the gigamon visibility platform - exclusive...
Post on 10-Jul-2020
22 Views
Preview:
TRANSCRIPT
1©2015 Gigamon. All rights reserved.©2015 Gigamon. All rights reserved.
The Gigamon Visibility Platform
See what matters.™
Andrea Baraldi - Sales Engineer
Marco Romagnoli – Sales Director
2©2015 Gigamon. All rights reserved.
6/2014
Safe Harbor StatementAny forward-looking indication of plans for products is preliminary and all future release dates are tentative and subject to change.
Any future release of products or planned modifications to product capability, functionality, or features are subject to ongoing evaluation by Gigamon, and
may or may not be implemented and should not be considered firm commitments by Gigamon and should not be relied upon in making purchasing decisions.
This presentation contains forward-looking statements within the meaning of Section 27A of the Securities Act of 1933 and Section 21E of the Securities
Exchange Act of 1934. Forward-looking statements generally relate to future events or our future financial or operating performance. In some cases, you can
identify forward-looking statements because they contain words such as "may," "will," "should," "expects," "plans," "anticipates," "could," "intends," "target,"
"projects," "contemplates," "believes," "estimates," "predicts," "potential" or "continue" or the negative of these words or other similar terms or expressions
that concern our expectations, strategy, plans or intentions. Forward-looking statements in this presentation include, but are not limited to, our expectations
that the market for our products will continue to grow and develop; and our expectations regarding product developments and enhancements and adoption of
those products by our customers. Our expectations and beliefs regarding these matters may not materialize, and actual results in future periods are subject
to risks and uncertainties that could cause actual results to differ materially from those projected. These risks include our ability to continue to deliver and
improve our products and successfully develop new products; customer acceptance and purchase of our existing products and new products; our ability to
retain existing customers and generate new customers; the market for network traffic visibility solutions not continuing to develop; competition from other
products and services; and general market, political, economic and business conditions.
The forward-looking statements contained in this presentation are also subject to other risks and uncertainties, including those more fully described in our
filings with the Securities and Exchange Commission, including our Prospectus for our public offering of common stock filed pursuant to Rule 424(b) under
the Securities Act of 1933 (Registration No. 333-191581) and our Quarterly Report on Form 10-Q for the most recent quarterly period. The forward-looking
statements in this presentation are based on information available to Gigamon as of the date hereof, and Gigamon disclaims any obligation to update any
forward-looking statements, except as required by law.
3©2015 Gigamon. All rights reserved.
• Founded in 2004
• IPO in 2013, NYSE: GIMO
• Headquarters: Santa Clara, CA, U.S.
• Global Offices: 30 countries
• 750 employeesAs of FY2017
Corporate Overview
Gigamon Visibility Platform provides pervasive visibility
into data in motion across your entire network, enabling
stronger security and network performance.
See what matters.™
• CEO: Paul Hooper
• Over 2,300 customers
• Verticals: Federal, Financial Services, Healthcare, Retail, Technology, Service Providers
• Global Patents Issued: 35
4©2015 Gigamon. All rights reserved.
Fortune 100 and 1000 statistics from FY 16-Q3Top 50 Banks in the World." http://www.relbanks.com/worlds-top-banks/assets Banks around the World. June 30, 2015. Web.Laura Lorenzetti "The 10 biggest health-care companies in the Fortune 500." https://gigamon.my.salesforce.com/00O14000008ef5s Fortune. June 20, 2015. Web.Pablo Erbar "20 Largest Stock Exchanges in the World." http://www.insidermonkey.com/blog/trading-places-the-20-largest-stock-exchanges-in-the-world-335310/Insider Monkey. November 11 2014. Web.
Liyan Chen "The World's Largest Tech Companies: Apple Beats Samsung, Microsoft, Google.http://www.forbes.com/sites/liyanchen/2015/05/11/the-worlds-largest-tech-companies-apple-beats-samsung-microsoft-google/ Forbes. May 11, 2015. Web.Kantar Retail "Top 100 Retailers Chart 2015." https://nrf.com/2015/top100-table National Retail Federation. 2015. Web.Liyan Chen "The World's Largest Telecom Companies: China Mobile Beats Verizon, AT&T Again." http://www.forbes.com/pictures/fjlj45fkkh/china-mobile/ Forbes. June 1, 2015. Web.
The World’s Top Organizations Rely on Gigamon for Their Business
5©2015 Gigamon. All rights reserved.
See what matters.™
Tools & ApplicationsSecurity | Experience Management | Monitoring | Analysis
Any NetworkData Center and Private Cloud | Public Cloud | Service Provider Networks | Remote Sites
Gigamon Visibility Platform
Manage Secure Understand
6©2015 Gigamon. All rights reserved.
