APPLICATION FILTERING INTELLIGENCE | DATA SHEET

Application Filtering Intelligence

Application-awareness to
THEunderstand,
PIONEERINGmanage and secure
CAPABILITIES OF your data in motion
GIGAMON APPLICATION INTELLIGENCE

App Visualization App Filtering App Metadata

Figure 1.

Application Filtering Intelligence brings granular application-awareness to your on-premise and cloud-
based network and security operations centers by letting you automatically identify, select and deliver
only the application data that’s most important to you and your tools.

Key Benefits
• Focus on mission critical business applications —
See which applications are running on your network
and zero in on high-value, high-risk assets
• Reduce manual work — Accelerate investigation of
business-critical risks with easier data isolation
• Improve security — Secure more of your network with
your current tools by focusing on business applications
• Be ready for future needs — Decrease the time and
effort to capture the right application traffic for network,
security, compliance, IT audit and application teams

• Improve tool efficiency — Lower processing and • Strengthen compliance — Filter out sensitive
storage requirements by filtering irrelevant traffic information from monitoring and recording systems
 APPLICATION FILTERING INTELLIGENCE | DATA SHEET

With the ever-increasing volume of network data, it’s hard for IT teams and tools to focus on the most
actionable activity and avoid wasting resources processing irrelevant traffic. We often inundate security,
management, compliance and monitoring tools with low-risk, low-value traffic, making them less
effective and more difficult to scale. Additionally, false positives and alerts can overwhelm network
operations (NetOps), cloud operations (CloudOps), and security operations (SecOps) teams, obscuring
the root causes of network and application performance issues and the real threats buried in volumes of
undifferentiated traffic.

Until now, it’s been hard to isolate traffic by application type and specify whether it does or doesn’t get
inspected by tools. Visibility is siloed and filtering options often only go up to Layer 4 elements, forcing
organizations to either pass all traffic through their tools or risk missing potential threats and issues.

However, having each tool (Intrusion Detection System, Data Loss Prevention, Advanced Threat
Detection, network analytics, forensics, etc.) inspect packets to filter irrelevant traffic is inefficient and
unnecessarily costly, as most tool pricing is based on traffic volume and processing load. While packet
brokering can be used to reduce traffic, it requires programming knowledge to maintain complex rules
and filters. Although some systems provide a level of application identification, they are hard to use and
only identify a limited number of applications. Furthermore, ongoing maintenance of rules and filters is
needed since application behavior and identification change over time.

Gigamon® Application Filtering Intelligence

Gigamon Application Filtering Intelligence brings application awareness to your on-premise, AWS
public-cloud and VMware private-cloud environments. It automatically extends Layer 7 visibility to identify
more than 3,200 common business and network applications traversing the network and lets you select and
deliver only high-value and high-risk data by applications, locations and activity.

Gigamon classifies applications into categories that are automatically updated as the landscape evolves.
This allows your team to take actions on a “family” of applications versus setting policies on each individual
application. Examples of application families include: antivirus, audio/video, database, ERP, gaming,
messenger, peer-to-peer, telephony, webmail and dozens more.

With this approach, each tool is more efficient since it no longer needs to store and process large volumes
of irrelevant traffic. NetOps can apply their existing tools across a larger area by prioritizing only core
business applications and accelerate their investigation of network and application performance issues
with easier data isolation.

SecOps teams can extend their current tools to a larger attack surface, securing more of their network
and preventing sensitive information, such as Personally Identifiable Information (PII), from being routed
to monitoring and recording tools.

Application Filtering Intelligence improves an organization’s security posture by:

• Decreasing alerts and false positives

• Ensuring compliance standards for sensitive data are met

• Identifying instances of Shadow-IT from users

2
 APPLICATION FILTERING INTELLIGENCE | DATA SHEET

With Application Intelligence Filtering, IT Teams can focus on the data that matters most for their role and
make better strategic decisions about network and application security, performance and investment.

Application Filtering Intelligence (Out-of-Band)

Ingress Filter Rules Egress

Intrusion
Detection
System
Visibility &
Analytics Fabric Advanced
Threat
Window
Updates
Detection

High Security Video and Audio Email

Risks
Email
Monitor

Auditable
Data
Virtual
Data Loss
Sensitive
Data - or - Prevention

Critical Business
Applications Physical
Forensics
Recorder

Backup
Server

Application Filtering Intelligence (Out-of-Band)

Key Use Cases

Network traffic volumes in hybrid-cloud scenarios are increasing faster than tools and staff can keep up.
Tools struggle to cope with the enormous throughput, and IT teams to be more selective in what they
choose to analyze. Application Filtering Intelligence offers the flexibility to handle many use cases that
require focused analysis of specific business applications and protocols:

• Filter in applications that may be used as attack vectors. For example, forward CRM, ERP, Microsoft Office
and BitTorrent search engine traffic to intrusion detection systems and advanced threat detection tools.

• Filter out high-volume, low-risk traffic such as YouTube and FaceTime to prevent tools, staff and storage
devices from being overwhelmed by excessive amounts of irrelevant data.

• Prevent Windows Update traffic from being forwarded to monitoring and security appliances. For
example, Microsoft can overwhelm security and performance management systems with “Patch Tuesday”
updates that automatically distributed Windows OSes worldwide.

• Avoid redundant scanning, such as backup processes that contain known good data.

All the above filtering options can be performed on a specific application or a “family” of application, such
as ERP, streaming video and P2P.

