Q Gigamon has just introduced Visibility Software for White Box
Hardware – can you tell us a little bit about the thinking behind
this announcement?
A The need for traffic based visibility is increasing significantly.
The key drivers for this are security, compliance, customer
experience management, and performance management. These
trends are forcing the need to scale out traffic visibility solutions
that provide pervasive visibility. That’s where the whitebox solution
comes into play. Web-scale data centre operators, and some large
enterprise customers, procure baremetal/whitebox switches directly
from manufacturers. In order to help them get pervasive visibility
and simplify their procurement and sourcing cycle, Gigamon has
introduced the GigaVue-OS software which can adapt the personality
of the whitebox switches so they behave like visibility fabric nodes.
These adapted whitebox switches can then be clustered together into a single fabric, with purpose built high function visibility fabric nodes, using an edge-core model. The whitebox switches, with the
GigaVue-OS at the edge, allow sophisticated filtering, replication and
aggregation of traffic. The high function nodes at the core then provide traffic intelligence capabilities such as SSL decryption, de-duplication, Layer 7 filtering, and load balancing of traffic, to the security and performance management tools.
Q What’s in it for Channel, and how will it benefit their customers?
A The channel will have a critical role to play in this model. Many
customers will look to the channel to help integrate the whitebox
hardware, GigaVue-OS software, and the advanced functionality
purpose built nodes, into a single fabric – as well as provide value added services in conjunction with security and performance management tools. This is a win-win-win for the channel, the end customer and for Gigamon.
Q What about customers who do not want to deal with whitebox/
baremetal solutions?
A As mentioned above, the whitebox solution will mostly appeal to
web-scale data centres and some very large enterprises. Many other
enterprises today do not have a whitebox strategy and prefer
to procure a turnkey solution. For those customers, we have the TA
series solution which functions exactly as a whitebox with GigaVue-
OS. The TA series includes turnkey visibility fabric nodes that also
cluster into the purpose built high function visibility fabric nodes with
traffic intelligence capabilities. This offers true choice to customers to
scale out their visibility needs.
Q What solutions do you have to address cloud deployments?
A Visibility in the cloud is becoming imperative for almost
all enterprises. In order to deliver visibility in cloud deployments,
Gigamon has built out a virtualised visibility fabric node that can be
deployed in cloud environments and can work in conjunction with
our physical visibility fabric nodes, to provide end-to-end visibility for
physical and virtual environments. Our solution addresses challenges
in cloud environments, such as mobility of VMs with follow-the-VM
monitoring policies, so as to ensure consistent visibility regardless of
where a VM is deployed or where a VM moves to within the cloud.
Q You have talked about pervasive visibility often. What exactly
do you mean by pervasive?
A Today, when we look at data centre and cloud environments,
what we are seeing is that traffic patterns are changing, with eastwest
traffic growing rapidly. At the same time, customers are moving
to active-active data centres for backup and disaster recovery, and
towards an increasingly distributed workforce accessing those
data centres. In order to monitor, manage and secure this highly
dynamic environment, visibility needs to be extended to the backup
and disaster recovery data centres as well as into branch offices, into the virtualised infrastructure to ensure there is visibility into east-west traffic, as well as into the encrypted channels of communications that can be used for malicious purposes. That is what we mean by pervasive visibility. Essentially, eliminate all the blind spots through a visibility fabric that delivers visibility across the infrastructure.
Q Recently, Gigamon also announced an enhanced Partner
Program for Value Added Resellers – what are the details?
A The programme targets our VAR partners in order to build a
framework of success and move from a fulfillment model to value
add. Gigamon is targeting regional and global VARs who bring
knowledge around security, virtualisation, Big Data and data centre
build out. The new programme offers three levels of partnerships with a range of financial benefits, including incremental discounts and MDF
investments in return for revenue and certification commitments.
Q And Scott Sullivan has joined Gigamon as Head of Worldwide
Channel Sales?