Gigamon Product Portfolio
Tools & ApplicationsSecurity | Experience Management | Monitoring | Analysis
Any NetworkData Center and Private Cloud | Public Cloud | Service Provider Networks | Remote Sites
De-duplication
Slicing
FlowVUE®
MaskingGTP
Correlation
Header
Stripping
TunnelingSSL
Decryption
Adaptive
Packet FilteringApplication
Session Filtering
NetFlow and
Metadata Generation
Visibility
Nodes
Traffic
Intelligence
GigaVUE-FMOrchestration APIvCenterNSX Manager
Intelligent Visibility Public Cloud Virtual Traffic Aggregators Network TAPs
Flow Mapping® Clustering Inline Bypass GigaStream®
A
P
I
Gigamon Visibility Platform
Manage Secure Understand
8©2015 Gigamon. All rights reserved.
Real-time Threat Prevention May Not Be PossiblePARTICULARLY FOR UNKNOWN THREATS
Breaches are inevitable!
• 6.7ns inter-packet gap at 100Gb
• Insufficient time for decision making
on unknown, potential threats
Too Little Time
• Large established ecosystem of
distributors for malware
• With sophisticated kits for rent
• Along with support infrastructure
Too Many Bad Guys
9©2015 Gigamon. All rights reserved.
What Can Be DoneBREAK THE CHAIN, DON’T JUST TRY TO PREVENT IT
Reconnaissance
1
Phishing and
Zero Day Attack
2
Back Door
3
Lateral
Movement
4
Data
Gathering
5
Exfiltrate
6
Traditional security focus:
PREVENTION
The new security focus :
DETECT, PREDICT, CONTAIN
10©2015 Gigamon. All rights reserved.
Internet
Public
Cloud
✕ Significant blind spots
✕ Extraordinary costs
✕ Contention for access to traffic
✕ Inconsistent view of traffic
✕ Blind to encrypted traffic
✕ Too many false positives
Legacy Approaches Provide Limited Visibility
User Behavior
Analytics
Advanced
Persistent
Threat
Email Threat
Detection
SIEM
Next-Generation
Firewall
Data Loss
Prevention
SIEM
Data Loss
Prevention
User Behavior
Analytics
Next-Generation
Firewall
Advanced
Persistent
Threat
Email Threat
Detection
Data Loss
Prevention
Next-Generation
Firewall
Email Threat
Detection
Advanced
Persistent
Threat
SIEM
User Behavior
Analytics
Routers
“Spine”
Switches
“Leaf”
Switches
Virtualized
Server Farm
VISIBILITY LIMITED TO A POINT IN TIME OR PLACE
11©2015 Gigamon. All rights reserved.
Internet
Public
Cloud
Transform Security: The Security Delivery PlatformLOOK INSIDE THE NETWORK
Data Loss
Prevention
Data Loss
PreventionData Loss
Prevention
Next-Generation
Firewall
Next-Generation
Firewall
Next-Generation
Firewall
Email Threat
Detection
Email Threat
Detection
Email Threat
Detection
SIEM
SIEM
SIEM
User Behavior
AnalyticsUser Behavior
AnalyticsUser Behavior
Analytics
Routers
“Spine”
Switches
“Leaf”
Switches
Virtualized
Server Farm
Advanced
Persistent
Threat
Advanced
Persistent
ThreatAdvanced
Persistent
Threat
Security Delivery Platform: A Foundation for Effective Network Security
Targeted
inspection
Detection of
encrypted threats
Inline mode for
visibility and control
Reach physical
and virtual networks
Metadata for
Improved
Forensics
Security Delivery Platform
Public
Cloud
On-premise
Data Center
Remote
Sites
Private
Cloud
Next-Generation
Firewall
User Behavior
Analytics
Data Loss
Prevention
Email Threat
Detection
Advanced
Persistent Threat
SIEM
12©2015 Gigamon. All rights reserved.
GigaSECURE®
THE INDUSTRY’S FIRST SECURITY DELIVERY PLATFORM
Shifting the advantage from the attacker to the defender
13©2015 Gigamon. All rights reserved.
The Current Security Model
Basic Hygiene:Firewall, Endpoint,
Segmentation, etc.
Prevention
Building Context: Big Data and
Machine Learning
Detection
Triangulating Intent: Artificial Intelligence and
Cognitive Solutions
Prediction
Taking Action: Firewalls, IPS,
Endpoints, Routers
Containment
Automated Manual
14©2015 Gigamon. All rights reserved.
REST API
Basic Hygiene:Firewall, Endpoint,
Segmentation, etc.
