Gigamon introduced inline 1Gb and 10Gb encryption on their security platform earlier this year. Now they have upgraded this to support faster 40Gb and 100 Gb networks, which they also think will encourage 100 Gb adoption.
Network visibility vendor Gigamon has continued deepening their security practice, with the launch of the first solution in the industry to support SSL/TLS decryption for high speed 100Gb and 40Gb networks through a visibility solution.
“Most tools can only go up to 40 Gb today,” said Tom Clavel, Security Product Marketing Leader at Gigamon. “There aren’t yet that many 100 Gb networks, but we think that is the result of a ‘chicken and egg’ situation. Network tools typically get overloaded in 100 Gb environments, so customers lose visibility. That’s a deterrence to others upgrading their networks. We think that with this new tool, customers will have the confidence that they will be able to upgrade their network without losing visibility. So we think that this is a very strong tool, that will increase adoption of 100 Gb.”
Gigamon began in 2004 as a pure network monitoring vendor, but over the last three years they have steadily been brought more into security use cases through their GigaSECURE Security Delivery Platform. In February 2017, they significantly expanded that platform’s capabilities by adding new inline capabilities to their GigaSECURE SSL/TLS Decryption solution, to enhance visibility into encrypted data-in-motion.
“At that time, we were the first and only vendor to do this on a visibility platform,” Clavel said. “We can inspect traffic from anywhere running on the network – not just on the firewall. We think that decrypting on the visibility platform on the edge of the network is the most effective method. You can decrypt anywhere that the data is captured, and it’s easy to decrypt once and inspect multiple times. You also avoid the degradation that happens when you do SSL description on the firewall, which NSS calculates is approximately 80 per cent.”
Now Gigamon has extended their tool’s capability to be able to support higher speed networks running at 40Gb and 100Gb.
“When we originally introduced this tool, we wanted to be sure that the product was 100 per cent capable, and at that point we considered that it would support 1Gb and 10Gb to this degree,” Clavel said. “Since then we have significantly improved the algorithms to the point where it can do 40Gb and 100Gb with the same level of certainty. We have also improved the encryption capability by a factor of 2x. Our new GigaVUE-HC3 visibility nodes have a significantly stronger capability than the HC2.”
This capability is backwards-compatible, and will support 1Gb and 10Gb as well as the higher speeds.
“You can downgrade the throughput to the speed of the tool in specific areas, so that you can do phased upgrades,” Clavel said.
This tool is available to all of Gigamon’s channel partners.
“This is something that our partners should be broadly leveraging,” Clavel said. “We hope to convince them all that decrypting will let them scale, load balance between multiple tools and get a deeper level of visibility into the network. Gartner has said 80 per cent of traffic by 2019 will be encrypted, and governments have a mandate is to get that even higher, to 90-95 per cent. In addition, the most recent report from Trustwave said that last year, 36 per cent of malware was using encryption to hide. If you can’t see into the encrypted traffic, you can’t see that malware.”