SHARE
Security / July 12, 2022

Leveraging Deep Observability Pipeline with Sumo Logic

With the scale at which applications are growing, security and networks are trying their best to catch up. In order to have a secure environment, it’s of paramount importance that all security tools can talk to each other to provide a holistic picture and fill any gaps left by other tools.

Gigamon’s Deep Observability Pipeline integrates with Sumo Logic, bringing rich network context for applications and collecting attributes from traffic flowing in the network. Sumo Logic analytics services can make use of this rich data to help visualize and identify use cases like:

  • Detecting rogue IT activities, such as crypto mining and BitTorrent
  • Detecting weak ciphers for compliance
  • Detecting expired or near-expiry TLS certificates
  • DNS queries
  • Unmanaged hosts
  • Application overview

Gigamon allows you to see any traffic in any environment, then extract application data and attributes. This makes it an agile solution that can facilitate quick detections for zero-day vulnerabilities. Just enable additional attributes with a few clicks, and you’ll be able to see them on your dashboards in Sumo Logic.

Figure 1: Metadata attributes.

This provides an ability to store a historical context of all the data in motion, which may otherwise be cost-prohibitive in a public cloud environment and space-prohibitive in an on-prem environment.

The integration with Gigamon Deep Observability Pipeline is straightforward. Once you have a Gigamon solution in place, all you need is a custom HTTPS source URL from Sumo Logic, and the solution will start working in 10 minutes or less.

The examples below are sample dashboards, but this is just one aspect. With Gigamon rich attributes, you can build as many aspects as you like to fill the gaps where needed in your environment.

Figure 2: Sumo dashboard with Gigamon.
Figure 3: Sumo dashboard with Gigamon.

As technologies grow at an unprecedented pace, it’s paramount to keep up. Gigamon and Sumo Logic provide one additional layer that makes your network observable for any point in time with rich data to fill any gaps.

Learn more about how Gigamon Deep Observability Pipeline can provide an additional layer of security and help improve your organization’s security posture.

Featured Webinars

Hear from our experts on the latest trends and best practices to optimize your network visibility and analysis.

CONTINUE THE DISCUSSION

People are talking about this in the Gigamon Community’s Security group.

Share your thoughts today

RELATED CONTENT

REPORT
2022 Ransomware Defense Report
WEBINAR
Ransomware Best Practices: Agentless Threat Hunting
REPORT
2022 TLS Trends Data
WEBPAGE
Suddenly, Ransomware Has Nowhere to Hide

Back to top