SC14: Gigamon and High Performance Computing

By: Perry Romano, Director of Business Development – Service Providers PerryRomano

Glad to be part of Supercomputing 2014 where over 10,000 people attended and happy to participate in SCinet for the fifth year, which hosted more than 1.8 Terabits of bandwidth. With high performance computing becoming more and more important to society every day, the ability to effectively secure, monitor and manage that infrastructure is critical.  You can’t secure, monitor or manage what you can’t see! Gigamon was ecstatic to provide reliable, Active Visibility to both the high speed links and to specific traffic, simultaneously feeding all of the security and network monitoring tools that were present at the show. We also got the chance to speak with Trilogy Tech Talk about how Gigamon can help solve many of the challenges that come with high performance computing. We look forward to coming back next year!

For more information about Active Visibility and high performance computing, watch our video from the show floor.

RSA 2014 Recap: The Year of Pervasive Security and Analytics

by: Neal Allen, Sr. Worldwide Training Engineer, GigamonNeal-Allen

According to ESG research and Jon Oltsik, Sr. Principal Analyst at ESG: 44% of organizations believe that their current level of security data collection and analysis could be classified as “big data,” while another 44% believe that their security data collection and analysis will be classified as “big data” within the next two years. (note: In this case, big data security analytics is defined as, ‘security data sets that grow so large that they become awkward to work with using on-hand security analytics tools’).

This trend was highlighted at the RSA Conference the week before last with many organizations including Gigamon talking about ways security professionals can sift through the noise to find “the needle in the haystack.” Large amounts of security related data is driving the need for Big Data security analytics tools that can make sense of all this information to uncover and identify malicious and anomalous behavior.

Prior to a few years ago, threats were largely script kiddies and other unsophisticated hackers looking to disrupt communications. Organized crime then discovered they could make a lot of money selling access into corporate networks – so they started hiring really smart people to hack in. Around the same time, some governments created formal, but unofficial, departments whose job it was to steal third party intellectual property in order to advance their nation.

Between organized crime and state-sponsored industrial espionage, the interior of the network is at as much risk as the perimeter. This is particularly true with the growth in BYOD and mobility in general. If security analytics and security tool vendors are having problems keeping up with newly upgraded 10Gb edge links, then how will they deal with core networks where there are lots and lots of 10Gb, 40Gb or faster links? Not to mention, user edge traffic often times is not even tapped or spanned because of the potentially high costs of monitoring copious amounts of data across expansive networks.

The nature of security is evolving quickly and no one technique or approach to securing the network suffices anymore. Companies focused around security are now embracing multiple approaches in parallel to address security effectively. These include solutions that are inline and out-of-band, as well as solutions that do packet-level analysis and flow-level analysis. Gigamon, together with its Ecosystem Partners, presented at RSA and highlighted the critical role Gigamon’s Visibility Fabric™ plays in enabling pervasive security for best-in-breed solutions from Sourcefire/Cisco, ForeScout, FireEye, Websense, TrendMicro, Riverbed, Narus, LogRhythm and nPulse.

An effective solution that enables pervasive security should serve up the ability to address a multitude of approaches. The Gigamon Visibility Fabric does exactly that with highly scalable and intelligent solutions to address inline, out-of-band, packet-based and now flow-based security tools and approaches. In addition, Gigamon’s Visibility Fabric has the ability to combine approaches effectively, including packet-based pre-filtering prior to generating NetFlow. Gigamon’s Visibility Fabric is necessary to accelerate post analysis – through granular filtering and forwarding of packets, as well as pervasive flow-level visibility – to find that “needle in the haystack.”

We’ve entered into a new world of network security and providing insightful security analytics can be just as important as the ability to detect threats from across the network in real time. Walking around the booths at RSA, it was clear that without pervasive visibility most networks will be left with limited or delayed situational awareness, security intelligence and operational responsiveness. In a rapidly moving world, this delay may be too late.

