Cloud / September 24, 2018

Help Maximize the Performance of the New Microsoft Azure Virtual Network TAP Service with GigaSECURE for Azure

While the overall approach to managing and securing the public cloud has always been very similar to doing the same in physical infrastructure, some of the inherent differences have created unique challenges. At Gigamon, where our entire business is built around helping customers access the information flowing over their networks, we’re constantly asked about our approach to the public cloud. To help our customers, we were the first company to provide a solution for acquiring raw packet data and delivering it to the tools that analyze it for indications of security threats or measure the performance of cloud-based applications.

Due to the lack of access to the underlying physical infrastructure, that solution, much like competitive solutions, required customers to deploy software on every compute instance they want to monitor. Despite our providing an extremely efficient solution, this was a deployment challenge — especially if a customer wanted to retrofit visibility for security and performance to an existing operational deployment. Oh, the joy of DevOps rolling out new apps!

Today, Microsoft is announcing the tech preview of a new feature within Microsoft Azure that will greatly improve access to the network traffic flowing within your virtual network — and we all know, access to the packets is the best way to really see what’s happening in your environment. With the service enabled, the Microsoft Virtual Network TAP lets you stream a copy of all raw packets from designated workloads. This immediately eliminates the need to deploy an agent and gives you easy access to a mirrored copy of all the traffic in and out of that instance.

So, you may be wondering, if this service is native in Azure, why would I still need the Gigamon offering? Let’s compare the situation to the physical world for a moment. How many tools do you have in your current infrastructure that need to see network packets? Three, six, ten?

Various reports put the average number of security and performance tools installed within the average enterprise at between twenty-five and forty — many of them dealing with a copy of the raw packet stream or metadata (such as NetFlow or IPFIX records) generated from them. Can you imagine having to feed all of those from one network TAP? Same situation in the cloud. You would need to send the traffic to multiple tools but likely wouldn’t need all the packet data sent to all the tools — doing so would be incredibly inefficient.

Our GigaSECURE® for Azure solution solves this challenge by allowing you to deploy a next generation network packet broker in each virtual network. Our management system will automatically identify each new workload running the Virtual Network TAP service and configure it to send the mirrored traffic to our vSeries device.  At the vSeries, copies of the network traffic can be sent to multiple tools that are either within your virtual network or outside it. The network packets can be sliced to remove unnecessary data for the task at hand, minimizing the transfer costs associated with inter-virtual network traffic. Similarly, if your industry is regulated, meaning you have to protect certain information from unnecessary disclosure, the vSeries can mask data within packets so tool operators don’t see it and tools don’t store it.

The vSeries also has the ability to generate NetFlow or IPFIX records from any traffic flow it is sent; so, whether you use it for NetOps functions or to feed a security tool, you can extend the functionality you have in your physical infrastructure across your public cloud infrastructure too.

Learn more at the GigaSECURE for Azure web page – or take a test drive for yourself.

If you’re interested in trying GigaSECURE for Azure with the Microsoft Preview of the new Virtual Network TAP service, please contact us, and we will get in touch.

Back to top