Security / October 19, 2017

Gigamon and BluVector Provide Pervasive Visibility and Comprehensive Security

Traditional security solutions are ineffective at detecting advanced persistent threats (APT) within modern, enterprise network environments. Gartner reports that “the average time to detect a breach in the Americas is 99 days and the average cost is $4 million.”

There’s a belief by many information technology (IT) teams that by moving their applications and workloads to the cloud, they’re immune to security threats. Sadly, that’s not true. In fact, enterprises who simply deploy traditional perimeter solutions in the cloud are still at risk of security breaches, which can lead to severe financial consequences and negative impact to brand and reputation.

Joe Rosenthol from BluVector joins us to discuss how BluVector and Gigamon enable customers to detect, log and investigate advanced cyberthreats in real time.

Tell us about your company.

BluVector has reinvented network intrusion detection with machine learning so that it can finally deliver on its promise: defend networks against even the newest and most sophisticated cyberattacks. BluVector’s patented supervised machine learning models analyze files and software in milliseconds, right as they enter the network and offer the benefits of network sandboxing capabilities while performing analysis in real time at the network edge.

What kind of challenges are you seeing from customers who are moving to the public cloud?

We’re seeing two challenge areas: meeting established on-premises security standards in a new environment along with a drive to move quickly to Infrastructure as a Service (IaaS) to reduce cost while still maintaining security.

As organizations are leveraging both the public and private cloud to optimize their business needs to match growth and productivity, they are finding it harder to apply their existing security policies in the cloud. With different workflows, service level agreements (SLAs), features, settings, management and efficacy, cloud security solutions are totally different than their on-premises versions. These differences increase risk to an organization’s data.

In a worst-case scenario, security vendors might not have an equivilant cloud security solution, which would leave security professionals in the difficult situation of building out an entire new security stack in the cloud versus what they had on-premises.

Another issue to take into consideration is that technologists or business leaders recommend moving to public cloud IaaS to reduce costs. So, customers start by first moving non-critical applications with no or little sensitive data. Once this “test move” to the cloud is deemed a success, it is followed by the migration of mission-critical applications and workloads.

Then the challenges occur. At first glance, enterprises should leverage cloud-based security solutions to protect these new environments. Yet, the long-term result is that the organization ends up with a mismatched selection of tools and they are forced to use more resources and purchase additional licenses to support their cloud migration. Deploying an effective security posture in the cloud while taking advantage of the lower upfront infrastructure costs and economies of scale is often not an area that many IT security teams have experience in delivering successfully or delivering at all if this is their first move to cloud.

Can you please tell us a bit about your cloud solution and benefits for our mutual customers deploying applications on AWS?

The BluVector appliance provides patented supervised machine learning detection engines that operate in real time to detect advanced threats, including ransomware and polymorphic malware. What that means is the platform is able to analyze over 30 types of file to evaluate the binary and metadata and separate the benign from the malicious. If a file is malicious, BluVector creates a detailed threat report that security analysts can use to determine the severity of the threat and and apply that knowledge to prevent or halt a malware from spreading through their network.

BluVector detection appliances can be configured the exact same way in on-premises and cloud environments to provide the same high fidelity of detection and context. These options allow a security organization to deploy the same solution across their entire infrastructure.

How does BluVector integrate with Gigamon on AWS?

Gigamon and BluVector work seamlessly together. Installation is as simple as launching the BluVector Sensor AMI within your AWS VPC(s). The BluVector sensor AMI is configured with two interfaces, one for management and the second for receiving the traffic from the Gigamon Visibility Platform V Series. As part of the Visibility Platform for AWS, the GigaVUE-Fabric Manager (FM) provides customers with the flexibility to establish sophisticated traffic intelligence using GigaSMART applications for slicing, sampling and filtering network traffic. Selected traffic is tunneled from the V Series to the BluVector sensor AMI. The virtual appliance works the same way as the physical, applying a series of threat detection engines – in real time – to identify threats.

If you have questions about the BluVector and Gigamon solution and want to learn more, watch our video, download our solution brief our reach out to BluVector to speak to a sales representative.


Customers have saved millions in IT costs. How much can you save?
Pervasive Visibility: A Critical Foundation of Federal Zero Trust Architecture
Ransomware Loitering Presents an Opportunity for Network Detection
Cybersecurity in a Converged IT/OT/IoT Environment

Back to top