So yes, at the end of last year Scott Sullivan joined us, bringing with him 30 years of sales management and leadership experience. Scott’s now leading our worldwide channel strategy, so will be working closely with partners and distributors across the globe. He’s got a strong track record of building, expanding and managing a global channel strategy and joined us from VSS Monitoring, but has worked with a range of companies from Juniper to VidSoft, so has a lot to offer.
Q In summary, it seems fair to say that Gigamon is making a
major play around the Channel right now?
A Yes, we are committed to the success of our channel and view it as an extension of our own team. We are making a significant investment in our channel programme, infrastructure and tools. Our channel partners are asking for more, so we see this as part of the natural growth of Gigamon
Q Does all of the above mean that the company’s progress to
date has been a little less than anticipated – or were these
Channel developments always part of the roadmap?
A Historically, Gigamon has always been channel driven, we have
simply transitioned from a fufillment to value add channel model. This
has always been part of our growth plan.
Q Technology partnerships are also important to Gigamon –
recently the company joined the Riverbed-Ready Technology
Alliance?
A Technology partnerships are an integral part of our go-to-market
strategy. Our technology partner ecosystem includes vendors providing solutions in the application and network performance management space, security and compliance space, big data analytics space and other areas. We have a very synergistic relationship with our technology partners where we provide them pervasive visibility into relevant traffic data, and they then provide the analytics, compliance and security functions based on those traffic streams.
Q Are you continuing to work closely with some of the
innovative IT security vendors?
A One of the key benefits of our solution is that it is agnostic
in terms of which security platforms plug into it. As such, we work
with most of the cutting edge security vendors and have active
deployments in many customer accounts with them. The solution
can be customised for most of these security deployments with very
flexible policies and rules, to ensure that these cutting edge security
tools perform optimally and can see the most relevant traffic. Our
partner eco-system of security vendors is large and complete.
Q In terms of partnerships, is there a strict rule as to what
Gigamon wants to do itself technology-wise and where it will
partner, or is it very much looked at on a case-by-case basis?
A In general, wherever it makes sense to offload and centralise
any processing - whether it is from the network, such as when doing
NetFlow, or whether it is from the tools vendors, such as doing SSL
decryption - we will develop that capability within the visibility fabric, so that our entire partner ecosystem can benefit from it. Whenever we
have done this, our partners have been able to take advantage of it,
and that leaves them focus on their core capabilities. In
general, that’s the model we have followed.
Q Following this up, are acquisitions part of the Gigamon strategy?
A We are continually evaluating to see, opportunistically, where it
makes sense to build in-house, where to partner, and where to acquire.
Q Talking technology, Gigamon introduced SSL visibility and
multitiered security enhancements at the back end of 2014 –
can you tell us about this development?
A The use of SSL is growing rapidly. However, most security and
performance management tools cannot peek into SSL encrypted
traffic, or if they have the ability to decrypt this traffic, then the
burden of doing that significantly slows down the tools. And that’s
a burden and overhead that has to be duplicated by each tool that
needs visibility into that traffic. In order to address this blind spot
and inefficiency, we developed the capability to centralise the SSL
decryption within the visibility fabric, so that it can be done at very
high speeds, it can be done once, and all the tools benefit from this. It
just makes more sense to do it that way.
In addition we also announced the availability of sophisticated in-line
bypass solutions for security platforms so that security monitoring
and active security management can both be handled by the same
visibility fabric. In this model you can connect and load balance in-line
security solutions such as firewalls and Intrusion Protection Systems
(IPS), through the visibility fabric, and ensure that in the case of a link
or device failure, the network continues to provide access should the
policies permit it. At the same time, various security and forensics
tools that sit out-of-band to the production network can also get
access to the same traffic. It’s a really powerful solution to address
multi-tiered security, in-line as well as out-of-band, along with visibility
into encrypted traffic, all from one visibility fabric.
Q A while back you had announced NetFlow solutions as well.
Where does that fit in?