Enabling Multi-tenancy within Enterprise IT Operations

by: Shehzad Merchant, Chief Strategy Officer at GigamonShehzad Merchant

Multi-tenancy is a well understood term in cloud and carrier environments where multiple customers serve as tenants over a common infrastructure. However, the notion of multi-tenancy, the associated SLAs for each tenant, and the ability to virtualize the underlying infrastructure to isolate individual tenants, is quickly making its way into enterprise IT operations. Today, enterprise IT organizations have multiple departments such as security, networking, applications, among others. Each department is increasingly being held to stringent requirements for ensuring network and application availability, responsiveness, and a good user experience. This is leading to an increasing reliance on various classes of tools that provide the ability to monitor and manage the applications, network, security, as well as user experience.  Many of these tools leverage Gigamon’s Visibility Fabric™ for optimal delivery of traffic from across physical and virtual networks to these tools. As departments are increasingly held to their own SLAs and KPIs, they need to be able to autonomously carve out traffic delivery to the departmental tools, as well as independently configure, manage, and adapt traffic flows to the departmental tools without impacting other departmental traffic flows. And they need to be able to do all of this over a common underlying Visibility Fabric, which leads to a model where the Visibility Fabric needs to support a true multi-tenant environment.

With the GigaVUE H Series 3.1 software release, Gigamon introduces several enhancements to the Visibility Fabric that enable multi-tenancy and enable IT departments to optimize their workflows, reduce workflow provisioning times and provide for both privacy as well as collaboration among departments when it comes to their monitoring infrastructure.

There are three key aspects to these new capabilities.

  1. Enabling departments to carve out their own slice of the Visibility Fabric using an intuitive Graphical User Interface (GUI) that supports the workflow required for multi-tenancy. Empowering multiple tenants to apportion the Visibility Fabric each with their own access rights, sharing privileges and their traffic flows, through a drag and drop GUI-based model is a key step towards simplifying the provisioning model in a multi-tenant environment. Moving away from a CLI based approach to a GUI based approach is a key step towards improving workflows across departmental silos.
  2. Advancing Gigamon’s patented Flow Mapping® technology within the Visibility Fabric Nodes to support multi-tenancy whereby each tenant can carve out their own Flow Maps, ports, and actions, without impacting the traffic flows associated with other tenants. This is a significant architectural advancement that builds on Gigamon’s existing Flow Mapping technology to provision resources within the underlying visibility nodes based on the department’s (or tenant’s) requirements.
  3. Providing role based access control (RBAC) so that departmental users can work both collaboratively as well as privately over the common underlying Visibility Fabric.

These capabilities represent a significant advancement in how IT operations can take advantage of the Visibility Fabric to rapidly deploy new tools, enable real time or near real time tuning of the Visibility Fabric and better meet their individual SLAs and KPIs. Taken together, these key capabilities empower IT organizations to provide Visibility as a Service to their various departments.

For more information, please see the Visibility as a Service Solutions Overview.

