Gigamon: Using virtual visualization to help enterprises start their cloud journey

[51CTO.com original article] "Visualization" is a word that IT vendors talk about very frequently in 2016: network visualization, traffic visualization, operation and maintenance visualization, and many other solutions. However, how deep can visualization go? Where is the scope of visualization? How fast is the system response? There is no unified answer to these questions, and each IT vendor has its own opinions, and there is no consensus.

Not long ago, the reporter interviewed Gigamon, a leading manufacturer in the field of global traffic collection. As a manufacturer with a global traffic collection market share of 37.6%, their understanding of "visualization" has many aspects that are more valuable for reference.

Three dimensions of visualization

[[179052]]

Li Wei, General Manager of Gigamon Greater China, said that for an enterprise's operation and maintenance managers, in order to achieve manageability, controllability and visibility of the operation and maintenance system, it is necessary to collect data from various systems for analysis and management. Visibility requires the collection of data from various dimensions, which can be generally divided into three categories: SNMP network management, logs and data packets transmitted in real time on the network.

The first type of SNMP can monitor the operating status of the device and realize the management of infrastructure, such as network equipment, firewalls, load balancing equipment, etc., and is mostly positioned as device status management;

The second type of log can analyze the operating status of each system, such as operating system, DNS, WEB, DB and other systems. This type is positioned as the system operating status;

For data packets transmitted in real time in the third type of network, analysis tools can analyze the user's real experience in real time based on the data packets, and security attack behaviors can also be analyzed for event retraction.

Li Wei told reporters that each dimension has a different meaning for visibility. Only by rationally planning and making good use of data sources in each dimension can we help enterprise operation and maintenance personnel achieve the visibility they need.

Let each tool get the traffic it needs

So in these three dimensions, what value does Gigamon bring to customers?

Li Wei said that whether it is a physical network or a cloud platform, Gigamon can collect traffic and submit it to the analysis system to achieve unified traffic visualization. In this way, customers' various monitoring tools, such as NPM, APM, IPS/IDS, DLP, etc., can obtain the required traffic through Gigamon's traffic collection platform.

It is worth mentioning that Gigamon can perform very fine filtering and intelligent traffic optimization when distributing traffic, such as real-time desensitization, truncation, deduplication, label stripping, SSL decryption, GTP correlation analysis, session content filtering, NetFlow record generation, and other advanced optimization functions. In this way, not only can each tool get more targeted traffic, but the traffic can also be optimized. For example, if the traffic is encrypted, Gigamon can also decrypt it and send it to the tool that needs the traffic.

"Gigamon has built a traffic collection network for its customers. We collect traffic in physical networks, virtual networks, cloud platforms and other environments in real time, and ensure that the traffic required by each tool is forwarded to the tool," Li Wei concluded.

David Pham, Chief Technology Expert of Gigamon Global Solutions, added that Gigamon can achieve full-stack visibility from the physical and virtualized environments of customer enterprise networks to public cloud networks. This also means that no matter how complex the network environment is, Gigamon can provide full visibility, which can not only reduce the time to achieve the entire visibility, but also locate the bottleneck points of the network and quickly solve the latency problem. At the same time, it can also improve the security of the entire customer network.

How to Evolve to the Cloud

David Pham explained to reporters in detail how Gigamon helps enterprise customers evolve from traditional network data centers to the cloud era.

He gave an example, saying that network traffic now not only flows north-south, but also east-west, which brings many blind spots. Because applications move between different virtual machines, workloads lack visibility. Many companies must achieve visibility of virtual environments due to compliance and service level agreement requirements. Some security vendors solve this problem by providing virtualization probes, but problems arise one after another. An enterprise may have to install hundreds of virtualization management programs, which consumes a lot of virtualization memory and CPU. "This is definitely a nightmare."

In order to solve this problem, Gigamon officially launched the GigaVUE-VM virtualization monitoring product to achieve unified visibility and truly realize the integration of infrastructure. "We connect GigaVUE's VM to the core network and virtual switches of the enterprise to achieve the overlap of virtual and physical networks. Then, through GigaVUE-VM, we can collect a copy of the traffic in all virtual environments into the Gigamon visualization network. Then, through the visualization matrix (Visibility Fabric), a series of processing is performed to filter, sort and optimize the traffic, such as deduplication, desensitization, truncation, SSL decryption, NetFlow and content filtering, and then send it to any monitoring tool that needs traffic." David Pham explained.

David Pham also demonstrated Gigamon's practical experience in public cloud. He told reporters that many enterprise customers are migrating their workloads from on-premises environments to public cloud environments, and they have migrated virtual machines to public cloud environments. But this also means that many security policies need to be deployed in public clouds, such as performance testing, antivirus, advanced attack threat detection, data loss protection, etc., and visualization is even more necessary. Gigamon's GigaVUE-FM can install a TAP point on each instance. This TAP point will converge all network traffic and data and then distribute it to different tools. As soon as this solution was launched, it was welcomed and recognized by IT manufacturers because it solved a very important problem, that is, there is no need to set up other tools. It is enough to distribute data through Gigamon's TAP point.

At the end of the interview, Li Wei introduced that Gigamon's customers in China currently cover various industries, including financial industry customers, Internet companies, operator industry, energy industry, manufacturing industry, etc. Globally, more than 75% of the Fortune 100 companies are Gigamon's customers. The company's annual business growth is as high as 40%, of which the growth rate in the Asian market is as high as 120%. There is no doubt that the Asian market will be the focus of Gigamon in 2017.

[51CTO original article, please indicate the original author and source as 51CTO.com when reprinting on partner sites]