The cloud is becoming the go-to infrastructure of choice for enterprises worldwide. Why? First and foremost, cloud computing has significantly more flexibility when it comes to scale. If you are leveraging Amazon Web Services (AWS), it takes minutes to spin up an EC2 instance, whereas expanding on-premises infrastructure can take weeks or months. Secondly, organizations can save on infrastructure costs and resources with the cloud and shift budgets to other areas as needed. But despite the obvious benefits the cloud brings, it is still important to have effective security policies in place to protect workloads no matter where they reside.
That is why Gigamon and RSA have come together to create a joint integrated solution for AWS customers. Let’s hear from Sesh Sayani, director of product management – cloud at Gigamon, to learn more about what Gigamon and RSA can offer to enterprises moving to AWS.
What kind of challenges are you seeing from customers who are moving to the cloud?
When organizations first started moving to the cloud, they were migrating their Tier 2/3 applications and workloads. Now, as on-premises infrastructure cost and complexity continue to rise, enterprises are beginning to move their mission-critical applications to the cloud as well.
This “lift and shift” of Tier 1 applications, however, has raised eyebrows, especially by security architecture teams. When moving to the cloud, enterprises lose visibility into traffic in and out of their workloads. Security teams are concerned about gaining the necessary insight in order to maintain effective forensics, prevent accidental data loss and prepare for security incident responses.
Endpoint or malware protection is not sufficient to gain full application insight. To get full visibility, deep packet inspection is required for effective forensics, analysis and protection. To address this, agents can be deployed in the workloads for traffic inspection. But, for a comprehensive security posture, multiple tools may be required – for example, IDS, SIEM, DLP. Adding so many agents in the workloads is neither a scalable nor cost-effective approach to address this challenge.
Can you please tell us a bit about the Gigamon Visibility Platform and the benefits for Amazon Web Services (AWS) customers?
The Gigamon Visibility Platform is the first pervasive visibility solution for the cloud that provides full and deep traffic visibility into your workloads in AWS. This platform is made up of three main elements:
GigaVUE-FM Fabric Manager: Orchestration component that ensures scale, automation and elasticity across your AWS deployments.
GigaVUE V Series: Virtual visibility nodes deployed as AMIs, used to aggregate traffic across multiple EC2 instances and send customized traffic to multiple security tools as needed.
G-vTAP agents: Used to gain access to the traffic from the EC2 instances to the GigaVUE V Series nodes.
The Gigamon Visibility Platform can be deployed either on-premises or in AWS. That means organizations don’t have to duplicate the tools they are running on-premises and in the cloud. Let’s take a quick look at an example. If you are running tools on-premises, you don’t want to be forced to deploy additional tools in the cloud because this will drive up cost and the need for resources. Instead, deploy the Gigamon Visibility Platform on-premises and backhaul network traffic of interest to your on-premises tools.
Gigamon and RSA have been partners for a while – what are your thoughts on this partnership?
It’s a great partnership and one that we want to continue to expand. RSA is a recognized industry leader in security and now that we both have solutions available for AWS, we can jointly provide a highly scalable, flexible offering that provides visibility and security for our customers across physical, virtual and public cloud deployments.
How does Gigamon integrate with RSA on AWS and what are the benefits to customers?
The Gigamon Visibility Platform for AWS includes our lightweight G-vTAP agent, which is deployed on different EC2 instances. The agent copies the network packets, which are aggregated in the GigaVUE V Series node where we apply traffic intelligence and then send the desired network traffic to the RSA NetWitness Suite decoder for deep content inspection. The benefit to customers is full packet capture across compute instances, which provides RSA NetWitness Suite with the ability to identify and mitigate potential threats faster.
Gigamon and RSA have put together a joint Test Drive – why would this be exciting for customers?
A Test Drive is a great way for our customers to see first-hand how these solutions work and perform in an AWS environment. With this joint Test Drive, customers can see how the Gigamon Visibility Platform provides automated insight into AWS workloads, applies GigaSMART traffic intelligence and distributes copies of traffic. Additionally, customers can see how the RSA NetWitness Suite gathers traffic from the Gigamon Visibility Platform to investigate / identify potential threats to your AWS applications and workloads.
Want to learn more?
If you’re attending Black Hat July 26-27, come check out the RSA booth #907 to speak to Gigamon and RSA product experts.