Gigamon Can Help You Move to AWS with Confidence—Step by Step or All at Once
Public cloud offerings like Amazon Web Services (AWS) can provide great value. The challenge, as Gigamon CTO Shehzad Merchant explained in a recent interview with Forbes, is that users don’t have the visibility into the performance and security of the deployment as they would with a server in their own data center.
The good news: The Gigamon Visibility Platform for AWS can now help address this challenge. Gigamon’s latest solution, providing previously unavailable access to copies of traffic from any workload in your AWS environment, offers two high‐level deployment use cases for feeding security and performance tools:
- A hybrid scenario in which traffic from workloads shifted to AWS is backhauled to an on‐premise solution and analyzed via tools running locally
- An all‐AWS scenario with centralized visibility for security operations in which both Ecosystem Partner tools and the Gigamon Visibility Platform itself run in AWS
Both scenarios offer great opportunities to smooth your transition to the cloud.
A hybrid solution: Move to the cloud at your own pace
You might not be ready to go all‐in on the cloud. Maybe you’re interested in AWS’s compute capabilities, but aren’t ready to reformulate policies and security procedures for a cloud environment. Or perhaps you’ve invested in tools that can’t be run in the cloud.
Gigamon can provide the best of both worlds. You can deploy Gigamon vTap agents and V‐Series nodes in AWS, and then tunnel traffic back to the Gigamon platform in your data center. As with traffic from physical or private cloud networks, the Visibility Fabric™ in turn sends traffic to local tools for analysis or inspection, as shown in Figure 1. This way, you get the advantages of AWS’s flexible, on‐demand compute resources, but can retain existing policies and still make use of the toolsets you know and trust.
Going all‐in on AWS with centralized visibility for security operations
Are you ready to jump to an all‐AWS environment with centralized visibility for security operations in which both Ecosystem Partner tools and the Gigamon Visibility Platform itself run in AWS? The Gigamon Visibility Fabric can help there too. Figure 2 illustrates a scenario where a Gigamon instance tunnels traffic to one or more Ecosystem Partner tools—all operating inside AWS. If the tool can decapsulate L2GRE tunnels, this sort of deployment will work, and many Gigamon Ecosystem Partners are tested and ready for use today (see the list below).
An all‐AWS deployment can also help your bottom line. Because you can’t put a physical tap on a cloud instance, normally each separate tool in the cloud would need to run its own monitoring agent to analyze data flows, eating up costly compute cycles. The Gigamon Visibility Fabric needs only a single agent to supply traffic to all those tools.
Here are the Gigamon Ecosystem Partners who participated in our AWS beta program, the deployment models they’re ready for, and links to updated joint solution briefs, where available. Do note that most tools that operate with physical Gigamon equipment today can operate with AWS traffic in the hybrid scenario. And virtual tools capable of decapsulating L2GRE packets should work without modification.
- ExtraHop (All‐AWS and hybrid)
- FireEye (All‐AWS and hybrid)
- LightCyber (All‐AWS and hybrid)
- Niara (All‐AWS and hybrid)
- ProtectWise (All‐AWS and hybrid)
- BluVector (Hybrid)
- LogRhythm (Hybrid)
- RSA (Hybrid)
The cloud beckons
Now that you know the value that running Gigamon on AWS can deliver, here are some questions to ask yourself to see if one of these solutions is right for you, and if so, which one:
- If you are moving existing workloads, how will you monitor and secure these? If you want to continue to use the existing tools you have, look at a hybrid model. If you plan to use new, AWS‐based tools, the all‐AWS model may be for you.
- If you’re rearchitecting or adding new workloads to your public cloud infrastructure, think about what tools you’ll want to deploy, whether they are all available within AWS, and how you will efficiently feed traffic to them. Don’t accept solutions that will require more than one agent per workload to feed all the tools you want to use, as this will quickly prove to be inefficient.
Free trial available
Sound interesting? Now you can try the Gigamon Visibility Platform for AWS at no cost to you.
And to learn more about its features, use cases, and more, check out these informative resources:
- Press release: Gigamon Introduces Pervasive Visibility Platform on AWS
- Blog: Security Is Job Zero
- Blog: AWS X‐Ray and Gigamon Visibility Platform for AWS: Different Strokes for Different Folks
- Video: For more insight into Gigamon’s AWS strategy, watch this three‐minute video from Gigamon Director of Product Management Sesh Sayani