Capability Domains met by Gigamon

Perform

Gigamon's Visibility and Analytics Fabric (VAF) provides systemic visibility into data-in-transit across all IT operations, for both cyber tools deployed out-of-band and cyber tools deployed using an in-line bypass configuration, to enable and optimize the performance of cyber tools that perform real-time scans of files from external sources as files are downloaded.

The visibility is enhanced with:

  • Traffic Decryption
  • Deep Packet Inspection
  • NetFlow
  • Metadata Generation
  • Monitor

    Gigamon VAF provides systemic visibility into data-in-transit across all IT operations, for both cyber tools deployed out-of-band and cyber tools deployed using the following techniques:

  • Monitor inbound/outbound communications traffic to detect attacks/potential attacks.
  • Utilize sandboxing to detect or block potentially malicious email.
  • Using an in-line bypass configuration, to enable/optimize the effectiveness of cyber tools to monitor individuals and system components on an ongoing basis for anomalous/suspicious behavior.
  • The visibility is enhanced with:

  • Traffic Decryption
  • Deep Packet Inspection
  • NetFlow
  • Metadata Generation
  • Monitor and Detect

    The Gigamon ThreatInsight (GTI) NDR SaaS solution monitors and analyzes data-in transit across all IT operations for Threat Detection and Investigation. GTI generates metadata from the data-in transit that is integrated with threat intelligence from multiple sources, including attacker TTPs, using machine learning and human analysis to enable and automate detection of cyber threats.

    The metadata generated by GTI is stored in a data warehouse and is available for threat hunting personnel and other cyber tools to enable monitoring of organizational systems, including inbound and outbound communication traffic, to detect attacks and indicators of potential attacks. GTI also utilizes and integrates traditional IDS capabilities and signatures into the threat detection process.

    All of this helps GTI enable and automate detection of cyber threats as part of ongoing monitoring of individual and system components for anomalous or suspicious behavior associated with threats.