The Gigamon Visibility Platform - Exclusive...

33
1 ©2015 Gigamon. All rights reserved. ©2015 Gigamon. All rights reserved. The Gigamon Visibility Platform See what matters.™ Andrea Baraldi - Sales Engineer Marco Romagnoli Sales Director

Transcript of The Gigamon Visibility Platform - Exclusive...

1©2015 Gigamon. All rights reserved.©2015 Gigamon. All rights reserved.

The Gigamon Visibility Platform

See what matters.™

Andrea Baraldi - Sales Engineer

Marco Romagnoli – Sales Director

2©2015 Gigamon. All rights reserved.

6/2014

Safe Harbor StatementAny forward-looking indication of plans for products is preliminary and all future release dates are tentative and subject to change.

Any future release of products or planned modifications to product capability, functionality, or features are subject to ongoing evaluation by Gigamon, and

may or may not be implemented and should not be considered firm commitments by Gigamon and should not be relied upon in making purchasing decisions.

This presentation contains forward-looking statements within the meaning of Section 27A of the Securities Act of 1933 and Section 21E of the Securities

Exchange Act of 1934. Forward-looking statements generally relate to future events or our future financial or operating performance. In some cases, you can

identify forward-looking statements because they contain words such as "may," "will," "should," "expects," "plans," "anticipates," "could," "intends," "target,"

"projects," "contemplates," "believes," "estimates," "predicts," "potential" or "continue" or the negative of these words or other similar terms or expressions

that concern our expectations, strategy, plans or intentions. Forward-looking statements in this presentation include, but are not limited to, our expectations

that the market for our products will continue to grow and develop; and our expectations regarding product developments and enhancements and adoption of

those products by our customers. Our expectations and beliefs regarding these matters may not materialize, and actual results in future periods are subject

to risks and uncertainties that could cause actual results to differ materially from those projected. These risks include our ability to continue to deliver and

improve our products and successfully develop new products; customer acceptance and purchase of our existing products and new products; our ability to

retain existing customers and generate new customers; the market for network traffic visibility solutions not continuing to develop; competition from other

products and services; and general market, political, economic and business conditions.

The forward-looking statements contained in this presentation are also subject to other risks and uncertainties, including those more fully described in our

filings with the Securities and Exchange Commission, including our Prospectus for our public offering of common stock filed pursuant to Rule 424(b) under

the Securities Act of 1933 (Registration No. 333-191581) and our Quarterly Report on Form 10-Q for the most recent quarterly period. The forward-looking

statements in this presentation are based on information available to Gigamon as of the date hereof, and Gigamon disclaims any obligation to update any

forward-looking statements, except as required by law.

3©2015 Gigamon. All rights reserved.

• Founded in 2004

• IPO in 2013, NYSE: GIMO

• Headquarters: Santa Clara, CA, U.S.

• Global Offices: 30 countries

• 750 employeesAs of FY2017

Corporate Overview

Gigamon Visibility Platform provides pervasive visibility

into data in motion across your entire network, enabling

stronger security and network performance.

See what matters.™

• CEO: Paul Hooper

• Over 2,300 customers

• Verticals: Federal, Financial Services, Healthcare, Retail, Technology, Service Providers

• Global Patents Issued: 35

4©2015 Gigamon. All rights reserved.

Fortune 100 and 1000 statistics from FY 16-Q3Top 50 Banks in the World." http://www.relbanks.com/worlds-top-banks/assets Banks around the World. June 30, 2015. Web.Laura Lorenzetti "The 10 biggest health-care companies in the Fortune 500." https://gigamon.my.salesforce.com/00O14000008ef5s Fortune. June 20, 2015. Web.Pablo Erbar "20 Largest Stock Exchanges in the World." http://www.insidermonkey.com/blog/trading-places-the-20-largest-stock-exchanges-in-the-world-335310/Insider Monkey. November 11 2014. Web.

