GigaSMART® technology extends the intelligence and value of the Gigamon Security Delivery Platform™ by enhancing your monitoring infrastructure and improving tool performance. A range of applications are available to optimize the traffic sent from your network to the tools you rely upon to monitor, manage, and secure that network. GigaSMART’s advanced processing engine can be accessed anywhere within the Visibility Fabric™ without port- or card-based restrictions. GigaSMART engines can be combined to process higher traffic loads and optimized for specific applications. Operations can be combined or service chained so traffic benefits from multiple functions that can be achieved at once, such as generating NetFlow and other network metadata or SSL after duplicates have been removed, or by stripping VLAN headers before load balancing the traffic and sending it out to the tools.
Unified Visibility Fabric
Unified Visibility Fabric
An Innovative Approach
Visibility today means insight into infrastructure blind spots. Driven by the need for real-time decision making, network traffic provides network operations and security administrators with an authentic source of data to base these decisions. For pervasive visibility, the network traffic should be acquired from a variety of devices and applications—across physical, virtual and SDN/NFV environments—as well as private and public clouds. As infrastructure becomes more distributed, traffic volume and speeds increase, and the adoption of emerging technologies continues, the need to converge on a unified visibility infrastructure that not only simplifies and automates network traffic visibility, but also provides built-in intelligence, will drive the ongoing evolution of the Unified Visibility Fabric™. Given the complexity in today’s infrastructure, it is important that the fabric provides visibility into physical, virtual, remote sites as well as emerging SDN/NFV infrastructure as a single unified fabric with a common management and policy model, rather than as a set of disjoint nodes. Such a unified management model allows rapid visibility into infrastructure blind spots.
Centralized Management of the Unified Visibility Fabric
The Gigamon® Visibility Fabric™ delivers pervasive and Active Visibility across enterprise, data center, and service provider environments to enable security, network, and application performance analytics and management.
GigaVUE-FM delivers a single pane-of-glass view of all the physical and virtual nodes across the Visibility Fabric, while also providing an easy-to-use wizard-based approach for configuring patented Flow Mapping® and GigaSMART® traffic policies. End-to-end topology visualization, summarized and customizable dashboards allow operators to view and pro-actively identify hot spots and allow quick-access capabilities to traffic overlays, node status, events, port, and traffic usage exceptions.
A single instance of GigaVUE-FM can manage hundreds of physical and virtual Visibility Fabric nodes across multiple locations or data centers. With tiered pay-as-you-grow licensing, GigaVUE-FM allows customers to grow their management needs proportional to the complexity, reach and attach of the Gigamon Visibility Fabric to the production networks.
GigaVUE-FM is available as both a software-only virtual appliance for VMware ESX, Microsoft Hyper-V, and KVM hypervisors and as a hardware appliance for deployments where customers prefer a turnkey solution for management, or when the reach and scale of the Visibility Fabric needs dedicated compute capacity for management.
GigaVUE-FM software-only option is available at no charge for single-node management and is also available as a 45-day trial for customers to try multi-node management and other advanced features.
With increasing demands for agility and automation in the IT infrastructure and with ever-changing threat patterns in the network traffic, there is a critical need to automatically detect, react, and respond to these threats while also integrating visibility into IT operations management.
Active Visibility for Virtual Workloads
With exponential growth in virtualized traffic within the data center, a primary challenge for the centralized monitoring infrastructure is to access this virtual traffic for application, network and security analysis. The Gigamon® GigaVUE-VM Visibility Fabric™ node provides an intelligent filtering technology that allows virtual machine (VM) traffic flows of interest to be selected, forwarded, and delivered to the monitoring infrastructure centrally attached to the GigaVUE®platforms, thereby eliminating any traffic blind spots in the enterprise private clouds or service provider NFV deployments.
Gigamon is the only vendor to provide traffic visibility solutions for virtual workloads in VMware-powered SDDC (ESX and NSX-V) and OpenStack/KVM-powered multi-tenant clouds.
GigaVUE HD Series
Large-scale, High-speed Active Visibility Nodes
As enterprises, data centers and service providers respond to the ever-increasing volume of network traffic and the need to effectively and efficiently manage their environment, they look to Gigamon® for a scalable, pervasive, and intelligent monitoring infrastructure platform.
Gigamon created the visibility market and continues to lead the industry with innovative solutions. The GigaVUE HD Series was the first product line to provide large-scale monitoring across the data center. With the adoption of high-speed infrastructures such as 40Gb and 100Gb, Gigamon led the charge to introduce the first 100Gb visibility blade. Patented Flow Mapping® technology bridges the gap between high-speed networks and monitoring tool performance restrictions. High-speed traffic flows entering the Visibility Fabric™ are easily filtered and forwarded to 10Gb tools for efficient analysis.
The GigaVUE HD Series nodes all share a common set of blades interchangeable across systems. These include a combination of port blades to span the range from high-density 1Gb to high-speed 100Gb blades. Intelligent processing and deep packet inspection is delivered via GigaSMART® blades offering services such as enhanced packet distribution to make tools more efficient and advanced masking capabilities to assist with compliance regulations. Additional licenses are available for a variety of applications including SSL Decryption, de-duplication, and NetFlow Generation.
Multiple nodes are clustered together with other GigaVUE H Series devices to create a collective solution. Traffic is available to or from any connection across the cluster, scaling to thousands of ports. GigaVUE-FM fabric manager provides customizable dashboards and wizards to view, configure, and manage the Visibility Fabric from a single pane-of-glass view.
Inline Traffic Distribution
Many security tools need to be connected inline on production networks to realize their full value. This means that all traffic must flow from the network segment through the tool and then back onto the production network. This introduces various operational risks and challenges including the impact of a failure of the inline device and the potential performance degradation as the volume of traffic and speed of the network increases.
A 10Gb stream of traffic will quickly render a 1Gb inline device over-subscribed and potentially obsolete. Gigamon developed the G-SECURE-0216 Inline Traffic Distribution Node to specifically address these two challenges, availability and performance.
Traffic enters the G-SECURE-0216 10Gb ingress port and then, with powerful distribution logic and intelligence, the traffic is distributed to up to eight 1Gb inline devices such as an IPS or firewall. The integration of both session-based and application-based intelligence allows Security teams to distribute loads based upon IP or MAC addresses as well as by application port number. The G-SECURE-0216 is available in both single-mode and multimode fiber configurations, and the ingress supports both 1Gb as well as 10Gb connections.
The G-SECURE-0216 offers both active and passive bypass protection for inline tools, so that in the event of a failure or power outage, the network connectivity is maintained resulting in no downtime. Customizable heartbeat packets can be sent to attached inline security tools to monitor for availability.