Visibility in Motion at Cisco Live Orlando

by: Huy Nguyen, Senior Director of Product
Management at Gigamon

Huy_Nguyen_headshot

Now that Cisco Live Orlando has come and gone and we’re gearing up for VMworld, we’re seeing even more attention being paid to virtualization given the interest in software defined networks (SDN) and data centers (SDDC). So, virtualization remains hot and with around 60 percent of all applications running in virtualized environments according to some studies, we shouldn’t be surprised that there are even summer camps being offered around the subject (I’m not kidding). I feel like 2013 is the Summer of Virtualization!
That being said, it makes sense to let you know how Gigamon is continuing to address the visibility challenges being experienced by organizations utilizing virtualized environments.  On the first day of the Cisco Live World of Solutions expo we announced GigaVUE-VM 2.0. If you’re not familiar with our GigaVUE-VM, it is basically a virtual instance of one of our Visibility Fabric nodes. Because traffic between virtual machines may be switched locally, it will never traverse the physical network, rendering existing monitoring and analysis tools blind to this virtual traffic.  The GigaVUE-VM fabric node provides that packet-level visibility into the virtualized server world.
One of the dynamic things about the 2.0 update in addition to exposing inter-VM traffic flowing within a physical host and across physical hosts is that GigaVUE-VM now supports Cisco’s Nexus 1000V virtual switch as well as VMware’s vSphere Distributed Switch (VDS). GigaVUE-VM works with these virtual switches to abstract copies of the packets before intelligently filtering and forwarding the packets to the management, security, and monitoring tools that require packet-level visibility, such as application and network performance monitoring tools and intrusion detection systems.
Perhaps even more exciting is that GigaVUE-VM 2.0 has the ability to automatically reconfigure Gigamon’s Visibility FabricTM architecture and migrate monitoring policies to maintain continuous visibility when a virtual machine vMotion event occurs. Essentially, GigaVUE-VM preserves visibility into the traffic flowing between VMs even after that VM moves from one physical host to another for what we call “visibility in motion.”
What’s so significant about this function is that without the ability to automatically migrate the monitoring policies, visibility that had been configured would be lost once the vMotion occurs and would require manual reconciliation which very well could be arduous given the agile virtual infrastructures of today.
For even more information, check out our white paper,
Visibility into the Cloud and Virtualized Data Center”.
CiscoLiveOrlando_GIGAMON6 CiscoLiveOrlando-GIGAMON5 CiscoLiveOrlando-GIGAMON4 CiscoLiveOrlando-GIGAMON1 CiscoLiveOrlando_GIGAMON3 CiscoLiveOrlando_GIGAMON2

Big Data and Intelligent Visibility: Just Give Me the Information That’s Important to Me

by: Paul Hooper, Gigamon CEO
Thirty-one thousand text messages in one month. One can only describe that as startling. Coming from the generation that preceded the texting-era, this seems like an incredible volume of communications that my two daughters managed to accomplish between them in a 30 day period. Downloading the full detail records from the service provider resulted in 96 pages of mobile numbers that really provided little value or context to understand how or why they achieved this milestone. As a father, all I really wanted was a list of any text messages that originated or were destined for a mobile device owned by a boy that contained the word “love” in the message.   
Ironically, this small and personal example represents one of the larger challenges facing businesses today. The volume of information that is created and required by most Enterprises is spiraling ahead of any expectations that we may have had in the years gone by. With end-user devices continuing to increase in capacity, with enterprise networks accelerating up the performance curve, and with the rapid growth in the reach and raw-speed of the mobile communications infrastructure, businesses, employees and in my case, family members, have an ever increasing demand and ability to consume and share information. 
With this scale and growth in the demand for information, the ability to identify the material details from the immaterial represents one of the hallmarks of an agile business. As the volume of reports, information and detail around and within the business grows, the smart money is on the organization that can leverage their ability to identity the material details within a mountain of data to enable faster reaction to changes within their own four-walls or the larger market, and also to recognize how to monetize new opportunities or inflections that are recognized within the broader market. 
And so, as information continues to scale in volume and performance, visibility into the information needs to become increasingly smarter and more intelligent. With applied intelligence into how the organization looks at information, the more responsive, more capable and potentially, more successful the organization will become. We have seen this proven out many times in the world around us and in many ways we see it within our personal lives. Watching live TV through channel-surfing is a bygone of a previous era; today we specifically identify and select what we believe is relevant and focus our few entertainment ours on the programs that are most relevant to our watching requires. Although some strides have been made within the residential market, intelligent visibility into the information, traffic and data is an aspirational vision for many organizations. 
We live in exciting times. We live in a very connected, and very communication-orientated world. The accelerating growth curve ahead for information creation and dissemination is clear. The need for intelligent visibility into that information has never been more obvious.