LogRhythm integrates with Gigamon to help security teams detect anomalies across their networks
By understanding the power and necessity of visibility, Gigamon and LogRhythm have integrated their solutions — the Gigamon Hawk Deep Observability Pipeline and LogRhythm SIEM Platform. The combined solution empowers security teams to identify behavioral anomalies, internal and external threats, and to prioritize their responses based on accurate enterprise security intelligence.
Threat actors continue to find ways around prevention technology to access an organization’s network and proprietary information. When considering the high amount of network traffic security operators need to sift through each day, it becomes more difficult to survey and analyze the network to detect anomalous behavior. LogRhythm’s integration with Gigamon helps address these challenges by providing organizations with network-derived intelligence and insights needed to proactively detect and respond to threats.
“Our integration with Gigamon allows us to provide customers with visibility across physical, virtual and cloud networks,” said Andrew Hollister, Chief Information Security Officer at LogRhythm. “Security teams will gain the necessary insights to accelerate detection and response to emergent threats, including custom malware and nation-state espionage, as well as routine network misuse and many other types of anomalous behavior.”
Together, the Gigamon Hawk and LogRhythm SIEM Platform integration delivers the awareness needed to detect, prioritize, and neutralize damaging cyber threats that have either penetrated the network perimeter or originated from within. Key benefits of this integration include:
- Actionable network-derived intelligence and easy access to traffic from physical, virtual and cloud networks with the Gigamon Hawk Deep Observability Pipeline.
- Aggregation, filtering, and distribution of relevant traffic to LogRhythm SIEM accelerates processing throughput.
- Masking of private and sensitive data to meet industry regulations before sending to LogRhythm SIEM.
- Generated metadata can be selected from over 7,000 attributes across over 3,000 applications – for example, HTTP response codes and DNS queries – to provide highly detailed contextual analysis when looking at network events.
- Ability to generate NetFlow from any traffic flow and decrypt SSL traffic to avoid unnecessary processing.
- Automatic traffic load balancing helps optimize the performance of LogRhythm SIEM.
“No matter what prevention technology organizations deploy, persistent hackers will find a way in. Therefore, today’s security efforts must focus on proactively detecting and neutralizing malicious activity faster, more effectively, and before severe damage can compromise an entire organization,” said Michael Dickman, chief product officer at Gigamon. “The combined benefits of Gigamon Hawk and LogRhythm SIEM are exactly what organizations need to ensure they can patrol their entire network as it provides network and endpoint monitoring for end-to-end threat lifecycle management.”
This announcement comes on the heels of LogRhythm’s release of LogRhythm Axon, a ground-breaking, cloud-native security operations platform that has been built from the ground up to ensure overwhelmed security teams are defended against cyberattacks more effectively and efficiently. LogRhythm Axon and the integration with Gigamon Hawk marks yet another milestone in the company’s momentous year and confirms its commitment to continue increasing customer success and trust.