How to Achieve a Consistent Security Posture Even with a Multi-Cloud Strategy

If you have ever visited a financial advisor, the advice you often receive is to diversify your portfolio, or, in other words, “Do not put all your eggs in one basket.” This advice is meant to ensure you don’t lose everything if a particular investment goes south. Using the same principle, enterprises are diversifying their infrastructure investments and footprint across multiple environments – on-premises, virtual and public cloud. Why?

To answer this question, let’s take a look at the public cloud space. Amazon Web Services (AWS) offers a variety of value-add services for enterprises. Microsoft Azure, for its part, offers strong migration services. Don’t forget Google Cloud Platform (GCP), which offers big data and artificial intelligence applications. With all of these options, why would you put all of your applications, data and services in one cloud “basket?”

Cloud operation and security teams establish comfort zones once they know the boundaries of what they are in charge of managing and protecting.

As the enterprise expands across physical, virtual and public cloud environments, the complexity of managing security across all environments increases. Security teams have to face increased threats with fewer resources and, while the public cloud provides the benefit of instant scale and global reach, it also introduces a multitude of new attack vectors. As more and more applications move to the cloud, mission-critical or not, the need to have a uniform security posture in all environments is essential.

In the on-premises world, Gigamon customers have leveraged our GigaSECURE^® Security Delivery Platform, which integrates GigaSMART^® traffic intelligence to acquire, optimize and ensure all traffic can be inspected to help detect and prevent threats faster.

In November 2016 Gigamon took it a step further by announcing GigaSECURE Cloud, which allows security architects to extend their security posture to AWS workloads. Now, we are excited to announce the general availability of GigaSECURE Cloud for Microsoft Azure. Enterprises are not forced to put all of their eggs in one basket. Instead they can take advantage of a hybrid infrastructure without compromising security or compliance.

The solution

GigaSECURE Cloud is an intelligent network traffic visibility solution that acquires, optimizes and distributes selected traffic to security and monitoring tools. Enterprises can maximize application performance by reducing agent overload via a lightweight G-vTAP agent with minimal impact on Azure VM CPU utilization.

The platform integrates with Azure APIs and deploys visibility tiers in all VNets that collect aggregated traffic and apply advanced intelligence prior to sending selected traffic to the tools. Figure 1 below depicts how the solution works within a single VNet.

Figure 1: GigaSECURE Cloud solution in a single VNet.

GigaSECURE Cloud can support multiple deployment models and scenarios for enterprises depending where the security and monitoring tools reside:

1. Multiple VNets with tools in a shared VNet.
2. Hybrid cloud with tools in the data center and in the cloud.
3. Multi-cloud with tools in any cloud.
4. Multi-cloud and hybrid with tools anywhere.

Moreover, with GigaVUE-FM providing a single pane-of-glass view of the Gigamon Platform across the enterprise, security teams can have a consistent and automated security posture across all environments.

For more details, read the press release, visit www.gigamon.com/azure or send an email to [email protected].