SHARE
Security / May 5, 2022

Partner Spotlight: Ordr and Gigamon Provide Device Visibility and Security

Traditional security tools and strategies cannot meet the unique challenges of securing the growing number of IoT and other connected devices in the average organization. Ordr, headquartered in Santa Clara, California, is on a mission to give its customers peace of mind, knowing that they can indeed manage and secure all of the various connected devices in their environment.

We spoke with Chris Westphal, Ordr’s Head of Product Marketing, to learn more about how Ordr works with Gigamon to simplify the complex problem of securing every connected device  — from traditional IT devices to newer and more vulnerable IoT, IoMT, and OT devices.

Gigamon: Who is Ordr and what is the company’s history?

Chris: Ordr was founded in 2015 by Pandian Gnanaprakasam (Chief Product Officer) and Sheausong Yang (Chief Architect), who previously worked together at Aruba Networks (now part of HP). At the time, IoT, IoMT, OT, and other connected devices were starting to take off, and vulnerabilities targeting these devices were starting to emerge. As a result, the two founders recognized a gap in security, so they set out to build a solution that would be a single source of truth with granular details for these devices and provide the ability to ensure proper security. They pulled a team together with deep expertise in security and networking, allowing them to build a product with a truly unique approach to solving the problem.

Gigamon: Describe your company culture. What makes you tick?

Chris: Ordr is a passionate team that believes in helping customers find order in the chaos of connected devices. We have a strong start-up culture, and we empower our team to leverage their unique backgrounds to find new ways to solve challenging problems. Our goal is to make the incredibly complex problem of IoT and connected device security simple for our customers, and we continually strive for approachable innovation in everything we do. 

Gigamon: If you had to describe Gigamon with just one word, what would it be?

Chris: Visibility.

Gigamon: How do Ordr and Gigamon work together to solve your customers’ problems?

Chris: Gigamon is a key source of network data in customer environments, and access to network data is critical to the Ordr solution. Gigamon makes it easy for customers to send high-quality data to Ordr for analysis. Capabilities like data optimization, decryption, and access to metadata ensure that we provide comprehensive visibility and security across all devices.

Ordr analyzes network traffic to discover and classify connected devices and provides granular details on each device, such as make, model, serial number, location, and OS. By understanding what each device is, we can give customers insights into known threats, like vulnerabilities, exploits, weak ciphers/certificates, and recalls.

Chris Westphal, Ordr’s Head of Product Marketing.

Ordr also analyzes network traffic to baseline device communications. This helps our customers identify anomalies and potentially active threats. When a threat is detected, we can auto-generate policies to segment a vulnerable or potentially infected device and stop the spread of an attack.

By analyzing network traffic from Gigamon, Ordr can provide insights that give customers the context required to build proactive security policies and accelerate microsegmentation, NAC, and Zero Trust projects.

Gigamon: What are some of your market’s specifics, advantages, and challenges when it comes to network security and visibility/IoT?

Chris: Connected devices include everything from access badge scanners and digital signage to multimillion-dollar manufacturing robots and healthcare devices. The number of IoT and other connected devices in an average organization is rapidly increasing, as is the role of these devices as business-critical infrastructure.

Ordr is uniquely positioned to solve unique security challenges with a team that has deep expertise in networking and security. Simple device discovery is not enough. Providing meaningful insights to security and networking teams is essential to delivering true, scalable security. Turning those insights into action is critical, and that’s something unique to Ordr.

Because of our deep device and network context, we can turn insights into enforceable policies. For example, these policies can isolate a vulnerable device while ensuring it can still perform critical business operations. Another example is our ability to model and create segmentation policies to help accelerate microsegmentation and Zero Trust projects.

Gigamon: Which Gigamon features stand out the most and make the product outstrip its competitors?

Chris: Gigamon is an aggregation point for collecting network data, which helps simplify and accelerate the integration of Ordr into customer environments. Gigamon also provides a layer of optimization when delivering data to Ordr for analysis. Gigamon capabilities such as de-duplication and packet/flow slicing reduce data volumes sent to Ordr by up to 90 percent. This means less traffic sent over the network, so Ordr can focus on analyzing the right data.

Other Gigamon features, such as traffic decryption and the ability to provide NetFlow and metadata, give Ordr access to data that would otherwise be difficult or impossible for a customer to provide. With these, we can give customers a more comprehensive view of the devices in their environment.

Gigamon: What’s an anecdote that customers share when they talk about our joint solution?

Chris: Customers with Gigamon deployed immediately see the value of the joint solution because they are able to provide Ordr with high-quality data from more places and with less hardware. This makes customers happy, and we get clean traffic without additional load on their infrastructure.

Gigamon: What is the most memorable moment associated with Gigamon as a partner?

Chris: There was an instance where the Ordr team was working with a partner to prepare for a big customer demo the next day. We hit a snag and reached out to the Gigamon team for help. Even though Gigamon had no direct connection to the demo or the customer, the team immediately jumped in and helped get things resolved. You can’t ask for a better partner than that!

Gigamon: What are some of the new challenges you see in the market that the partnership with Gigamon can solve?

Chris: The first challenge customers have is addressing visibility and security requirements without adding lots of new hardware and rearchitecting their environment. Gigamon gives Ordr access to the network traffic we need for analysis. From this, we give customers visibility into their devices, and we leverage their existing network and security infrastructure to enforce security policies.

Another challenge is analyzing data that’s encrypted. Gigamon gives customers a secure and efficient way to provide tools like Ordr with access to this data.

Cloud adoption is yet another challenge. As workloads move to the cloud, many organizations are forced to manage and secure those environments separately. Leveraging solutions like Gigamon Hawk deep observability pipeline gives Ordr access to SPAN traffic from the cloud, and customers get a single view of all their devices, plus the ability to apply consistent security policies.

Gigamon: Who is the target audience (such as SecOps, NetOps, or DevOps) for our joint solution, and how do they benefit?

Chris: SecOps and NetOps teams both benefit from the joint solution. When it comes to security, these teams increasingly need to work together in coordination, and Ordr with Gigamon makes these coordinated efforts efficient. This includes everything from sending Ordr high-quality data for analysis to creating and enforcing segmentation policies to improve security.

Gigamon: Thank you, Chris, for making time for us and for being such a wonderful partner.

CONTINUE THE DISCUSSION

People are talking about this in the Gigamon Community’s Security group.

Share your thoughts today

RELATED CONTENT

REPORT
2022 Ransomware Defense Report
WEBINAR
Ransomware Best Practices: Agentless Threat Hunting
BLOG POST
Ransomware in Healthcare
WEBPAGE
Suddenly, Ransomware Has Nowhere to Hide

Back to top