Hybrid Cloud Visibility Is Key to NDR Success

Organizations are increasingly adopting cloud infrastructures — private, public, hybrid, and multi-cloud — to enhance their business agility and scalability. However, with this shift comes a pressing need for robust security monitoring solutions that can effectively oversee these heterogeneous environments, often using network detection and response (NDR), which Gartner expects will plateau in adoption within the next two to five years.

At Gigamon, we share Gartner’s view of increasing adoption of NDR technologies, and we also believe that NDR is crucial for detecting and responding to the latest emerging threats. That’s why Gigamon is actively partnering with leading NDR vendors to enhance their threat detection accuracy through comprehensive network visibility across hybrid and multi-cloud environments.

Monitoring IaaS Traffic: A Necessity, Not a Luxury

As businesses expand their cloud presence, the ability to monitor cloud traffic in Infrastructure as a Service (IaaS) becomes critical.

NDR tools provide essential functionality to bridge potential gaps in visibility among various cloud operational models, ensuring that organizations can track interactions seamlessly, regardless of whether they are operating in a hybrid model or solely within the cloud. Gigamon elevates NDR monitoring capabilities by providing indispensable visibility into all traffic — egress/ingress, lateral (East-West), North-South, encrypted/unencrypted — reinforcing your security strategy through effective threat detection and incident response (TDIR). This comprehensive monitoring capability based on network visibility is not just a technical requirement; it is essential for maintaining the integrity of organizational data and safeguarding against potential threats as indicated by 2024 Gartner Hype Cycle report.

“Organizations expanding their cloud presence use NDR to avoid creating gaps in their ability to monitor interactions among all their systems, whether hybrid or singularly IaaS.”

– 2024 Gartner Hype Cycle report

Strategic Deployment of NDR Sensors

The shift to hybrid and multi-cloud environments can quickly become complex and costly for many organizations. To manage this complexity and to deliver on the promise of the cloud to improve operational agility and scalability, organizations must have complete, consistent visibility into all the data in motion on their hybrid or multi-cloud network.

To maximize the effectiveness of NDR technology, it is vital to carefully plan the types and locations of sensor deployments. Proper positioning of NDR sensors is key to achieving complete visibility across the network as stated in the 2024 Gartner Hype Cycle report.

“Plan sensor types and deployment locations so that the most relevant network traffic can be analyzed. Proper positioning of the NDR sensors is critically important to achieve complete visibility, limit the number of false positives, and control the cost of the deployment.”

– 2024 Gartner Hype Cycle report

Gigamon eliminates the need for each security tool like NDRs to have its own set of agents deployed. In addition, Gigamon reduces the amount of redundant or unnecessary traffic sent to NDR tools while maintaining fidelity and reducing data movement — backhauling costs up to 80 percent (or more) — especially observed under cloud NDR deployments. All this is possible by ensuring only relevant traffic is moved and, where possible, just metadata not in raw form. If you want to learn more, see our webinar, “Design a Cost-Efficient Cloud Visibility Architecture.”

This strategic approach helps limit the number of false positives, thereby speeding up MTTR from focusing on high-fidelity alerts and reducing unnecessary operational overhead. Additionally, it allows organizations to control deployment costs while ensuring that the most relevant network traffic is being analyzed.

The Future Landscape of Network Incidents

Looking ahead, the importance of monitoring cloud network activity cannot be exaggerated. According to the 2024 Gartner NDR Market Guide Strategic Planning Assumption, an increase in the number of cloud security incidents discovered by NDR tools will increase by 5X within the next five years. This shift highlights the urgent need for organizations to invest in advanced monitoring solutions that have comprehensive visibility into network traffic to keep pace with their evolving IT environments.

“By 2029, more than 50 percent of incidents discovered by NDR technology will come from cloud network activity, up from less than 10 percent today.”

– 2024 Gartner Hype Cycle report

Conclusion

It is crucial to recognize the central role that monitoring hybrid and cloud traffic plays in the overall security posture of your organization. Embracing NDR technology relying on comprehensive network visibility not only prevents missed detections but also fortifies defenses against emerging threats in an increasingly cloud-centric world.

*This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Gigamon.

GARTNER is a registered trademark and service mark of Gartner and Hype Cycle is a registered trademark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved. Gartner does not endorse any vendor, product, or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.