect at Blue Cross Blue and Shield of Minnesota. “A Security Delivery Platform gives security administrators an advantage that they’ve never had until now by allowing them to gain pervasive, multi-tier visibility into malware and breaches within the environment.”

Security Delivery Platform: addressing the threat within

Reversing the asymmetry between the network attacker and defender has been an elusive industry goal. An attacker needs but one vulnerability to exploit, whereas a defender needs to protect all aspects of their infrastructure. Once inside, a cybercriminal often goes unnoticed for months, as detecting their presence is akin to finding a needle in a haystack.

A Security Delivery Platform tips the scales back in the favour of network defenders by dramatically enhancing the deployment architecture of security systems and third party security applications through new capabilities that include:

  • Providing network-wide reach, including cloud and virtual environments
  • Offering scalable metadata extraction for improved forensics
  • Isolation of applications for targeted inspection
  • Delivering visibility to encrypted traffic for threat detection
  • Supporting inline and out-of-band security device deployments.

“The increasing network complexity and the ad hoc approach to security appliance deployments have resulted in blind spots, extraordinary costs, security device contention for access to traffic and too many false positives,” said Jon Oltsik, Senior Principal Analyst at ESG. “A Security Delivery Platform helps to eliminate many of the security architectural deficiencies that have led to so many high-profile breaches.”

Industry’s first Security Delivery Platform

GigaSECURE is comprised of scalable hardware and software elements that provide security administrators with unparalleled visibility and capability for bolstering the effectiveness of their third party security systems and instrumentation. Key features of GigaSECURE include:

  • Infrastructure-wide reach via GigaVUE-VM and GigaVUE® nodes
  • High-fidelity, un-sampled Netflow/IPFIX generation
  • Application Session Filtering
  • SSL decryption
  • Inline bypass capabilities.

In particular, Application Session Filtering (ASF), a new, patent-pending GigaSMART® application, provides a powerful filtering engine that identifies applications, based on signature or patterns that appear within a packet or packets that form the application flow of network traffic. Once positively identified, ASF extracts the entire session corresponding to the matched application flow from the initial packet to the last packet of the flow, even if the match occurs well after the first packet. This allows an administrator to forward specific “traffic of interest” to security appliances thereby optimising their operational efficiency and improving overall performance.

“One of the greatest threats to an enterprise today comes from the threat within,” said Karin Shopen, Product Marketing Director at Palo Alto Networks. “Because the GigaSECURE Security Delivery Platform sheds light on insider initiated threats, it can provide complementary visibility to the network traffic that Palo Alto Networks sees and can help customers further enforce security policies on traffic that might otherwise go unseen.”

“To be effective, a security appliance needs to be able to access the right network traffic stream,” said Ed Barry, VP Cyber Security Coalition at FireEye. “The GigaSECURE Security Delivery Platform addresses that challenge by providing the relevant, necessary traffic to the appropriate security device, without impacting the production network.”

Broad support and interoperability

The GigaSECURE platform already supports a broad ecosystem of security devices and their respective security functions, including:

  • Advanced Malware Protection: Check Point, Cisco, Cyphort, FireEye and Lastline
  • Behavior Analytics: Damballa, Lancope, LightCyber and Niara
  • Forensics/Analytics: ExtraHop, PinDrop, RSA and Savvius
  • IPS: Check Point and Cisco
  • NGFW: Check Point, Cisco, Fortinet and Palo Alto Networks
  • Secure Email Gateways: Cisco
  • SIEMs: LogRythm and RSA
  • WAFs: Imperva.

“The industry is facing a new challenge in security – how to detect, mitigate and remediate the threat from within,” said Todd Weber, VP of Partner Research and Strategy at Accuvant and FishNet Security, soon to be Optiv. “It’s no longer of a question of stopping a breach at the perimeter or host level. One of the things organisations need is pervasive visibility that gives security personnel the insights to see everything in their network in order to quickly contain and remediate suspicious traffic.”

“As a solutions provider to the government and large enterprises, our customers expect us to furnish not just products but solutions that have been designed for long-term benefit,” said Ryan Morris, Sr. Director of Operations at BAI Federal. “With the GigaSECURE Security Delivery Platform enhancing our customers’ options for architecting security, we consider it a timely and essential addition to the security arsenal.”

Availability

The GigaSECURE Security Delivery Platform is available now from authorised Gigamon channel partners worldwide.

About Gigamon

Read more: Partner-driven Australian security market drives world-leading growth for ESET

Gigamon provides active visibility. Having the industry’s first Security Delivery Platform, GigaSECURE®, and the Visibility Fabric™, an intelligent architecture for enterprises, data centers and service providers around the globe, Gigamon’s technology empowers security and infrastructure architects, managers and operators with pervasive and dynamic intelligent visibility of traffic across both physical and virtual environments without affecting the performance of the production network. Through patented technologies and centralized management, the Gigamon GigaVUE portfolio of high availability and high-density products intelligently delivers the appropriate network traffic to management, analysis, compliance and security tools. Gigamon has been designing and building traffic visibility products since 2004 and its solutions are deployed globally across vertical markets including over half of the Fortune 100 and many government and federal agencies. Learn more at www.gigamon.com, the Gigamon Blog, or follow Gigamon on Twitter, LinkedIn or Facebook.

Join the CSO newsletter!

Error: Please check your email address.

Tags cybercriminalsecurity marketGigamonScott Haugdahltraffic visibility solutionsShield of MinnesotabreachesBlue Cross Bluesecurity appliancesmalwareSecurity WatchSecurity Delivery PlatformGigaSECURE

More about AdvancedCheck PointCiscoFacebookFireEyeFortinetGigamonImpervaInc.IPSLancopeLastlineNYSEPalo Alto NetworksRSATwitter

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Gary Newman

Latest Videos

More videos

Blog Posts