Js Gigamon Newrelic

Download as pdf or txt
Download as pdf or txt
You are on page 1of 5

Build an Effective

Observability Posture with


Gigamon and New Relic

Overview

Today’s enterprise landscape spans on-premises, To obtain comprehensive visibility and ultimately
multi-cloud, and SaaS applications deployed on observability, IT needs to combine tools with an
intricate networks involving tens of tools, hundreds expanded view into all workload traffic of interest. This
of applications, thousands of servers with potentially includes visibility into unmanaged devices, such as IoT/
millions of users, on a wide variety of devices spread OT, VM-to-container, container-to-container, cloud-
around the world. As a result, IT teams struggle with to-cloud, and cloud-to-on-premises communications.
the complexity and cost of ensuring security and Visibility into network-level intelligence is paramount
performance of these infrastructures. because this data is the “ground truth” of what is being
communicated between infrastructure nodes. Only
Disparate cloud vendors can offer tooling for then can teams ensure security and exceed SLAs.
application performance and security, but they lack
cross-platform visibility. They also are short on rich, On top of securing their infrastructure and monitoring
digestible telemetry from the network layer, even performance, teams are under pressure to ship new
though organizations are responsible for the security of features faster, minimize downtime, and resolve issues
intraand inter-cloud networking traffic. With the move before they ever impact customers. With ongoing
to the cloud, tools need to support any deployment digital transformation, the roles of software engineers
scenario and should actually ease the migration. and developers are more critical than ever. They need
a data-driven approach to observability to plan, build,
deploy, and run robust software that delivers great
digital experiences for their customers, employees,
and partners.

© 2023 Gigamon. All rights reserved. 1


JOINT SOLUTION BRIEF | NEW RELIC

The Challenge Teams are empowered to collect, explore, and alert on all
metadata, metrics, events, logs, and traces from across
their infrastructure with a unified telemetry platform.
Organizations require complete visibility across their Automatic integrations with Gigamon and open-
hybrid-cloud infrastructure and observability over source tools enable easy setup, eliminating the cost
their full stack to confidently monitor and secure and complexities of hosting, operating, and managing
their environments. To ensure success, teams need additional monitoring systems or data stores. With all
the ability to eliminate all visibility blind spots across telemetry data in one place, organizations can now
their complex infrastructures and ensure efficient investigate unknowns with confidence. With New Relic
identification of issues such as expiring TLS certificates, One, administrators benefit from:
rogue applications, and data exfiltration attempts.
• 400+ agents and integrations, including Gigamon,
enabling, ingesting, and storing all operational data
The Solution • Full-stack observability to visualize, analyze, and
optimize the entire software stack from one place
New Relic One ingests multiple sources of telemetry
• Eliminating telemetry data silos and instantly
by combining metrics, logs, events, and traces
detecting, diagnosing, and resolving anomalies
with metadata provided by Gigamon to establish
comprehensive full stack observability. The multi- • Monitoring distributed services, applications, and
dimensional dashboard provides extensive and serverless functions
granular views into network operations, security, • Querying with lightning-fast response times and real-
and application performance. Teams can analyze, time alerts
troubleshoot, and optimize their software stack and
• Eliminating data silos and accelerating mean time to
accelerate bringing valuable services to market.
detection and resolution

The Gigamon Deep Observability Pipeline ensures


complete visibility by providing New Relic a stream of
intelligence that complements metrics, events, logs, Adding Visibility to Observability
and traces Application Metadata Intelligence. Over
5,000 L2–L7 attributes are generated and consumed GigaVUE® Cloud Suite, a key part of the Gigamon Deep
by New Relic One to solve for a myriad of security and Observability Pipeline, brings network and application
performance issues. intelligence to New Relic with its comprehensive visibility
solution. Gigamon acquires via agents all East-West
traffic living within and between on-premises, public,
Enter New Relic and private clouds, and between virtual machines and
containers. The intelligence captured includes traffic from
unmanaged IoT/OT devices where agents are difficult
New Relic One is an enterprise-grade SaaS observability
to deploy. The monitored traffic is accessed and sent to
solution that provides the knowledge of what is
a virtual cloud-based visibility node (GigaVUE V Series)
happening in the digital system and why, at any
where it is aggregated and processed. (See Figure 1.)
time, regardless of the environment. It visualizes the
whole picture of everything that enables applications
GigaSMART® Application Filtering Intelligence (AFI)
and devices to deliver value to customers, from the
configured on the visibility nodes identifies over
container running a microservice in the cloud to a
3,500 applications and their underlying protocols.
mobile website’s shopping cart button. This telemetry
Applications can be filtered to enable teams to
data platform is the single source of truth for all the
concentrate on pertinent traffic and ignore others. For
operational data, empowering IT to ask and answer any
workloads of interest, these nodes leverage Application
question in milliseconds.
Metadata Intelligence (AMI) to generate over 5,000
metadata attributes, many at Layers 4–7, which are
far more revealing than basic NetFlow/IPFIX from the
network infrastructure. (See Figure 2.)

