Gigamon Sales Enablement

June Lim
Regional Sales Director
Enterprise

Version 3.2

© 2017-2020 Gigamon Inc. All rights reserved. © 2018 Gigamon. All rights reserved. 1
Think of Gigamon when you hear this from customer

1. Has more than 2-3 security appliances / monitoring tool on the

network;
2. Requires SSL decryption;
3. Talks about Zero trust / Shadow IT;
4. Has problem doing effective network troubleshooting;
5. Not enough SPAN ports;
6. Wants netflow;
7. $$ NOT enough for security solutions;
8. Looking for NDR / Threat Hunting Solution;
9. Moving unto Cloud Platform.

© 2018 Gigamon. All rights reserved. 2

Agenda
+ Who is Gigamon ?

+ Our Product Portfolio

+ Customer Use Case, why do they buy ?

+ Q&A

© 2018 Gigamon. All rights reserved. 3

 DI VI DER OPTI ON 2

A Trusted & Innovative Market Leader

Gigamon provides network visibility and analytics on all traffic across
physical, virtual and cloud networks to solve critical security and performance needs
– freeing you to drive business optimization

ABOUT GIGAMON I N N O VAT I O N SERVING VERTICALS

+ HQ: Santa Clara, CA, USA + #1 Market Share + 9 of top 10 Wireless Service + Service Providers
Providers
+ Founded in 2004 + 38% share: 2.5 times nearest + Technology
competitor + 16 of the top 20 Fixed Line & MSO
+ 20 Global Offices + Financial Services
+ 75+ Global Patents Providers
+ Healthcare
+ 3,300+ Customers
+ Retail
+ Customer Satisfaction 4.8/5.0
+ Public Sector

“Gigamon is the largest network monitoring equipment vendor,

accounting for 37.7% of revenue in CY19 and increasing its 4

lead over the next closest competitor to 22 points.”

© 2018 Gigamon. All rights reserved. 4
The Clear Market Leader in Network Visibility for 7 Years in a Row

KEY REASONS WHY CUSTOMERS

ARE CHOOSING GIGAMON

Reduce Costs
Significantly reduce network costs
MARKET SHARE

on tools and probes

Single Platform
Unified visibility across physical,
virtual & cloud

Breadth of Capabilities
Breadth of capabilities across
visibility portfolio

Innovation & Expertise

Purely focused on visibility and
analytics

Gigamon Company A Company B Company C Company D

© 2018 Gigamon. All rights reserved. 5

 Our Network Visibility and Analytics Fabric
Improve Customer Experience, Reduce Costs and Stay Secure

DEVICES & INFRASTRUCTURE PERFORMANCE &

APPLICATIONS SECURITY TOOLS*

Legacy
Systems ThreatINSIGHT
ThreatINSIGHT

Cloud Analyze FW

Operational
Technology

Transform IPS

Virtual
SIEM
Containers and
Microservices Aggregate
NPMD

Mobility Physical Access

APM

*A TOOL is defined as a hardware and/or software device that ingests network traffic or data for the purpose of network and application 6
performance monitoring analysis, security analysis and threat mitigation, monitoring customer experience, recording, or troubleshooting
© 2018 Gigamon. All rights reserved. 6
Example Use Case for GigaVUE-HC2

DDOS
Internet Network Network
Data Loss Behavior Access
Prevention SIEM Analytics Control
Routers

Firewall NetFlow SSL De-duplication Application

NGFW/IPS Generation Decryption Filtering

“Spine” Switches

“Leaf” Switches

Virtualized
Server Farm Inline Bypass for Network Availability
WAF APT 1 No downtime to hardware / firmware
APT 2
Physical Nodes 10G
10G upgrades
Public Cloud – AWS / Azure / Google
VMWare / Nutanix
Encrypted Traffic
© 2018 Gigamon. All rights reserved. 7
Inline Bypass Protection
The best way to deploy inline threat prevention tools are not to put them inline

Before Gigamon After Gigamon

Internet Internet
• Each inline tool is a potential failure • Simplified troubleshooting
point
• Easily take tools offline for
FW • Tool maintenance/growth means an FW maintenance
outage
• Load balance to multiple tools
• Requires a dedicated load balancer
• Streamline traffic to each tool
SIEM for multiple tools
• Both Inline and out-of-band tools
• All traffic must go to all tools
WAF WAF IPS easily addressed
• Tapping or mirroring required for out-
WAF of-band tools
SIEM

Out Of Band
IPS GigaVUE HC Series Node

Forensics
ATP

ATP ATP ATP

Forensics

© 2018 Gigamon. All rights reserved. 8

Inline Bypass Protection
The best way to deploy inline threat prevention tools are not to put them inline

