Gigamon allows users to gain deep observability into security data with Amazon Security Lake integration

Gigamon announced that its Deep Observability Pipeline now delivers network-derived application metadata intelligence (AMI) into Amazon Security Lake from Amazon Web Services (AWS).

Amazon Security Lake automatically centralizes an organization’s security data from across their AWS environments, leading SaaS providers, on-premises environments, and cloud sources into a purpose-built data lake, so customers can act on security data faster and simplify security data management across hybrid and multicloud environments.

This integration provides organizations the ability to access and analyze data-in-motion across hybrid cloud infrastructure to more efficiently and effectively secure and manage workloads, applications, and data.

The integration of network-derived intelligence with Amazon Security Lake supports important use cases for organizations seeking both completeness and efficiency across their security tools stack. With Amazon Security Lake, Gigamon can provide:

  • Security analytics based on actual data communications to completely and correctly identify any usage of vulnerable protocols, deprecated ciphers, and expired certificates
  • Forensics that compare what applications actually did with what logs report
  • A richer and deeper data set on which to base new AI-driven security analytics via tools like NDR or XDR

Gigamon uniquely leverages deep packet inspection (DPI) to extract more than 7,500 application-related metadata attributes derived from network packets. With Amazon Security Lake integration, users can centralize and gain deep observability into security data across their entire organization. The new integration helps organizations to:

  • Efficiently deliver AWS traffic to multiple security tools without installing individual agents for each tool
  • Contain excessive tool and transit costs by filtering unnecessary traffic and deduplicating redundant traffic
  • Generate NetFlow for SIEMs and raw packets for NPMs and packet sniffer tools

Gigamon is also a launch partner for additional AWS services including AWS Gateway Load Balancer as an endpoint, expansion of VPC Traffic Mirroring to new Amazon Elastic Compute Cloud (Amazon EC2) instances, and others.

In addition to integration with Amazon Security Lake, Gigamon GigaVUE Cloud Suite for AWS is now fully integrated with AWS Network Load Balancer (NLB) and native AWS Virtual Private Cloud (VPC) Traffic Mirroring.

“The powerful combination of our GigaVUE Cloud Suite for AWS and Amazon Security Lake provides our mutual customers with the same level of deep observability and protection they’ve come to expect across their on-premises data center infrastructures, extending it to their entire AWS environment,” said Srinivas Chakravarty, VP, cloud ecosystem at Gigamon.

“IT and security leaders are grappling with complex multi-tiered tool stacks today amid constrained budgets and resources, and with this new integration, organizations will now be armed with the necessary tools to maximize their visibility effectiveness and accuracy across their entire hybrid and multi-cloud infrastructure,” concluded Chakravarty.

Don't miss