Liyan Chen "The World's Largest Tech Companies: Apple Beats Samsung, Microsoft, Google.http://www.forbes.com/sites/liyanchen/2015/05/11/the-worlds-largest-tech-companies-apple-beats-samsung-microsoft-google/ Forbes. May 11, 2015. Web.Kantar Retail "Top 100 Retailers Chart 2015." https://nrf.com/2015/top100-table National Retail Federation. 2015. Web.Liyan Chen "The World's Largest Telecom Companies: China Mobile Beats Verizon, AT&T Again." http://www.forbes.com/pictures/fjlj45fkkh/china-mobile/ Forbes. June 1, 2015. Web.

The World’s Top Organizations Rely on Gigamon for Their Business

5©2015 Gigamon. All rights reserved.

See what matters.™

Tools & ApplicationsSecurity | Experience Management | Monitoring | Analysis

Any NetworkData Center and Private Cloud | Public Cloud | Service Provider Networks | Remote Sites

Gigamon Visibility Platform

Manage Secure Understand

6©2015 Gigamon. All rights reserved.

Gigamon Product Portfolio

Tools & ApplicationsSecurity | Experience Management | Monitoring | Analysis

Any NetworkData Center and Private Cloud | Public Cloud | Service Provider Networks | Remote Sites

De-duplication

Slicing

FlowVUE®

MaskingGTP

Correlation

Header

Stripping

TunnelingSSL

Decryption

Adaptive

Packet FilteringApplication

Session Filtering

NetFlow and

Metadata Generation

Visibility

Nodes

Traffic

Intelligence

GigaVUE-FMOrchestration APIvCenterNSX Manager

Intelligent Visibility Public Cloud Virtual Traffic Aggregators Network TAPs

Flow Mapping® Clustering Inline Bypass GigaStream®

A

P

I

Gigamon Visibility Platform

Manage Secure Understand

The Defender Lifecycle ModelA New Security Model

8©2015 Gigamon. All rights reserved.

Real-time Threat Prevention May Not Be PossiblePARTICULARLY FOR UNKNOWN THREATS

Breaches are inevitable!

• 6.7ns inter-packet gap at 100Gb

• Insufficient time for decision making

on unknown, potential threats

Too Little Time

• Large established ecosystem of

distributors for malware

• With sophisticated kits for rent

• Along with support infrastructure

Too Many Bad Guys

9©2015 Gigamon. All rights reserved.

What Can Be DoneBREAK THE CHAIN, DON’T JUST TRY TO PREVENT IT

Reconnaissance

1

Phishing and

Zero Day Attack

2

Back Door

3

Lateral

Movement

4

Data

Gathering

5

Exfiltrate

6

Traditional security focus:

PREVENTION

The new security focus :

DETECT, PREDICT, CONTAIN

10©2015 Gigamon. All rights reserved.

Internet

Public

Cloud

✕ Significant blind spots

✕ Extraordinary costs

✕ Contention for access to traffic

✕ Inconsistent view of traffic

✕ Blind to encrypted traffic

✕ Too many false positives

Legacy Approaches Provide Limited Visibility

User Behavior

Analytics

Advanced

Persistent

Threat

Email Threat

Detection

SIEM

Next-Generation

Firewall

Data Loss

Prevention

SIEM

Data Loss

Prevention

User Behavior

Analytics

Next-Generation

Firewall

Advanced

Persistent

Threat

Email Threat

Detection

Data Loss

Prevention

Next-Generation

Firewall

Email Threat

Detection

Advanced

Persistent

Threat

SIEM

User Behavior

Analytics

Routers

“Spine”

Switches

“Leaf”

Switches

Virtualized

Server Farm

VISIBILITY LIMITED TO A POINT IN TIME OR PLACE

11©2015 Gigamon. All rights reserved.

