From the Core to the Cloud, See it All

Simplify, secure and scale your hybrid cloud infrastructure to accelerate digital innovation.

LEARN MORE

CLOUD VISIBILITY

GET A DEMO

DATACENTER VISIBILITY

GET A DEMO

NETWORK SECURITY

GET A DEMO

INDUSTRY

A Thriving Partner Ecosystem

Gigamon reseller and integration partners design, implement and optimize best-of-breed and validated joint solutions.

FIND A PARTNER

NOT A PARTNER?

ALREADY A PARTNER?

Proven Support and Services

Our global support team is committed to creating experiences of unmatched quality, scalability and efficiency.

MY GIGAMON

OVERVIEW

GET SUPPORT

COMMUNITY

Customer Success

Our global customers are empowered to transform their businesses and innovate with the power of complete network visibility and analytics.

CUSTOMERS

ANU

Australian National University

Fosters a safer campus community with Gigamon.

cegedim

Cegedim.cloud

Improves cloud infrastructure and visibility.

 

department of defense

Department of Defense

Confidently feeds different tool sets in the physical and the virtual world.

Resource Library

Your one-stop hub to explore content resources to stay current on the latest in network visibility and analytics.

RESOURCES

Network Tool Efficiency Evaluation

Efficient Tools Are Happy Tools

Answer a few questions and get real-time insights.

def-guide

Achieve Hybrid Cloud Observability

Strengthen visibility and security.

ebook

Deep Observability eBook

Supercharge your tools with real-time, actionable, packet-level intelligence.

WHY GIGAMON

We are the first company to deliver a unified visibility and analytics architecture across your hybrid infrastructure to simplify, secure and scale IT operations.

LEARN MORE

IN THE NEWS

COMPANY INFORMATION

Deep Observability

Supercharge Your Security and Observability Tools

Without deep observability, you're exposed.

Great Place to work

Join the Team

Become a part of the OneGigamon team. Search for your next opportunity.

SHARE
Uncategorized / April 19, 2016

Building a Security Intelligence Platform with Crystal-Clear Visibility

David Gorton  

With so much data going in to the S.I-EM it’s kind of hard…okay, so that didn’t flow to Snoop Dogg’s “Gin & Juice” as much as I would have liked. That’s okay, I’ll recover. The point is, organizations are handling more network traffic and data than ever before; while at the same time, fighting off the potential of cyber attacks nearly every day.

Your organization’s ability to detect and respond to threats requires visibility into the network. Achieving enterprise-wide network visibility requires both application-level awareness and rich network session detail.

So imagine a scenario where your organization is vulnerable to a malware infection—a scenario that is all too real to many of us—and the malware just began data exfiltration on a computer within your network.

You may struggle to sift through the noise of increased network activity to accurately identify the malware threat because your organization lacks the ability to see across the physical and virtual infrastructure.

An important component of network-wide visibility is having access to the most relevant metadata. Next-gen SIEMs (shameless LogRhythm plug) look to the power of metadata to provide a pinpoint accurate picture of network traffic. This picture allows your organization to focus on specific areas of the network and then rapidly triage, investigate and neutralize the threat.

Creating a Behavior Profile for Automated Remediation

So back to the malware infection that is currently plaguing your organization. On your network, a laptop starts sending information to China. When deployed together, LogRhythm’s Security Intelligence Platform and Gigamon’s GigaSECURE® Security Delivery Platform are better able to uncover early indicators of malicious activity.

The GigaSECURE Security Delivery Platform provides intelligent filtering and de-duplication to help facilitate that relevant traffic is analyzed by LogRhythm which then quickly generates a baseline of normal activity. We know from this behavior baseline that network traffic to a device in China is a highly suspicious activity.

This anomalous behavior triggers an alarm in LogRhythm. The alarm then instigates an automatic SmartResponse™ to begin full packet capture.

The full data capture can reveal that sensitive data is now leaving the company. An analyst then quickly isolates the laptop through a SmartResponse™ and begins removing malware from the infected laptop.

The pervasive visibility of LogRhythm and Gigamon exposes threats hidden in the network traffic of enterprise organizations, enabling fast remediation. And as it turns out, there is a connection between flow, data and the SIEM; it just doesn’t correlate to rap lyrics.

To learn more about improving enterprise visibility for automated remediation, check out our solution brief.

#wefightsmart

COMPANY
GET HELP
PRODUCTS & SOLUTIONS
POPULAR LINKS
  • ©Gigamon 2022
Back to top