Single Path Network Protection Dual Path Redundant Network Protection

Internet Internet

FW FW FW

Routers

WAF WAF IPS IPS WAF WAF WAF WAF IPS

SIEM SIEM SIEM

Out Of Band

Out Of Band

Out Of Band
GigaVUE HC Series Node GigaVUE HC Series Node GigaVUE HC Series Node

Forensics Forensics Forensics

ATP ATP ATP ATP ATP ATP ATP ATP ATP

Spine
Switches 9

© 2018 Gigamon. All rights reserved. 9

Common Architecture for Physical and Virtual Infrastructure

GigaVUE-FM Integration with

3rd party Orchestrators &
Automation Cloud Platforms

VM /
Container / Conta Virtual Virtual
ThreatINSIGHT
Agents iner / (V Series)(V Series)
Agent

Physical 3rd Party Tools

3rd party tunnels
(HC / TA Series)

Traffic Aggregation and Traffic

Acquisition Transformation Analytics
10

© 2018 Gigamon. All rights reserved. 10

Our Hybrid Cloud Strategy
ThreatINSIGHT Tool Tool Tool Tool Tool
Tools
Security Visibility Network Visibility Mobile Visibility

Technology
Containers Virtual Machines Service Mesh Physical Appliances

Platforms

Any Physical Network

Cloud Public Cloud Private Cloud 5G Core & Edge Networks

11

© 2018 Gigamon. All rights reserved. 11

If your customer has cloud infrastructure, you say : -
Gigamon helps you to see into the lateral movements, to handle the E-W blindspot
Application Intelligence*
▸ Application Visualization
▸ Application Filtering
▸ Application Metadata A

Centralized
tools
Visibility &
Traffic Intelligence Analytics
▸ De-duplication ▸ NetFlow/IPFIX Generation* Fabric
▸
A CoreMasking
Packet ▸
Core
SSL Decryption*
▸ Packet Slicing ▸ Adaptive Packet Filtering*
Agentless Virtual TAPs ▸ Header Stripping ▸ Application Session Filtering* Appl/Network
Monitoring
▸ L2 – L4 Filtering: Flow Mapping™
▸ Filter on VM, application ports
▸ Packet slicing at any offset Spine Spine
Virtual
▸ Optionally add all CoreVUE and
data deduplication apps - or -
SIEM
Physica
Leaf Leaf Leaf Leaf l
DB

OS

NDR
DB Server

© 2018 Gigamon. All rights reserved. 12

Hybrid Network without Gigamon

• Agent overload on each VM • Oversubscribed span ports ->

instance. drop traffic.
• Oversized tools with • Expensive oversized tools
duplicated traffic. without traffic optimization.
• Complicated management • Complicated troubleshooting

© 2018 Gigamon. All rights reserved. 13

Hybrid Network with Gigamon – Consistent Security Posture

• Single mirroring instance to vseries cloud suite

• Traffic optimization on cloud suite to save on
virtual tools
• Traffic optimization to save on traffic
backhauling back on prem.
• Single traffic management platform for
hybrid cloud.

© 2018 Gigamon. All rights reserved. 14

Single Pane of Glass Management

© 2018 Gigamon. All rights reserved. 15

Trending Gigamon Features for Singapore Enterprises

• Deduplication (Top Selling)

Outcome : x2 the existing capacity of your monitoring and security

• SSL Decryption
Outcome : Decrypt once, reduce latency, reduce license + hardware cost of security investments
MARKET SHARE

• Inline Bypass
Outcome : Network resiliency, remains available when inline tools fail.

• V Series
Outcome : Eliminate the blindspot in private and public cloud (EW traffic)

• Application Intelligence for SIEM

Outcome : Increased security context for SIEM, ie. identify expired SSL certs, weak ciphers etc.

• GTP Correlation (for telcos)

Outcome : Reduce Probes Cost
16

© 2018 Gigamon. All rights reserved. 16

Gigamon ThreatINSIGHT – NDR Solution

The SOC Triad SIEMs are log based – Reactive,

Lack of Context, changeable!

EDRs are agent based – Does

not address end points which are
unable to install agents, ie. printers,
fax, IoT sensors etc.

NDRs provides the REAL-TIME

network context to the threat
correlation and analytics, captures
all traffic via the network (single
source of truth)

17

© 2018 Gigamon. All rights reserved. 17

 Full SOC Visibility Achieved

Endpoint Detection and Response

Ie. Crowdstrike, Sentinel One,
CyberReason,
Carbon Black, MS Defender etc Network Detection and Response
“NDRs complete the SOC’s visibility and identify threat actor behaviors
Effectiveness

not observable by other technologies”

Once in… Attackers move

SIEM freely… Risk is high

Command
Privilege Defense Credential Lateral
Initial Access Execution Persistence Discovery Collection & Control Exfiltration Impact
Escalations Evasion Access Movement
(“C2”)

Early-Stage Attack Late-Stage Attack 18

© 2018 Gigamon. All rights reserved. 18

MARKET SHARE

19

© 2018 Gigamon. All rights reserved. 19

Gigamon Ecosystem Partners
Service Performance Infra-
Security and Vulnerability Management Provider Management structure

© 2018 Gigamon. All rights reserved. 20

GIGAMON ROI CALCULATOR

https://www.gigamon.com/campaigns/value-
calculator.html
Thank You

© 2018 Gigamon. All rights reserved. 22 22