Prevention
Building Context: Big Data and
Machine Learning
Detection
Triangulating Intent: Artificial Intelligence and
Cognitive Solutions
Prediction
Taking Action: Firewalls, IPS,
Endpoints, Routers
Containment
Automated Manual
A New Security Model: The Defender Lifecycle
Automated Automated
Inline Bypass
SSL DecryptionMetadata Engine
App Session Filtering
SSL Decryption
Inline BypassInline BypassMetadata Engine,
App Session Filtering,
SSL Decryption
✓ Physical
✓ Virtual
✓ Cloud
15©2015 Gigamon. All rights reserved.
Gigamon Partner EcosystemG
iga
mo
n V
isib
ilit
y P
latf
orm
Security and
Vulnerability
Management
Service
Provider
InfrastructureInfrastructure
Network &
Application
Performance
Management
16©2015 Gigamon. All rights reserved.
Gigamon Product Portfolio
Tools & ApplicationsSecurity | Experience Management | Monitoring | Analysis
Any NetworkData Center and Private Cloud | Public Cloud | Service Provider Networks | Remote Sites
De-duplication
Slicing
FlowVUE®
MaskingGTP
Correlation
Header
Stripping
TunnelingSSL
Decryption
Adaptive
Packet FilteringApplication
Session Filtering
NetFlow and
Metadata Generation
Visibility
Nodes
Traffic
Intelligence
GigaVUE-FMOrchestration APIvCenterNSX Manager
Intelligent Visibility Public Cloud Virtual Traffic Aggregators Network TAPs
Flow Mapping® Clustering Inline Bypass GigaStream®
A
P
I
18©2015 Gigamon. All rights reserved.
GigaSMART® Summary
SSL
DecryptionDe-duplication Adaptive Packet
Filtering
Application
Session FilteringPacket
SlicingMasking
NetFlow/IPFIX
Generation
Header
StrippingIP
TunnelingGTP
CorrelationFlowVUE™ERSPAN
Termination
20©2015 Gigamon. All rights reserved.
GigaSECURE®
INDUSTRY’S FIRST SECURITY DELIVERY PLATFORM
Internet
Routers
“Spine”
Switches
“Leaf”
Switches
Virtualized
Server Farm
Intrusion
Detection
System
Data Loss
Prevention
Email Threat
Detection
IPS
(Inline)
Anti-Malware
(Inline)
Forensics
Security Delivery Platform
Isolation of
applications for
targeted inspection
Visibility to
encrypted traffic for
threat detection
Inline bypass for
connected security
applications
A complete
network-wide reach:
physical and virtual
Scalable metadata
extraction for
improved forensics
GigaVUE-VM and
GIgaVUE® Nodes
Application
Session Filtering
SSL
Decryption
Inline
Bypass
✓ All tools still connected
✓ Fewer network touch points
✓ Enhanced tool efficiency
✓ Decreased OPEX costs
Metadata
Engine
21©2015 Gigamon. All rights reserved.
Inline Bypass to Scale Security DeliverySOLVING PAIN POINTS OF BOTH SECURITY & NETWORK TEAMS
Link Aggregtion
Consolidate multiple points of failure
into a single, bypass-protected solution
Add, remove, and upgrade
tools seamlessly
Integrate Inline, Out-of-Band, and Flow-based tools
via the GigaSECURE® Security Delivery Platform
HA Designs
Inline
Bypass
22©2015 Gigamon. All rights reserved.
Any forward-looking indication of plans for products is preliminary and all future release dates are tentative and subject to change.
SSL Decryption on Gigamon ProductsEncrypted Traffic Decrypted / Unencrypted Traffic
Internet Servers
Corporate Servers Clients
NGFW
IPS
Network
Forensics
Anti-malware
Active, Inline
Appliance(s)
Passive, Out-of-Band
Appliance(s)
• Corporate servers
• Enterprise has server keys
• RSA key exchange
• Supported Since 2014
1
• Corporate servers
• Diffie-Hellman (DH) key exchange
• Emerging TLS 1.3 standard
• Need to be inline to decrypt SSL
2
• Internet Servers or SaaS services
• Enterprise does not have server keys
• Need to be inline to decrypt SSL
3
?
Clients
Internet
1 RSA 2 DH, PFS
3 RSA/DH
23©2015 Gigamon. All rights reserved.
Inline Tool Group
(decrypted traffic)
Gigamon Inline SSL Visibility Solution
Highlights
• Servers and clients located internally
or externally
• Private keys not needed
• RSA, DH, PFS can be used
• Supports inline and out-of-band tools
Out-of-Band Tool
(decrypted traffic)
SSL Session
Leg 1
(encrypted)
SSL Session
Leg 2
(encrypted)
1
2
2
3
Encrypted traffic
Decrypted traffic
Web Monitor Tool
(decrypted traffic)
Any forward-looking indication of plans for products is preliminary and all future release dates are tentative and subject to change.
4
25©2015 Gigamon. All rights reserved.