3
 APPLICATION FILTERING INTELLIGENCE | DATA SHEET

Ordering Information

Requirement Description

GigaVUE-Fabric Single-pane-of-glass management and monitoring of all the physical and virtual nodes across
your on-premises, virtual and public cloud deployments, with simplified workflows for traffic
Manager
policy configuration, end-to-end topology visualization, hierarchical grouping based on location
and customizable dashboards. Available as a hardware or a (software-only) virtual appliance, each
GigaVUE-FM instance can manage hundreds of visibility nodes across multiple locations.

GigaVUE® Intelligent GigaVUE® Intelligent Appliances deliver consistent insight into data that travels across your
network, including data centers and remote sites. With the Gigamon solution, you will have the
Appliances:
coverage and control you need to safeguard critical network and business assets.
GigaVUE-HC1,
GigaVUE-HC2, or
GigaVUE-HC3

GigaVUE Cloud This visibility and analytics fabric suite supports the Application Filtering Intelligence license
to enable application visualization and filtering in AWS public clouds. The second-generation
Suite for AWS V Series provides the processing engine to identify and selectively filter applications prior to
distributing to the proper tools.

GigaVUE Cloud This visibility and analytics fabric suite supports the Application Filtering Intelligence license to
enable application visualization and filtering in VMware private clouds.
Suite for VMware The second-generation V Series, configured either as a local traffic acquisition VM
or as a second phase aggregation and processing visibility node provides the processing engine
to identify and selectively filter applications prior to distributing to the proper tools.

4
 APPLICATION FILTERING INTELLIGENCE | DATA SHEET

Pricing and Evaluation

Application Filtering Intelligence offers annual subscription pricing as follows:

SKU Description

SMT-HC1-AFI Application Filtering Intelligence (1 month) – GigaVUE-HC1 (12-month minimum). Includes

bundled Elite Support; applies to built-in GigaSMART only.

SMT-HC1-GEN2-AFI-SW-TM Monthly subscription license for Application Filtering Intelligence (1 Month) – GigaVUE-HC1
(12-month Minimum). *Includes bundled Elite Support.

SMT-HC1-GEN3-AFI-SW-TM Monthly subscription license for GigaSMART, GigaVUE-HC1, Application Filtering Intelligence
feature license for GigaVUE-HC1 Gen3 GigaSMART module; requires SMT-HC1-S. Includes
embedded Elite Support. Initial term must be 12 months or longer. This is a Gen 3 license.

SMT-HC0-AFI Application Filtering Intelligence (1 month) – GigaVUE-HC2 (12-month minimum). Includes

bundled Elite SupportSMT-HC2-AFI Application Filtering Intelligence (1 month) – GigaVUE-HC2
Gen2 GigaSMART module; requires SMT-HC0-Q02X08 (12-month minimum). *Includes bundled
Elite Support.

SMT-HC0-GEN1-AFI-SW-TM Monthly subscription license for Application Filtering Intelligence (1 Month) – GigaVUE-HC2
(12-month Minimum). *Includes bundled Elite Support.

SMT-HC2-GEN2-AFI-SW-TM Monthly subscription license for Application Filtering Intelligence (1 Month) – GigaVUE-HC2
Gen2 GigaSMART module; requires SMT-HC0-Q02X08 (12-month Minimum) *Includes
bundled Elite Support.

SMT-HC3-AFI Application Filtering Intelligence (1 month) – GigaVUE-HC3 (12-month minimum). *Includes

bundled Elite Support.

SMT-HC3-GEN2-AFI-SW-TM Monthly subscription license for Application Filtering Intelligence (1 Month ) – GigaVUE-HC3
(12-month Minimum). Includes bundled Elite Support.

SMT-HC3-GEN3-AFI-SW-TM Monthly subscription license for GigaSMART, GigaVUE-HC3 (12-month minimum),

Application Filtering Intelligence (1 month) license per module. *Includes bundled Elite
Support. This is a GEN 3 license.

VBL-50T-BN-SVP Monthly Term license for SecureVUE Plus software up to 50TB per day in V Series for cloud
and virtual environments. Capabilities included: SecureVUE for V Series, App Metadata
Intelligence, App Filter Intelligence, NetFlow, Packet Deduplication. Min Term is 12 months.
Includes bundled Elite Support.

VBL-250T-BN-SVP Monthly Term license for SecureVUE Plus software up to 250TB per day in V Series for cloud
and virtual environments. Capabilities included: SecureVUE for V Series, App Metadata
Intelligence, App Filter Intelligence, NetFlow, Packet Deduplication. Min Term is 12 months.
Includes bundled Elite Support.

VBL-2500T-BN-SVP Monthly Term license for SecureVUE Plus software up to 2500TB per day in V Series
for cloud and virtual environments. Capabilities included: SecureVUE for V Series, App
Metadata Intelligence, App Filter Intelligence, NetFlow, Packet Deduplication. Min Term is
12 months. Includes bundled Elite Support.

VBL-25KT-BN-SVP Monthly Term license for SecureVUE Plus software up to 25KTB per day in V Series for cloud
and virtual environments. Capabilities included: SecureVUE for V Series, App Metadata
Intelligence, App Filter Intelligence, NetFlow, Packet Deduplication. Min Term is 12 months.
Includes bundled Elite Support.

Note: Equivalent perpetual SMT licenses may also be available upon request.

Worldwide Headquarters
3300 Olcott Street, Santa Clara, CA 95054 USA
+1 (408) 831-4000 | www.gigamon.com

© 2021 Gigamon. All rights reserved. Gigamon and the Gigamon logo are trademarks of Gigamon in the United States and/or other countries. Gigamon trademarks can be
found at www.gigamon.com/legal-trademarks. All other trademarks are the trademarks of their respective owners. Gigamon reserves the right to change, modify, transfer,
or otherwise revise this publication without notice.
11.21_04