Pioneering Deep Observability in the Age of AI and Cloud
We’ve heard it before: the saying that “You can’t secure what you can’t see.” The premise that network packet data is a fundamental source of truth is as true today as it was two decades ago. So, what has changed in the 20 years since Gigamon was founded? Speed and throughput, to start. Long gone are 1G and 10G speed conversations. They’ve long since been replaced with 100G, 400G, and even 800G as we marvel at the speed at which AI use cases have exploded across the landscape. Cloud adoption continues to accelerate, with hybrid cloud deployments for large organizations expected to grow to 85 percent in 2024.1 Encryption is now the norm, with Google reporting that 96 percent of the traffic it sees is encrypted.2 Cybersecurity continues to face challenges as threat actors take advantage of the increasing speeds and dynamic and ephemeral nature of the cloud resources, all as AI technology catapults traditionally unsophisticated attackers to pseudo-sophisticated status.3
The need for observability is just as critical today as it was 20 years ago, even if the ways in which we use it have evolved. Network packet data remains a fundamental source of truth, but while cybercrime has increased and threat actors have developed means for manipulating or disabling end points and server logs, network packet data remains immutable. With increased network speeds, managing large volumes of traffic has become an arduous task for budgetary and operational teams.
Network packet data forms the underpinnings of this analysis, but the ability to provide context and insights is more critical than ever. At Gigamon, we believe this to be true, and bringing log data together with network-derived telemetry that spans packet, flow, and application metadata underpins the deep observability that we bring to modern visibility stacks and cloud-first organizations.
Announcing GigaVUE 6.8 Software Release
Drawing on the assertions above, where speeds and throughput are increasing and the ability to have the best information to make faster decisions is key, I am pleased to share two foundational innovations of our latest GigaVUE® 6.8 software release (see documentation) that underscore our commitment to innovation and delivering deep observability to our customers. You can’t secure what you can’t see, but at Gigamon, we believe seeing the signal through the noise with enriched metadata is key to how our customers and those who manage their organization’s networks, applications, and security centers achieve success.
Smarter Resource Utilization — for Scale
The Gigamon Deep Observability Pipeline delivers comprehensive network visibility, a critical foundation for robust security. As encrypted traffic surges, our award-winning Precryption™ technology provides plaintext visibility into encrypted cloud communications, eliminating a major blind spot.
Recognizing that not all cloud traffic requires deep inspection, our 6.8 release introduces Selective Precryption, which allows users to optionally select specific workloads to exempt from Precryption. This innovative feature empowers users to filter traffic by application or namespace, optimizing resource utilization and focusing inspection on high-risk areas. Selective Precryption offers two main benefits:
- Exemption for Ultra-Sensitive Workloads: Selective Precryption protects highly critical data by allowing organizations to exclude ultra-sensitive or highly trusted workloads from Precryption analysis. It allows security tools like NDR to better adhere to tool policies, so organizations can enjoy the better, faster detection of cyber threats that Precryption offers, but within policy frameworks. This is ideally suited to customers in the banking, healthcare, and government sectors.
- Performance Improvement: By exempting low-risk or trusted workloads from Precryption, organizations can reduce computational overhead, leading to improved performance and potential cost savings.
By granting granular control over visibility, Gigamon gives our customers flexibility to get plaintext visibility in the way that works best for them.
Enriched Metadata Without Compromise — with Context
The second key innovation includes GigaVUE Enriched Metadata (GEM) for Cloud Workloads that provides comprehensive situational awareness to address security and performance pain points in a timely manner. This added context provides deep observability into all data in motion, including environmental details that can help users to reduce mean time to detect (MTTD) and mean time to resolution (MTTR).
GEM for Cloud Workloads enables users to accelerate troubleshooting with instant insights into workload location, VPC details, and availability zones. Users can pinpoint issues faster than ever and restore service rapidly. Security teams are also empowered to proactively enforce compliance by effortlessly accessing critical tags, security groups, and IAM policy profiles and identifying policy violations. GEM delivers this vital information to the user’s fingertips, streamlining investigations and further strengthening their overall security posture.
GEM for Cloud Workloads enables CloudOps, DevOps, CloudSecOps, and Cloud SOC teams to take their threat detection and incident response (TDIR) efforts to a new level, making them operationally efficient and strengthening security policy enforcement and capacity planning across their hybrid cloud infrastructure. They can now quickly identify, troubleshoot, isolate, and remediate the compromised workloads by augmenting application metadata with additional context from host environments.
To learn more about GEM for Cloud Workloads, please download and read our new solution brief.
There is much more in our latest release, and I invite you to review the content on our GigaVUE Community page and join the conversation. There you’ll find all of our documentation including 6.8 documentation, knowledge base articles, and training and have access to other customers and Gigamon technical experts.
References
- Marr, Bernard. “The 10 Biggest Cloud Computing Trends In 2024 Everyone Must Be Ready For Now.” Forbes. October 9, 2023. https://www.forbes.com/sites/bernardmarr/2023/10/09/the-10-biggest-cloud-computing-trends-in-2024-everyone-must-be-ready-for-now/?sh=4c00f01166d6&trk=article-ssr-frontend-pulse_little-text-block
- Google Transparency Report. “HTTPS encryption on the web.” Google. https://transparencyreport.google.com/https/overview?hl=en
- Bracken, Matt. “AI fuels rise in attacks from ‘unsophisticated threat actors,’ federal cyber leaders say.” June 5, 2024. FedScoop. https://fedscoop.com/ai-cyberattacks-federal-agencies-fbi-treasury-state-department/
Featured Webinars
Hear from our experts on the latest trends and best practices to optimize your network visibility and analysis.
CONTINUE THE DISCUSSION
People are talking about this in the Gigamon Community’s Security group.
Share your thoughts today