Gigamon, a network visibility and security provider, has announced that its Deep Observability Pipeline now delivers network-derived application metadata intelligence (AMI) into Amazon Security Lake from Amazon Web Services (AWS).
Amazon Security Lake automatically centralizes an organization’s security data from across their AWS environments, leading SaaS providers, on-premises environments, and cloud sources into a purpose-built data lake, so that customers can act on security data faster and simplify security data management across hybrid and multicloud environments.
With this integration, organizations can gain access to and analyze data-in-motion across hybrid cloud infrastructures. This will help them to more efficiently and effectively secure and manage workloads, applications, and data.
The integration of network-derived intelligence with Amazon Security Lake supports important use cases for organizations seeking both completeness and efficiency across their security tools stack.
With Amazon Security Lake, Gigamon can provide security analytics based on actual data communications to completely and correctly identify any usage of vulnerable protocols, deprecated ciphers, and expired certificates. Additionally, this new feature will enable forensics that compare what applications actually did with what logs report. The technology will provide organizations with a richer and deeper data set on which to base new AI-driven security analytics via tools like NDR or XDR.
Gigamon uniquely leverages deep packet inspection (DPI) to extract more than 7,500 application-related metadata attributes derived from network packets. With Amazon Security Lake integration, users can centralize and gain deep observability into security data across their entire organization. The new integration helps organizations to efficiently deliver AWS traffic to multiple security tools without installing individual agents for each tool. It can also contain excessive tool and transit costs by filtering unnecessary traffic and deduplicating redundant traffic. Lastly, it can generate NetFlow for SIEMs and raw packets for NPMs and packet sniffer tools.
Gigamon is also a launch partner for additional AWS services, including AWS Gateway Load Balancer as an endpoint, expansion of VPC Traffic Mirroring to new Amazon Elastic Compute Cloud (Amazon EC2) instances, and others.
In addition to integration with Amazon Security Lake, Gigamon’s GigaVUE Cloud Suite for AWS is now fully integrated with AWS Network Load Balancer (NLB) and native AWS Virtual Private Cloud (VPC) Traffic Mirroring.
Srinivas Chakravarty, VP, cloud ecosystem at Gigamon, said: “The powerful combination of our GigaVUE Cloud Suite for AWS and Amazon Security Lake provides our mutual customers with the same level of deep observability and protection they’ve come to expect across their on-premises data center infrastructures, extending it to their entire AWS environment.”
He further added: “IT and security leaders are grappling with complex multi-tiered tool stacks today amid constrained budgets and resources, and with this new integration, organizations will now be armed with the necessary tools to maximize their visibility effectiveness and accuracy across their entire hybrid and multi-cloud infrastructure.”
This integration will provide great benefits to organizations in improving their security offerings. Gigamon’s huge array of application metadata attributes along with its deep packet inspection and Amazon Security Lake integration will offer a complete and efficient solution across hybrid and multicloud environments.