Gigamon Enables Big Data Security Analytics with Metadata Engine

Company announces enhancement of its NetFlow generation capability and delivers the single best source of network traffic context

Santa Clara, Calif. and RSA Conference (February 29th, 2016)Gigamon Inc. (NYSE: GIMO), the leader in traffic visibility solutions, today announced the introduction of a Metadata Engine for their GigaSECURE® Security Delivery Platform (SDP). The Metadata Engine enhances the GigaSECURE NetFlow/IPFIX generation capability and in doing so turns their platform into a single source for the network context demanded by today’s security analytics approaches.

Traditional security analytics have been undertaken on network packets and logs but as data volumes and speeds have increased, this has become too computationally demanding and expensive. New big data-based analytics approaches use the larger context of the whole network to approximate the location of possible network compromise. This allows for more focused, in-depth security analysis as a second phase of the investigation. However, network context is hard to come by with sources spanning all parts of the network, the attached infrastructure and the plethora of user devices. Gigamon addresses this specific challenge by centrally generating and aggregating contextual information about network traffic and simultaneously sending it to the security analytics devices that can leverage the information.

Delivered as one pillar of the GigaSECURE Security Delivery Platform, the Metadata Engine will ‘super-charge’ security information and event management systems (SIEMs) and big data security analytics solutions by improving their speed of detection and helping organizations expedite responses to breaches. SIEMs, forensics solutions and user behavioral analytics products can connect to the SDP and receive output of the Metadata Engine, that includes:

  • NetFlow/IPFIX records
  • URL/URI information
  • SIP request information
  • HTTP response codes
  • DNS queries
  • DHCP queries (future)
  • Certificate information (future)
  • Custom data (future)

With Gigamon’s Metadata Engine, security stakeholders have a single source for NetFlow/IPFIX in addition to important network metadata.

“We want to enable our customers to drastically improve their security posture by taking advantage of the latest trends in security analytics,” said Shehzad Merchant, CTO, Gigamon. “By enabling both context and packet based security analytics, Gigamon’s customers benefit by improving their ability to uncover intruder threats faster.”

Gigamon, together with its ecosystem partners in the security analytics and SIEM markets, are leveraging the network to turn the tables on cyber threats enabling our mutual customer to deliver faster mitigation. Joining Gigamon in this announcement are the following companies:

FlowTraq, Lancope, now a Cisco company, LogRhythm, Niara, Plixer and SevOne

“GigaSECURE and its Metadata Engine provide the LogRhythm Security Intelligence Platform with deep visibility into network traffic,” said Matt Winter, Vice President of Corporate and Business Development at LogRhythm. “Our integration enables joint customers to accurately focus on specific areas of the network and then rapidly triage, investigate and neutralize threats, minimizing the time that a customer could be exposed. An important component of network-wide visibility is having access to the most relevant metadata which Gigamon effectively and efficiently delivers through GegaSECURE.”

“Niara’s user and entity behavior analytics use security information in packets, flows, logs, files, alerts, and threat feed data, to provide the most accurate results for attack detection and incident investigation. By supplementing the network insights from GigaSECURE and its Metadata Engine, Niara’s users are able to further decrease the time it takes to link anomalous behavior to malicious intent,” said Sriram Ramachandran, CEO and co-founder of Niara.

The Metadata Engine, inclusive of NetFlow generation and other metadata, will be generally available in March, 2016 to all GigaSECURE customers with active subscription to software updates.

Gigamon

Gigamon (NYSE: GIMO) provides active visibility into physical and virtual network traffic, enabling stronger security and superior performance. Gigamon’s Visibility Fabric™ and GigaSECURE®, the industry’s first Security Delivery Platform, deliver advanced intelligence so that security, network and application performance management solutions in enterprise, government and service provider networks operate more efficiently and effectively. See more at www.gigamon.com, the Gigamon Blog, or follow Gigamon on Twitter, LinkedIn or Facebook.

# # #

Legal Notice Regarding Forward Looking Statements

This press release contains forward-looking statements within the meaning of Section 27A of the Securities Act of 1933 and Section 21E of the Securities Exchange Act of 1934. Forward-looking statements generally relate to future events or our future financial or operating performance. In some cases, you can identify forward-looking statements because they contain words such as "may," "will," "should," "expects," "plans," "anticipates," "could," "intends," "target," "projects," "contemplates," "believes," "estimates," "predicts," "potential" or "continue" or the negative of these words or other similar terms or expressions that concern our expectations, strategy, plans or intentions. Forward-looking statements in this press release include, but are not limited to, benefits for a customer of the new product offerings, and goals for our Security Delivery Platform and anticipated product features. Our expectations and beliefs regarding these matters may not materialize, and actual results in future periods are subject to risks and uncertainties that could cause actual results to differ materially from those projected. These risks include our ability to continue to deliver our products and general market, political, economic and business conditions. The forward-looking statements contained in this press release are also subject to other risks and uncertainties, including those more fully described in our filings with the Securities and Exchange Commission, including our Annual Report on Form 10-K for the period ended December 26, 2015 and most recent Quarterly Report on Form 10-Q. The forward-looking statements in this press release are based on information available to Gigamon as of the date hereof, and Gigamon disclaims any obligation to update any forward-looking statements, except as required by law.