Internet

Public

Cloud

Transform Security: The Security Delivery PlatformLOOK INSIDE THE NETWORK

Data Loss

Prevention

Data Loss

PreventionData Loss

Prevention

Next-Generation

Firewall

Next-Generation

Firewall

Next-Generation

Firewall

Email Threat

Detection

Email Threat

Detection

Email Threat

Detection

SIEM

SIEM

SIEM

User Behavior

AnalyticsUser Behavior

AnalyticsUser Behavior

Analytics

Routers

“Spine”

Switches

“Leaf”

Switches

Virtualized

Server Farm

Advanced

Persistent

Threat

Advanced

Persistent

ThreatAdvanced

Persistent

Threat

Security Delivery Platform: A Foundation for Effective Network Security

Targeted

inspection

Detection of

encrypted threats

Inline mode for

visibility and control

Reach physical

and virtual networks

Metadata for

Improved

Forensics

Security Delivery Platform

Public

Cloud

On-premise

Data Center

Remote

Sites

Private

Cloud

Next-Generation

Firewall

User Behavior

Analytics

Data Loss

Prevention

Email Threat

Detection

Advanced

Persistent Threat

SIEM

12©2015 Gigamon. All rights reserved.

GigaSECURE®

THE INDUSTRY’S FIRST SECURITY DELIVERY PLATFORM

Shifting the advantage from the attacker to the defender

13©2015 Gigamon. All rights reserved.

The Current Security Model

Basic Hygiene:Firewall, Endpoint,

Segmentation, etc.

Prevention

Building Context: Big Data and

Machine Learning

Detection

Triangulating Intent: Artificial Intelligence and

Cognitive Solutions

Prediction

Taking Action: Firewalls, IPS,

Endpoints, Routers

Containment

Automated Manual

14©2015 Gigamon. All rights reserved.

REST API

Basic Hygiene:Firewall, Endpoint,

Segmentation, etc.

Prevention

Building Context: Big Data and

Machine Learning

Detection

Triangulating Intent: Artificial Intelligence and

Cognitive Solutions

Prediction

Taking Action: Firewalls, IPS,

Endpoints, Routers

Containment

Automated Manual

A New Security Model: The Defender Lifecycle

Automated Automated

Inline Bypass

SSL DecryptionMetadata Engine

App Session Filtering

SSL Decryption

Inline BypassInline BypassMetadata Engine,

App Session Filtering,

SSL Decryption

✓ Physical

✓ Virtual

✓ Cloud

15©2015 Gigamon. All rights reserved.

Gigamon Partner EcosystemG

iga

mo

n V

isib

ilit

y P

latf

orm

Security and

Vulnerability

Management

Service

Provider

InfrastructureInfrastructure

Network &

Application

Performance

Management

16©2015 Gigamon. All rights reserved.

Gigamon Product Portfolio

Tools & ApplicationsSecurity | Experience Management | Monitoring | Analysis

Any NetworkData Center and Private Cloud | Public Cloud | Service Provider Networks | Remote Sites

De-duplication

Slicing

FlowVUE®

MaskingGTP

Correlation

Header

Stripping

TunnelingSSL

Decryption

Adaptive

Packet FilteringApplication

Session Filtering

NetFlow and

Metadata Generation

Visibility

Nodes

Traffic

Intelligence

GigaVUE-FMOrchestration APIvCenterNSX Manager

Intelligent Visibility Public Cloud Virtual Traffic Aggregators Network TAPs

Flow Mapping® Clustering Inline Bypass GigaStream®

A

P

I

GigaSmart features

18©2015 Gigamon. All rights reserved.

GigaSMART® Summary

SSL

DecryptionDe-duplication Adaptive Packet

Filtering

Application

Session FilteringPacket

SlicingMasking

NetFlow/IPFIX

Generation

Header

StrippingIP

TunnelingGTP

CorrelationFlowVUE™ERSPAN

Termination

Security delivery platform

20©2015 Gigamon. All rights reserved.