1. Security no longer an after-thought during virtualization
2. Increasing VM density with mission-critical workloads
3. Visibility into VM-VM traffic needed for Security and Application Performance Monitoring (APM)
4. Creating new virtual instances of tools affects workload performance
5. Automated visibility after VM migration
Virtual Visibility: More Important Than Ever
5 REASONS WHY YOU MUST CARE
HYPERVISOR
SERVER
VIRTUAL
IDS VM1
VIRTUAL
ANTI-
MALWARE
VIRTUAL
APM VM
HYPERVISOR
SERVER
GigaVUE-VM
IDS
ANTI-MALWARE
APM
VIRTUAL SWITCH VIRTUAL SWITCH
26©2015 Gigamon. All rights reserved.
OS
DB
DB Server
Leaf
Core Core
Leaf Leaf
Spine
Leaf
Spine
• Small footprint ‘Virtual Tap’ guest VM appliance • Access, Select, Transform, and Deliver Virtual traffic
GigaVUE-VM - Virtual Workload Monitoring EXTENDING VISIBILITY INTO VIRTUAL DATA CENTERS
Application
Performance
Network
Performance
Security
Centralized
tools
GigaVUE-VM
• Flow Mapping™
• Filter on VM, application ports
• Packet slicing at any offset
• Tunneling for multi-tenant
Advanced Traffic Intelligence
• De-duplication
• Packet Masking
• Packet Slicing
• Header Stripping
• NetFlow Generation
• SSL Decryption
• Adaptive Packet Filtering
• Application Session Filtering
Network
Tunnel Port
Tunneling
• Visibility into Hosted Applications • Visibility into Physical to Virtual traffic
DB
27©2015 Gigamon. All rights reserved.
Dynamic ‘Traffic Visibility Service’ Insertion
Internet
Security/Monitor Admin
“Copy Packet”
GigaVUE-FM
Tools and AnalyticsApplication
Performance
Network
ManagementSecurity
Monitoring Policy
28©2015 Gigamon. All rights reserved.
Partner Solution Categories and Integration Options
Solution Category Integration Options
SDDC Operations and Visibility Port Mirroring, NSX-API, NetX
Automated Traffic Visibility for
VMware powered SDDC
29©2015 Gigamon. All rights reserved.
Public Cloud Visibility Challenges and Gigamon Solution
Gigamon Visibility Platform
RDS
Web
Tier
App
Tier
ELB
ELB
Tool Tier
Region
AZ
AWS
VPC
RDS
Web
Tier
App
Tier
ELB
ELB
Tool Tier
Region
AZ
AWS
VPC
RDS
Web
Tier
App
Tier
ELB
ELB
Region
AZ
AWS
VPC
Visibility Tier
GigaVUE-FM
Tool
Tier
• Inability to access all traffic
• Discreet vendor monitoring agents per instance
• Impacts workload and VPC performance
• Increases complexity
• Static visibility with heavy disruption
• Consistent way to access network traffic
• Distribute traffic to multiple tools
• Customize traffic to specific tools
• Elastic Visibility as workloads scale-out
Elastic Load Balancing (ELB) Subnet Amazon Relational Database Service (RDS) Availability Zone (AZ)ToolInstances
30©2015 Gigamon. All rights reserved.
VPC: Virtual Private Cloud
Deployment Examples: Hybrid CloudsUSE CASE 1: TOOLS IN THE ENTERPRISE DATA CENTER
Tools
Enterprise Data Center
Monitored traffic backhauled from AWS to tools in an enterprise’s data center
L2 GRE Tunnel
Virtual Traffic Policies
AWS EC2 Integration
GigaVUE® V Series
AWS
VPCGigaVUE-FM
Control Traffic
Monitored Data Traffic
Private & Confidential
31©2015 Gigamon. All rights reserved.
Deployment Examples: Tools in the Same VPCUSE CASE 2: TOOLS IN THE SAME AWS VPC
AWS Management
Console
Monitored traffic in AWS sent to virtual tools located in the same VPC
L2 GRE Tunnel
Virtual Tools
GigaVUE-FM
Virtual Traffic
Policies
Corporate
Data CenterAWS
VPC
GigaVUE® V Series
AWS EC2 Integration
Private & Confidential
32©2015 Gigamon. All rights reserved.
Ph
ysic
al
Vir
tual
GigaVUE-VM
GigaVUE-VM
Adaptive
Packet Filtering
METADATA
Service Chain with Other GigaSMART® AppsDELIVER RELEVANT TRAFFIC AFTER DECRYPTION
Flow
Mapping®
Tunnel
Termination
Inline
SSL
Decryption
Filter on decrypted
data and send to
tools using ASF
Generate metadata
and feed to SIEM
Select target network for decryption with Flow Mapping, Decrypt and Filter
on decrypted data with ASF, Generate metadata and forward to tools
top related