Js Gigamon Newrelic
Js Gigamon Newrelic
Js Gigamon Newrelic
Overview
Today’s enterprise landscape spans on-premises, To obtain comprehensive visibility and ultimately
multi-cloud, and SaaS applications deployed on observability, IT needs to combine tools with an
intricate networks involving tens of tools, hundreds expanded view into all workload traffic of interest. This
of applications, thousands of servers with potentially includes visibility into unmanaged devices, such as IoT/
millions of users, on a wide variety of devices spread OT, VM-to-container, container-to-container, cloud-
around the world. As a result, IT teams struggle with to-cloud, and cloud-to-on-premises communications.
the complexity and cost of ensuring security and Visibility into network-level intelligence is paramount
performance of these infrastructures. because this data is the “ground truth” of what is being
communicated between infrastructure nodes. Only
Disparate cloud vendors can offer tooling for then can teams ensure security and exceed SLAs.
application performance and security, but they lack
cross-platform visibility. They also are short on rich, On top of securing their infrastructure and monitoring
digestible telemetry from the network layer, even performance, teams are under pressure to ship new
though organizations are responsible for the security of features faster, minimize downtime, and resolve issues
intraand inter-cloud networking traffic. With the move before they ever impact customers. With ongoing
to the cloud, tools need to support any deployment digital transformation, the roles of software engineers
scenario and should actually ease the migration. and developers are more critical than ever. They need
a data-driven approach to observability to plan, build,
deploy, and run robust software that delivers great
digital experiences for their customers, employees,
and partners.
The Challenge Teams are empowered to collect, explore, and alert on all
metadata, metrics, events, logs, and traces from across
their infrastructure with a unified telemetry platform.
Organizations require complete visibility across their Automatic integrations with Gigamon and open-
hybrid-cloud infrastructure and observability over source tools enable easy setup, eliminating the cost
their full stack to confidently monitor and secure and complexities of hosting, operating, and managing
their environments. To ensure success, teams need additional monitoring systems or data stores. With all
the ability to eliminate all visibility blind spots across telemetry data in one place, organizations can now
their complex infrastructures and ensure efficient investigate unknowns with confidence. With New Relic
identification of issues such as expiring TLS certificates, One, administrators benefit from:
rogue applications, and data exfiltration attempts.
• 400+ agents and integrations, including Gigamon,
enabling, ingesting, and storing all operational data
The Solution • Full-stack observability to visualize, analyze, and
optimize the entire software stack from one place
New Relic One ingests multiple sources of telemetry
• Eliminating telemetry data silos and instantly
by combining metrics, logs, events, and traces
detecting, diagnosing, and resolving anomalies
with metadata provided by Gigamon to establish
comprehensive full stack observability. The multi- • Monitoring distributed services, applications, and
dimensional dashboard provides extensive and serverless functions
granular views into network operations, security, • Querying with lightning-fast response times and real-
and application performance. Teams can analyze, time alerts
troubleshoot, and optimize their software stack and
• Eliminating data silos and accelerating mean time to
accelerate bringing valuable services to market.
detection and resolution
Devices
VMs
Containers
Virtual TAP
or Native TAP
Visibility Tier
V Series
On-Prem Public Cloud
Network Network Network Intelligence
GigaVUE 5,000+ Network Traffic New Relic
Cloud Suite Metadata (CEF) Database
Internet
2.android.pool.ntp.org, 10.201.129.201 2
Virtual TAP
or Native TAP ER-mib2high-mbbservices.audi-connect.de, 10.5… 2
a877.g2.akamai.net, 10.251.162.250 2
Devices
VMs
accounts.google.com, 10.56.26.156 2
OT alt3-mtalk.google.com, 10.93.97.145 2
IoT
Container
Figure 2. Fabric Manager dashboard allows granular selection of numerous metadata elements on a
per app and protocol basis. Here DNS attributes are shown.
AMI utilizes deep packet inspection to provide Teams can use this combination of intelligence to
summarized and contextual information about raw solve a wide array of security and performance
network packets, augmenting a comprehensive problems including:
approach to obtain application behavior. Organizations
can acquire critical details pertaining to flows, reduce • Identify expired TLS certificates. Utilize certificate
false positives by separating signals from noise, expiry dates and notices of revoked or expired
identify nefarious data extraction, and accelerate certificates to spot them.
threat detection through proactive, real-time traffic
• Identify data exfiltration. Evaluate the volume and type
monitoring as well as troubleshooting forensics.
of DNS requests received to reveal DNS tunneling in the
network and help establish the legitimacy of domains.
• Detect unauthorized remote connections used
Powerful Synergistic Combination for data exfiltration. Evaluate suspicious SSH, RDP,
and Telnet connections, by looking at bandwidth,
AMI complements the metadata attributes provided by connection longevity, IP reputation, and geolocation.
New Relic agents. These added app-aware attributes
• Monitor and control file access. Obtain insights into
are exported from the Gigamon Cloud Suite to New
which clients are obtaining specified files. Generate
Relic One in various formats, including CEF and IPFIX,
lists of files involved and IP addresses of end users.
which can be consumed to provide reports in the New
Relic dashboard. (See Figure 3.) • Locate weak ciphers. Metadata reveals all TLS
connections with weak ciphers, along with the
applications and systems hosting those apps, helping
ensure security compliance.
• Detect suspicious WAN activity. Identify command
and control attacks. Determine whether a domain
is legitimate or was generated using a botnet-
controlled domain generating algorithm.
apple_location 10 0.81 %
facebook 9 0.73 %
google 8 0.65 %
Figure 3. Sample New Relic dashboards based on Gigamon AMI and AFI.
The world’s best engineering teams rely on New Relic Gigamon offers a deep observability pipeline that
to visualize, analyze, and troubleshoot their software. harnesses actionable network-level intelligence
New Relic One is the most powerful cloud-based to amplify the power of observability tools. This
observability platform built to help organizations create powerful combination enables IT organizations to
more perfect software. Learn why developers trust New assure security and compliance governance, speed
Relic for improved uptime and performance, greater root-cause analysis of performance bottlenecks, and
scale and efficiency, and accelerated time to market at lower operational overhead associated with managing
newrelic.com. hybrid and multi-cloud IT infrastructures. The result:
modern enterprises realize the full transformational
promise of the cloud. Gigamon serves more than 4,000
customers worldwide, including over 80 percent of
Fortune 100 enterprises, nine of the 10 largest mobile
network providers, and hundreds of governments and
educational organizations worldwide.
Worldwide Headquarters
3300 Olcott Street, Santa Clara, CA 95054 USA
+1 (408) 831-4000 | gigamon.com
© 2022-2023 Gigamon. All rights reserved. Gigamon and Gigamon logos are trademarks of Gigamon in the United States and/or other countries.
Gigamon trademarks can be found at gigamon.com/legal-trademarks. All other trademarks are the trademarks of their respective owners. Gigamon
reserves the right to change, modify, transfer, or otherwise revise this publication without notice.
06.23_03