GigaSECURE®

INDUSTRY’S FIRST SECURITY DELIVERY PLATFORM

Internet

Routers

“Spine”

Switches

“Leaf”

Switches

Virtualized

Server Farm

Intrusion

Detection

System

Data Loss

Prevention

Email Threat

Detection

IPS

(Inline)

Anti-Malware

(Inline)

Forensics

Security Delivery Platform

Isolation of

applications for

targeted inspection

Visibility to

encrypted traffic for

threat detection

Inline bypass for

connected security

applications

A complete

network-wide reach:

physical and virtual

Scalable metadata

extraction for

improved forensics

GigaVUE-VM and

GIgaVUE® Nodes

Application

Session Filtering

SSL

Decryption

Inline

Bypass

✓ All tools still connected

✓ Fewer network touch points

✓ Enhanced tool efficiency

✓ Decreased OPEX costs

Metadata

Engine

21©2015 Gigamon. All rights reserved.

Inline Bypass to Scale Security DeliverySOLVING PAIN POINTS OF BOTH SECURITY & NETWORK TEAMS

Link Aggregtion

Consolidate multiple points of failure

into a single, bypass-protected solution

Add, remove, and upgrade

tools seamlessly

Integrate Inline, Out-of-Band, and Flow-based tools

via the GigaSECURE® Security Delivery Platform

HA Designs

Inline

Bypass

22©2015 Gigamon. All rights reserved.

Any forward-looking indication of plans for products is preliminary and all future release dates are tentative and subject to change.

SSL Decryption on Gigamon ProductsEncrypted Traffic Decrypted / Unencrypted Traffic

Internet Servers

Corporate Servers Clients

NGFW

IPS

Network

Forensics

Anti-malware

Active, Inline

Appliance(s)

Passive, Out-of-Band

Appliance(s)

• Corporate servers

• Enterprise has server keys

• RSA key exchange

• Supported Since 2014

1

• Corporate servers

• Diffie-Hellman (DH) key exchange

• Emerging TLS 1.3 standard

• Need to be inline to decrypt SSL

2

• Internet Servers or SaaS services

• Enterprise does not have server keys

• Need to be inline to decrypt SSL

3

?

Clients

Internet

1 RSA 2 DH, PFS

3 RSA/DH

23©2015 Gigamon. All rights reserved.

Inline Tool Group

(decrypted traffic)

Gigamon Inline SSL Visibility Solution

Highlights

• Servers and clients located internally

or externally

• Private keys not needed

• RSA, DH, PFS can be used

• Supports inline and out-of-band tools

Out-of-Band Tool

(decrypted traffic)

SSL Session

Leg 1

(encrypted)

SSL Session

Leg 2

(encrypted)

1

2

2

3

Encrypted traffic

Decrypted traffic

Web Monitor Tool

(decrypted traffic)

Any forward-looking indication of plans for products is preliminary and all future release dates are tentative and subject to change.

4

Cloud and Virtual visibility

25©2015 Gigamon. All rights reserved.

1. Security no longer an after-thought during virtualization

2. Increasing VM density with mission-critical workloads

3. Visibility into VM-VM traffic needed for Security and Application Performance Monitoring (APM)

4. Creating new virtual instances of tools affects workload performance

5. Automated visibility after VM migration

Virtual Visibility: More Important Than Ever

5 REASONS WHY YOU MUST CARE

HYPERVISOR

SERVER

VIRTUAL

IDS VM1

VIRTUAL

ANTI-

MALWARE

VIRTUAL

APM VM

HYPERVISOR

SERVER

GigaVUE-VM

IDS

ANTI-MALWARE

APM

VIRTUAL SWITCH VIRTUAL SWITCH

26©2015 Gigamon. All rights reserved.