A NetFlow is very interesting technology. NetFlow is like a phone
bill for the network, where you can essentially get information on who
is talking to whom, for how long, at what times, and so on. It provides a lot of very useful information. The challenge in the past has been that most of the network infrastructure that generates NetFlow records
does so by sampling traffic at low rates, which results in loss of
critical information. And the availability of NetFlow solutions has neither been ubiquitous nor consistent. Because the visibility fabric sees all traffic wherever we are deployed it made sense to centralise the NetFlow generation so that this function is offloaded from network
infrastructure devices and can be done with very high fidelity –
essentially by looking at every packet. That was the capability we
had announced some time back. Today we have several security and
performance monitoring vendors who have endorsed our NetFlow
generation capability and are benefitting from this solution.
NetFlow generation, like SSL decryption and De-duplication, is a
traffic intelligence function powered by our GigaSMART® engine.
Q Gigamon seems to focus on four main target groups/solutions –
data centre and virtualisation; security and compliance;
enterprise and branch office; and service providers – can you
tell us a little bit about the company’s progress in each of these?
A We are seeing very good traction in the security, data centre
and enterprise markets. We see these continuing to grow as there are
secular trends in place today that are driving the need for pervasive
traffic visibility. The service provider market spending was a little slow
in 2014. However, we think the move to LTE and VoLTE will provide
impetus to growth in the service provider market with spending
expected to resume in 2015.
Box
University of Wisconsin tackles 100Gb network security
THE UNIVERSITY OF WISCONSIN-MADISON (UW-Madison), one
of the most prolific research universities in the world, has selected
Gigamon’s Visibility Fabric to provide pervasive visibility in order to
manage and secure their high speed, big data environment. The
University of Wisconsin-Madison published an RFP detailing the
institution’s need to monitor 100 percent of the Internet traffic on
their perimeter 100Gb link and additional 10G links as well as their
internal network for intrusion detection and troubleshooting. The
Gigamon Visibility Fabric was selected as the clear winner in the
Evaluation
“The University of Wisconsin-Madison is a world class research
university and has implemented a high speed research network for
important big data computing projects,” said Ananda Rajagopal,
vice president of product management at Gigamon. “Gigamon
enabled the university to gain pervasive visibility across its network,
including its 10Gb and 100Gb WAN links serving the increasing
amount of Internet traffic and the traffic from other facilities with
which they have peering arrangements. We were able to provide
multiple departments with access to traffic for security and
troubleshooting while extending the ROI on their existing tools.”
“We awarded the contract to Gigamon in part because it enabled
multiple teams to have visibility into the traffic on our 100Gb link
and across the network,” said Jeff Savoy, Campus Information
Security Officer, University of Wisconsin-Madison. As one of the
premier research facilities in the world, the University of Wisconsin-
Madison is home to more than one hundred research centres
and programs in such diverse areas as agribusiness, biotech,
fusion, nanotechnology, space engineering, and particle physics.
They share massive amounts of data with other research facilities
including CERN, home of the large Hadron collider that was
instrumental in the discovery of the Higgs boson. The UW-Madison
did not have the technology to monitor a 100Gb link and that is
why they put out an RFP. As a result of the RFP, the UW-Madison
selected Gigamon’s 100Gb optical taps and a Visibility Fabric
solution based on the GigaVUE-HD4 node with patented Flow
Mapping® to provide intelligent aggregation and replication of
traffic flows to their security and performance monitoring tools.
“Our University is executing an experimental project with the
National Science Foundation, and Gigamon has been highly
cooperative and responsive as we have pushed the envelope of our
100Gb science DMZ,” said Bruce Maas, CIO and Vice Provost for
Information Technology at the University of Wisconsin. “We value
partners who engage with us in joint problem solving, and Gigamon
clearly did not hesitate as we overcame early challenges together.
They responded with adaptations that worked. We were able to
optically tap the 100Gb Internet connection and forty-eight 10Gb
LAN ports to get 100 percent visibility of all north/south and east/
west traffic,” said Greg Padden, network engineer at The University
of Wisconsin-Madison. “We are now able to send traffic from any
point on our network to any team that needs it.”
