The Gigamon-BluVector Joint Solution: Total Visibility and Fearsome AI Smarts
If your organization has distributed networks and/or hybrid solutions with data both on-premises and in the AWS cloud, here’s an opportunity to help make it all more secure with the Gigamon-BluVector joint solution.
BluVector uses patented supervised machine learning to analyze network traffic in real time to detect malicious threats — even those that have yet to be seen — but it can’t fight what it can’t see, and that’s where Gigamon comes in.
The GigaSECURE® Security Delivery Platform supplies high-quality filtered data that BluVector’s appliance or cloud instance uses to identify advanced persistent threats. The Gigamon® Visibility Platform for AWS, moreover, enables you to send your AWS data to BluVector too.
Working together as a joint solution, Gigamon and BluVector can provide the following great benefits:
- Intelligent detection of unknown and existing threats in real time.
- Providing pervasive visibility into traffic from public cloud, virtual, and physical infrastructure.
- Offering scalable detection, distributing traffic from multiple network links across multiple BluVector instances, or feeding it all into a single instance.
- Decrypting SSL traffic for out-of-band inspection and analysis.
“Gigamon gives us a really clean network feed that we can use to accurately and efficiently detect, log, and investigate APTs — including ones that evade traditional network security defenses — such as zero-day exploits and polymorphic malware,” says Raj Sivasankar, Director of Product Management at BluVector. Let’s dive in to get the details.
Supervised machine learning
BluVector’s patented supervised machine learning capability detects incoming threats and reports them within milliseconds. “By using supervised machine learning, training on a very large data set of both good and bad content, we can predict with 99 percent confidence if incoming network traffic has malware or ransomware in it — even if those specific threats have never been seen in the past,” says Sivasankar.
Key benefit: BluVector’s investigation package
BluVector provides a concise, relevant investigation package that presents all the data you need to take action in response to suspicious activity. “We won’t just say there was an interesting file,” Sivasankar explains. “We’ll also give you detailed network activity of the host related to the event.”
From correlated third-party threat intelligence feeds to bi-directional integrations with automated forensic analysis like sandboxes, BluVector enables quick decisions with all the right information immediately.
Unlike other security technologies that update their detection models, signatures or rules to be broadly applied, BluVector recognizes each network is unique. BluVector’s machine learning models learn locally to adapt to your environment.
Wanted: Quality data for intelligent security tool
BluVector needs clean, high-quality traffic data from all over your networks in order to do its job — and that’s where Gigamon comes in.
“With Gigamon, you can have very high confidence that all of the data coming into BluVector is exactly as it’s seen on the wire,” Sivasankar explains. “If you just try to use a SPAN session off a switch, you can’t always count on that data being accurate or in-sequence due to dropped frames and the SPAN process not having priority.”
Key benefit: AWS enabled
Gigamon Visibility Platform for AWS can also help BluVector collect data across a variety of infrastructure types. If you need to give BluVector visibility into AWS instances, Gigamon is the only solution that can provide the visibility. Gigamon can also collect data from multiple data centers and feed it into a single BluVector appliance or cloud instance, or load-balance heavy traffic loads into multiple BluVector instances for analysis.
More and more malicious traffic is cloaked by encryption today, and Gigamon can help here too, decrypting SSL/TLS-encrypted traffic and sending it to BluVector for analysis.
If you have hybrid solutions with data both on-premises and in the cloud, or have distributed networks, Gigamon is a must for unlocking BluVector’s power. Together, they work as a joint solution to keep your networks safe.
For more information, watch the video, “Benefits of the Gigamon and BluVector Solution.”