© 2023 Gigamon. All rights reserved. 2


JOINT SOLUTION BRIEF | NEW RELIC

Managed Hosts New Relic Dashboards

Devices
VMs
Containers

Virtual TAP
or Native TAP

Visibility Tier

V Series
On-Prem Public Cloud
Network Network Network Intelligence
GigaVUE 5,000+ Network Traffic New Relic
Cloud Suite Metadata (CEF) Database

Internet

2.android.pool.ntp.org, 10.201.129.201 2
Virtual TAP
or Native TAP ER-mib2high-mbbservices.audi-connect.de, 10.5… 2

Un-Managed Hosts _sleep-proxy._udp.local, 10.0.0.251 2

a877.g2.akamai.net, 10.251.162.250 2

Devices
VMs
accounts.google.com, 10.56.26.156 2

OT alt3-mtalk.google.com, 10.93.97.145 2

IoT
Container

Figure 1. Strengthening security with the network perspective to New Relic.

Figure 2. Fabric Manager dashboard allows granular selection of numerous metadata elements on a
per app and protocol basis. Here DNS attributes are shown.

© 2023 Gigamon. All rights reserved. 3


JOINT SOLUTION BRIEF | NEW RELIC

AMI utilizes deep packet inspection to provide Teams can use this combination of intelligence to
summarized and contextual information about raw solve a wide array of security and performance
network packets, augmenting a comprehensive problems including:
approach to obtain application behavior. Organizations
can acquire critical details pertaining to flows, reduce • Identify expired TLS certificates. Utilize certificate
false positives by separating signals from noise, expiry dates and notices of revoked or expired
identify nefarious data extraction, and accelerate certificates to spot them.
threat detection through proactive, real-time traffic
• Identify data exfiltration. Evaluate the volume and type
monitoring as well as troubleshooting forensics.
of DNS requests received to reveal DNS tunneling in the
network and help establish the legitimacy of domains.
• Detect unauthorized remote connections used
Powerful Synergistic Combination for data exfiltration. Evaluate suspicious SSH, RDP,
and Telnet connections, by looking at bandwidth,
AMI complements the metadata attributes provided by connection longevity, IP reputation, and geolocation.
New Relic agents. These added app-aware attributes
• Monitor and control file access. Obtain insights into
are exported from the Gigamon Cloud Suite to New
which clients are obtaining specified files. Generate
Relic One in various formats, including CEF and IPFIX,
lists of files involved and IP addresses of end users.
which can be consumed to provide reports in the New
Relic dashboard. (See Figure 3.) • Locate weak ciphers. Metadata reveals all TLS
connections with weak ciphers, along with the
applications and systems hosting those apps, helping
ensure security compliance.
• Detect suspicious WAN activity. Identify command
and control attacks. Determine whether a domain
is legitimate or was generated using a botnet-
controlled domain generating algorithm.

Application Overview DHCP IP & Hostnames

GIGAMONS (1.23 K) GIGAMONS (200)

Other 610 49.43 % Other 178 89 %

dns 226 18.31 % null, 10.180.236.95 4 2%

dhcp 200 16.21 % KIOSK1, 10.33.147.175 2 1%

https 70 5.67 % KIOSK2, 10.180.32.229 2 1%

tcp 66 5.35 % KIOSK33, 10.190.80.239 2 1%

Classification-unknown 14 1.13 % KIOSK34, 10.180.172.124 2 1%

ssl 11 0.89 % KIOSK4, 10.180.221.240 2 1%

gtp 10 0.81 % KIOSK45 10 190 224 248 2 1%

apple_location 10 0.81 %

facebook 9 0.73 %

google 8 0.65 %

Figure 3. Sample New Relic dashboards based on Gigamon AMI and AFI.

© 2023 Gigamon. All rights reserved. 4


JOINT SOLUTION BRIEF | NEW RELIC

About New Relic About Gigamon

The world’s best engineering teams rely on New Relic Gigamon offers a deep observability pipeline that
to visualize, analyze, and troubleshoot their software. harnesses actionable network-level intelligence
New Relic One is the most powerful cloud-based to amplify the power of observability tools. This
observability platform built to help organizations create powerful combination enables IT organizations to
more perfect software. Learn why developers trust New assure security and compliance governance, speed
Relic for improved uptime and performance, greater root-cause analysis of performance bottlenecks, and
scale and efficiency, and accelerated time to market at lower operational overhead associated with managing
newrelic.com. hybrid and multi-cloud IT infrastructures. The result:
modern enterprises realize the full transformational
promise of the cloud. Gigamon serves more than 4,000
customers worldwide, including over 80 percent of
Fortune 100 enterprises, nine of the 10 largest mobile
network providers, and hundreds of governments and
educational organizations worldwide.

To learn more, please visit gigamon.com.

For more information on Gigamon and New Relic please visit


gigamon.com | newrelic.com

Worldwide Headquarters
3300 Olcott Street, Santa Clara, CA 95054 USA
+1 (408) 831-4000 | gigamon.com

© 2022-2023 Gigamon. All rights reserved. Gigamon and Gigamon logos are trademarks of Gigamon in the United States and/or other countries.
Gigamon trademarks can be found at gigamon.com/legal-trademarks. All other trademarks are the trademarks of their respective owners. Gigamon
reserves the right to change, modify, transfer, or otherwise revise this publication without notice.

06.23_03

© 2023 Gigamon. All rights reserved. 5

You might also like