Intelligent network visibility solutions that monitor, manage and deliver end-to-end visibility across enterprise, data centers and service providers.
Gigamon.
GigaSMART® technology extends the intelligence and value of the Gigamon Security Delivery Platform by enhancing the monitoring of your network infrastructure and improving security tool performance. A range of applications are available to optimize the traffic sent from your network to the tools you rely upon to monitor, manage, and secure the network. GigaSMART’s advanced processing engine can be accessed anywhere within the Gigamon Visibility Platform without port- or card-based restrictions. GigaSMART processing engines can be combined to manage higher traffic loads and optimized for specific applications. Applications can be combined or service chained so traffic benefits from multiple functions that can be achieved at once, such as generating NetFlow and other network metadata or decrypting Secure Sockets Layer (SSL)/ Transport Layer Security (TLS) traffic after packet duplicates have been removed, or by stripping VLAN headers before load balancing the traffic and sending it out to the appropriate tools.
Network monitoring tools perform more efficiently by eliminating unwanted content with the de-duplication and packet slicing features. SSL/TLS decryption provides visibility into encrypted sessions, sending decrypted packets to both inline and out-of-band security tools. Masking allows network security teams to hide confidential information such as passwords, financial accounts, or medical data, helping companies to meet Sarbanes-Oxley Act of 2002 (SOX), Health Insurance Portability and Accountability Act of 1996 (HIPAA) and Payment Card Industry (PCI) compliance regulations. Organizations can improve accuracy with GigaSMART’s source port labeling and time stamping capabilities, which allow the addition of source or timing information at the point of collection. Enhanced packet distribution features available with GigaSMART’s Adaptive Packet Filtering or load balancing enable enhanced visibility into packet contents and, when combined with header stripping, allow tools to operate more effectively by removing unwanted protocol headers.
The advanced processing capabilities of the GigaSMART engine can also be leveraged to summarize and generate NetFlow statistics from incoming traffic streams. Offloading NetFlow Generation to the Gigamon Visibility Platform eliminates the risk of expending expensive production network resources in generating these analytics. Enhanced flow-level visibility across remote locations and Big Data environments can be used to derive usage patterns, top talkers, top applications, and more, for effective capacity planning and enforcing security policies.
Adaptive Packet Filtering
- Filter across advanced encapsulation headers including VXLAN, VN-Tag, GTP, MPLS, etc., and inner (encapsulated) Layer 3/Layer 4 packet contents
- Provide advanced visibility into the application layer using pattern matching regular expressions-based filters
- Mask private and sensitive data in the packet before it gets stored, maintaining SOX, PCI, and HIPAA compliance
- Included with GTP correlation
Application Session Filtering
- Forward traffic corresponding to application sessions to security appliances increasing their efficacy and performance
- Classify flows of interest using signatures to filter applications such as video streaming, email, web 2.0 and other business applications
- Provide complete visibility into traffic flows by forwarding all packets from session initiation to termination to security and monitoring tools
De-duplication
- Relieve tool processing resources when packets are gathered from multiple collection points along a path by only forwarding a packet once
- Remove packet duplication caused by inter-VLAN communication or incorrect switch configuration
ERSPAN Termination
- Terminate ERSPAN tunnels to consolidate, filter, and forward relevant ERSPAN traffic
- Translate the ERSPAN III timestamp into a format readable by monitoring tools (GigaVUE H Series only)
FlowVUE™
- Perform flow-aware sampling of active subscriber devices to selectively reduce traffic bound to monitoring and analytic tools
- Preserve or increase CEM based on real-time reduced data analytic throughput
- Optimize your tool rail efficiency by sending multiple overlapping flow samples to different tools and running multiple analysis processes in parallel
- Turn Big Data into manageable data with deterministic results at a fraction of the data rate
GTP Correlation
- Optimize tool infrastructure by accurate filtering, replicating, and forwarding monitored subscriber sessions
- Correlate subscriber sessions (control and data) to offload tools, increasing throughput
- Facilitate drilldowns into roaming users across peer networks
- Includes Adaptive Packet Filtering license; GTP Whitelisting requires FlowVUE®license
Header Stripping
- Eliminate the need for monitoring tools to decipher protocols
- Allow easy filtering, aggregation, and load balancing of packets with headers removed
- Headers and protocols removed: ISL header/trailer removal and VXLAN, VN-Tag, VLAN, MPLS, GRE, and GTP-U
Load Balancing
- Distribute traffic among multiple ports based on a variety of options: hashing, bandwidth, cumulative traffic, packet rate, connections, and round robin
- Apply weighting to the traffic distribution, supporting different tool capacities
- Utilize hashing options such as IP, IP-and-Port, five-tuple, and GTP-u tunnel ID
- Load balancing is included with all GigaVUE H Series GigaSMART licenses except NetFlow (including the Metadata Engine)
Masking
- Overwrite packet data between a 64-9000 byte offset
- Conceal private data including financial and medical information
NetFlow and Metadata Generation
- Offload NetFlow and metadata generation and obtain insight from across the Visibility Fabric, regardless of network infrastructure
- Simultaneously provide unsampled, 1:1 flow statistics and raw packets to a variety of monitoring, analysis, and security tools in an integrated traffic visibility solution
- Export records to up to six (6) collectors supporting NetFlow v5/v9 and/or IPFIX as well as extensions for other metadata (such as URL, HTTP response codes, SIP, DNS and Certificates)
Packet Slicing
- Reduce packet size to increase processing and monitoring throughput
- Process fewer bits while maintaining the vital, relevant portions of each packet
- Significantly increase the capacity of forensic recording tools
Source Port Labeling
- Add labels to the packets indicating the ingress port
- Easily identify where a packet is coming from
SSL/TLS Decryption
- Provide automatic visibility into SSL/TLS traffic regardless of TCP port or application
- Send decrypted packets to multiple inline (e.g. IPS, NGFW) and out-of-band (e.g. DLP, APM, SIEM, analytics) security tools simultaneously
- Selectively decrypt traffic using intelligent policies based on URL categories, IP address, ports, VLAN tags, domain names, and more
- Scale performance with additional GigaSMART modules
- Integrate with other GigaSMART applications for comprehensive traffic management (e.g. de-duplication, masking, slicing)
- Protect private server certificates and keys with encryption and role-based access controls
Tunneling
- Forward packets from remote sites to centralized monitoring tools using IP/UDP or L2GRE encapsulation
- Integrate virtualized tools into the Visibility Fabric via L2GRE tunnels