The Defender Lifecycle Model enables organizations to integrate security technologies that prevent, detect, predict and contain threats throughout your network. It's a model that moves the advantage from the attacker back to the defender by integrating machine learning and AI-based technologies and automating security workflows. Security professionals can map out the role of security technologies involved in the threat “kill chain,” gain a better understanding of overall security readiness and strengthen their organization’s overall security risk posture.
Continuous visibility into network traffic is imperative to provide a collaborative, adaptive security posture. The GigaSECURE® Security Delivery Platform provides this necessary visibility by accessing all your network data of interest and sending it to the appropriate security tools to expose potential threats. By deploying GigaSECURE as the foundation for this model, you can reclaim the advantage and shift control.
GigaSECURE empowers the right inline security tools – such as the Cisco Intrusion Prevention System (IPS), the FireEye Advanced Threat Prevention (ATP) solution and the Imperva Web Application Firewall (WAF) – to see, secure and prevent intrusions within growing network traffic and software upgrades. It brings threat traffic to the front of the line, offload decryption and boosts resiliency to help make your network more accurate, efficient and economical.
To maximize threat prevention while maintaining network availability, GigaSECURE offers Inline Bypass Protection.
Inline bypass acts as a fail-safe access port for inline security tools. As of now, inline security tools can be single points of failure in a network. If a tool loses power, has its software fail or is taken offline for updates, traffic can no longer flow through this protective link. And failing inline tools can disrupt the very applications and services they are meant to protect.
Inline bypass removes any failure points by automatically switching traffic via bypass mode – keeping critical network traffic and protection up and running.
For most security teams, there’s simply too little time and too few resources to efficiently gather the information needed to make accurate predictions on potential security threats.
To effectively detect threats throughout the IT environment, organizations deploy a variety of security and monitoring solutions. But how do you ensure that your tools are receiving the right information?
Security and monitoring tools must ingest specific types of data to assess the network for threats. For example, security incident and event management (SIEM) systems consume metadata, whereas data loss prevention (DLP), intrusion detection systems (IDS) and advanced threat protection (ATP) tools require packet data.
The Gigamon solution enables security operation teams to both generate metadata and gain packet-level visibility to ensure an effective detection posture across the enterprise.