Cloud / July 25, 2017

Are You Effectively Securing Your Cloud Workloads? Learn How Gigamon and RSA Can Help

It’s inevitable. Enterprises are embracing the cloud. But when it comes to effective threat detection and security, many organizations are unsure. Is the cloud inherently secure? Is the cloud being used securely? Can you extend security policies from on-premises to the cloud? How do you gain visibility into your cloud workloads? If these questions are not top of mind, they should be.

RSA and Gigamon have come together to create an integrated solution that integrates with Amazon Web Services (AWS) by providing the necessary visibility into data-in-motion and leveraging industry-leading security solutions. Let’s hear from Michael Gallegos, product manager, RSA NetWitness Suite, to learn more about what Gigamon and RSA are providing.

What kind of challenges are you seeing from customers who are moving to the public cloud in terms of detecting and mitigating threats?

First, there’s the reality that IT is moving to the cloud faster every day. Many organizations now have a formal “Cloud First” strategy that requires all new or expanded workloads to be evaluated for cloud deployment. Our customers – the security buyers – understand that they’re on the hook to secure cloud apps and data, just like they are with traditional on-premises versions.

The other challenge that comes up is that cloud security is still catching up with traditional data center security. This creates a business problem because the workloads are going to the cloud either way. Logs – OS and app – are readily available, but packets are not. Our partnership with Gigamon addresses this shortcoming, as the Gigamon Visibility Platform provides network visibility by capturing data packets exchanged across EC2 instances and making them available for the RSA NetWitness Suite. As a result, cloud data packets can be easily integrated with an organization’s threat detection and response solution, enabling the visibility analysis needed to be effective and productive.

Can you please tell us a bit about the RSA NetWitness Suite and the benefits for AWS customers?

RSA NetWitness Suite enables customers to obtain the visibility needed to secure critical infrastructure, and empowers security teams to identify, understand, and mitigate advanced threats. Our motto is “Run anywhere, see everything” and that includes the cloud, which is now part of most organizations’ core IT strategy. We’ve introduced an AWS product offering to assist customers in closing the visibility gap created by workloads in the cloud. We provide flexible AWS deployment options that allow NetWitness components to be deployed either in full stack – all cloud – or hybrid – on-premises and cloud –  configurations. From a deployment perspective, AWS license holders can simply search the AWS public AMI community for the NetWitness components and proceed to launch them.

How does RSA integrate with Gigamon on AWS and what are the benefits to customers?

The integration is quite simple and can be set up in minutes. It’s just a matter of deploying the GigaVUE Fabric Manager, the associated controllers and the RSA NetWitness Decoder and setting up a monitoring session and tunnel between the two solutions. Once network traffic is traversing the tunnel, the RSA NetWitness product functionality is like a physical deployment, and the data is available to the RSA NetWitness analysts.

By partnering with Gigamon for network visibility in AWS, customers can gain access to the right virtual traffic and network metadata from AWS environments. Packets can now be captured, retained, analyzed and stored in the AWS cloud, bringing additional visibility and security with RSA NetWitness solutions. With this packet-capture capability, we’re able to provide analysts the context they need to understand the threats they’re investigating. Combining network visibility with other sources such as logs, endpoint and NetFlow, we’re able to provide a single view to the analyst.

Gigamon and RSA have put together a joint Test Drive – why would this be exciting for customers?

The joint Test Drive is a great tool for customers to get quick access to a proof-of-concept environment for the RSA NetWitness Suite with the Gigamon Visibility Platform within AWS. Customers simply fill out a form, which will spin up an environment within AWS within minutes. This entire process is fully automated. They can use the test environment to get familiar with receiving traffic from the Gigamon Visibility Platform and using RSA NetWitness to investigate and identify threats to AWS workloads. We provide a guide that walks the customer through the Test Drive in about an hour. It’s a great way for customers to demo and evaluate the products – try it today!

If you’re attending Black Hat from July 26-27, come check out RSA booth #907 to speak to Gigamon and RSA product experts, or come hear what cloud experts are saying by registering for our 2nd Annual Cloud Security Field Day on Friday, July 28, from 8 a.m. to 10 a.m. PST.

Back to top