GigaSECURE & CASBs: A Joint Solution to Control Shadow IT

Shadow IT—rogue apps and services set up by individual groups within a company without the IT department’s approval—has become a big problem for IT teams. Many of these services run in the cloud, and a new category of products, Cloud Access Security Brokers (CASBs), has sprung up to help IT sniff out and manage these unauthorized installs.

Here’s what you need to know: Gigamon’s GigaSECURE® Security Delivery Platform can help CASBs do their job better by providing visibility and insight into traffic and cloud application usage on the network. Read on to learn more about what CASBs do, and how GigaSECURE adds value and insight to a CASB rollout.

The lowdown on CASBs

CASBs act as gatekeepers, allowing the organizations that deploy them to extend the reach of their security policies beyond their own infrastructure. The CASB analyzes traffic leaving the network, telling IT who’s using cloud applications, which apps they’re using, what data they’re sending, which devices they’re using, and whether they’re doing it all on-site or off. With this information, IT can assess the risk to the business posed by the applications being used and enforce corporate policy while maintaining business continuity.

There are a number of CASB vendors, and their products feature a range of functionality, but most CASBs typically offer:

  • Auditing
  • Access control
  • Anomaly detection

But a CASB still can’t provide perfect visibility into all that rogue IT traffic. And that’s where GigaSECURE can really step up and help provide a more complete solution.

A very hot market

The CASB space is rapidly growing—and the landscape is in flux. Gartner estimates that this is already a $180 million market  that’s predicted to grow fivefold by 2020. One sign of how much growth potential there is in this space is the recent flurry of acquisition activity, which has seen big industry players like Cisco and Microsoft buying their way into the marketplace. Here are some of the vendors you should know:

  • Bitglass
  • Blue Coat Systems (acquired Elastica)
  • CensorNet
  • CipherCloud
  • Cisco (acquired CloudLock)
  • FireLayers
  • Imperva (acquired Skyfence)
  • ManagedMethods
  • Microsoft (acquired Adallom)
  • Netskope
  • Palerra
  • Palo Alto Networks
  • Skyhigh Networks
  • Vaultive

What Gigamon brings to the table

GigaSECURE can add value to a CASB install in a couple of different ways:

  • It provides a single source for the traffic that the CASB needs to see. The GigaSECURE platform provides an efficient way to tap into any links from the company’s network, including both internal links and those at remote locations, and deliver that traffic to a CASB monitor.
  • It can decrypt traffic, a capability that many CASBs lack.

Case study: GigaSECURE and ManagedMethods

Gigamon’s joint solution with ManagedMethods is a great example of how GigaSECURE can complement a CASB—ManagedMethods’ Cloud Access Monitor, in this case. The two products working in tandem can:

  • Aggregate network traffic to gain in-depth visibility across the enterprise into cloud application usage
  • Forward traffic from multiple external links to the same ManagedMethods deployment for analysis
  • Intelligently distribute large traffic flows across multiple ManagedMethods platforms
  • Enforce policies to enhance data privacy on cloud application usage
  • Monitor cloud access to identify sensitive data leaving the organization

Figure 1 illustrates how the two products integrate in the network.

Gigamon-ManagedMethods

Figure 1. The joint Gigamon–ManagedMethods solution. (Click image for larger size.)

You can get more details in the joint solution brief we’ve drawn up. And keep in mind that this is just one example of GigaSECURE and a CASB working together. Gigamon can provide similar support to CASBs from any number of other vendors.

Further reading

The partnership between Gigamon and ManagedMethods is part of the #wefightsmart cybersecurity initiative. Read more about how we’ve joined forces to fight cybercriminals.

Comments are currently closed.