OS

DB

DB Server

Leaf

Core Core

Leaf Leaf

Spine

Leaf

Spine

• Small footprint ‘Virtual Tap’ guest VM appliance • Access, Select, Transform, and Deliver Virtual traffic

GigaVUE-VM - Virtual Workload Monitoring EXTENDING VISIBILITY INTO VIRTUAL DATA CENTERS

Application

Performance

Network

Performance

Security

Centralized

tools

GigaVUE-VM

• Flow Mapping™

• Filter on VM, application ports

• Packet slicing at any offset

• Tunneling for multi-tenant

Advanced Traffic Intelligence

• De-duplication

• Packet Masking

• Packet Slicing

• Header Stripping

• NetFlow Generation

• SSL Decryption

• Adaptive Packet Filtering

• Application Session Filtering

Network

Tunnel Port

Tunneling

• Visibility into Hosted Applications • Visibility into Physical to Virtual traffic

DB

27©2015 Gigamon. All rights reserved.

Dynamic ‘Traffic Visibility Service’ Insertion

Internet

Security/Monitor Admin

“Copy Packet”

GigaVUE-FM

Tools and AnalyticsApplication

Performance

Network

ManagementSecurity

Monitoring Policy

28©2015 Gigamon. All rights reserved.

Partner Solution Categories and Integration Options

Solution Category Integration Options

SDDC Operations and Visibility Port Mirroring, NSX-API, NetX

Automated Traffic Visibility for

VMware powered SDDC

29©2015 Gigamon. All rights reserved.

Public Cloud Visibility Challenges and Gigamon Solution

Gigamon Visibility Platform

RDS

Web

Tier

App

Tier

ELB

ELB

Tool Tier

Region

AZ

AWS

VPC

RDS

Web

Tier

App

Tier

ELB

ELB

Tool Tier

Region

AZ

AWS

VPC

RDS

Web

Tier

App

Tier

ELB

ELB

Region

AZ

AWS

VPC

Visibility Tier

GigaVUE-FM

Tool

Tier

• Inability to access all traffic

• Discreet vendor monitoring agents per instance

• Impacts workload and VPC performance

• Increases complexity

• Static visibility with heavy disruption

• Consistent way to access network traffic

• Distribute traffic to multiple tools

• Customize traffic to specific tools

• Elastic Visibility as workloads scale-out

Elastic Load Balancing (ELB) Subnet Amazon Relational Database Service (RDS) Availability Zone (AZ)ToolInstances

30©2015 Gigamon. All rights reserved.

VPC: Virtual Private Cloud

Deployment Examples: Hybrid CloudsUSE CASE 1: TOOLS IN THE ENTERPRISE DATA CENTER

Tools

Enterprise Data Center

Monitored traffic backhauled from AWS to tools in an enterprise’s data center

L2 GRE Tunnel

Virtual Traffic Policies

AWS EC2 Integration

GigaVUE® V Series

AWS

VPCGigaVUE-FM

Control Traffic

Monitored Data Traffic

Private & Confidential

31©2015 Gigamon. All rights reserved.

Deployment Examples: Tools in the Same VPCUSE CASE 2: TOOLS IN THE SAME AWS VPC

AWS Management

Console

Monitored traffic in AWS sent to virtual tools located in the same VPC

L2 GRE Tunnel

Virtual Tools

GigaVUE-FM

Virtual Traffic

Policies

Corporate

Data CenterAWS

VPC

GigaVUE® V Series

AWS EC2 Integration

Private & Confidential

32©2015 Gigamon. All rights reserved.

Ph

ysic

al

Vir

tual

GigaVUE-VM

GigaVUE-VM

Adaptive

Packet Filtering

METADATA

Service Chain with Other GigaSMART® AppsDELIVER RELEVANT TRAFFIC AFTER DECRYPTION

Flow

Mapping®

Tunnel

Termination

Inline

SSL

Decryption

Filter on decrypted

data and send to

tools using ASF

Generate metadata

and feed to SIEM

Select target network for decryption with Flow Mapping, Decrypt and Filter

on decrypted data with ASF, Generate metadata and forward to tools

33©2015 Gigamon. All rights reserved.

VISIBILITY

MATTERS