Gigamon Visibility Fabric

Scalable, Pervasive Visibility

2014 Gigamon. All rights reserved.

Gigamon the Company

Market Maker, Market Leader

Formed in 2004 with First Product Ship in 2005

IPO at June 2013, NYSE:GIMO
Created the Traffic Visibility Network, a concept recently adopted by the Gartner, Inc.
analyst firm as the Network Packet Broker product category
Multiple patented innovations 9 Granted and 18 Pending
Over 6000 GigaVUEs deployed in over 40 Countries
Products designed and built in the USA
Installed in over 200 of the Fortune 1000
2014 Gigamon. All rights reserved.

The Problem and Solution

Tools Needs Continue to
Increase

Tools not connected everywhere

To many disparate touch points create network
fragility
Tool performance not optimized
Point access to network data for tools
Maintenance, change control burden
Expensive, complex

2014 Gigamon. All rights reserved.

Centralize & Optimize Data Acquisition

All tools are connected

Fewer network touch points
Increased tool performance
Increased tool pervasiveness
Reduce Change Mgmt Burden
Cost savings Capex/Opex

Gigamon. The Smart Route to

Visibility.
Realizing the Value and Power of Intelligent
Visibility.

2014 Gigamon. All rights reserved.

The Gigamon Opportunity

The Why
Devices

Corporate

Employee

Data

Evolving

Exploding

Applications In house

Servers

Network

Physical

Fixed

2014 Gigamon. All rights reserved.

Cloud

Static Management
and Security Tools

Visibility Fabric

Virtual

Mobile

Dynamic
Infrastructure
5

 Improving Monitoring Systems with

Gigamon
Application/Network Performance Monitoring
Analytics

Network
Performance
Management

Router/Switch & Server Farm

2014 Gigamon. All rights reserved.

Application
Performance
Management

Network
Forensics

Security

Unified Visibility Fabric Architecture

Applications

Management

Write

Read

Flexible GUI and central provisioning of

Fabric Nodes across physical, virtual,
and future SDN islands

Read
Write

Orchestration

Write

Read

Read

Services

Slicing Masking Tunnel

Time Stamp Load Balance

G-TAP
GigaVUE-HD4

GigaVUE-420

GigaVUE-HC2

GigaVUE-212
G-SECURE-0216

2014 Gigamon. All rights reserved.

API/SDK
Write

GigaVUE-2404

Write

Read

TAPs
TAPs &
& Aggregators
Aggregators

Visibility
Fabric Nodes
Pervasive visibility
across physical
(corporate to
remote) virtual,
and future SDN
production
networks

Header Adaptive Packet

Stripping
Filtering

GigaVUE-HD8

GigaVUE-HB1

G-TAP A Series

GigaVUE-TA1

Applications
Applications && Tools
Tools
Infrastructure,
Infrastructure, User
User
Community
Community

7
= Future Availability

Traffic Visibility
Flow Mapping

VoIP
IDS
CEM

Map Rule

Tool 1 (VoIP)

Map Rule

Tool 2 (IDS)

Map Rule

Tool 3 (CEM)

Map Rule

Tool 4 (Web)
Tool 5 (SQL)

WEB

Map Rule

Ingress
Ports

2014 Gigamon. All rights reserved.

Configurable
Hardware Based
Rules
Bound to Ingress
Ports

Tool 6 (Recorder)

Egress
Ports

Gigamon Technologies
13 patents issued in the US

Packet Slicing

De-Duplication

Masking

Header Stripping

Source Port Labeling

Tunneling

Time Stamping

L7 Load Balancing

Advanced IP Tunneling
Including ERSPAN
Termination

28 patents pending worldwide

2014 Gigamon. All rights reserved.

GigaSMART
Advanced Packet Manipulation
GigaSMART Packet Modification features empower monitoring and analysis tools to do
more and see more. Features include:

Feature

Description

De-Duplication

Identify and remove duplicate packets

Masking

Overwrite sensitive information within packets for compliance

Packet Slicing

Good for compliance and traffic volume reduction

Tag Stripping

Strip MPLS labels, VLAN Tags, VNTags, Tunnels and more

Tunneling

Forward traffic via routable packets to another GigaSMART for

distribution

Time Stamping

Add fields containing ingress port time stamp

Ingress Port Labeling Add fields identifying the interface packets were received upon
GTP Correlation

Real-time GTP session correlation for LTE and 3G networks

Pattern Match

Search through an entire packet looking for a pattern

2014 Gigamon. All rights reserved.

10

GTP Correlation

Future Availability

Subscriber-Aware Forwarding
Sub A

Sub A, Sub B, Sub C, Sub D .. Sub n

CEM
Sub B
Sub A

4G

Sub C

Sub D

Sub C

Recorder

Sub D

3G

Sub n

Real-time GTP session correlation for LTE and 3G networks

Advanced subscriber-aware filtering, forwarding, and replication across one or
multiple billing / monitoring tools
Scalable Pay-As-You-Grow architecture to meet the traffic demands of mobile
carrier networks
2014 Gigamon. All rights reserved.

11

Static Load-balancing Across a Group of

Monitoring Tools

2014 Gigamon. All rights reserved.

12

Adaptive Packet Filtering

Future Availability

Content-based Filtering

Physical

Label = 5

Exp

S=0

TTL=0

Label = 4

Exp

S=0

TTL=0

GTP
GTPTID
TID ==12345678090000B0
12345678090000B0

CEM

inner
inner packet
packetsourceIP=
sourceIP=12.1.75.1
12.1.75.1

Outer
OuterMPLS
MPLS Label
Label id
id==44

Virtual

VNTAG
VNTAGDestination
DestinationVIF_ID
VIF_ID==4095
4095

Application
Performance

GRE
GRE key
key==0000ABCD
0000ABCD

VXLAN
VXLANID
ID==5000
5000

Unique packet distribution rules for encapsulated protocols

Visibility into overlay networks in data center infrastructures
2014 Gigamon. All rights reserved.

Billing

13

NetFlow Generation Application

Standards-Based Flow Summarization & Analytics

Service Provider

Enterprise/DC

NetFlow Generation
Incoming Flows

Summarized
NetFlow
NetFlow Records
Records

IP
IP Addr:1.0.0.1/32
Addr:1.0.0.1/32
IP Addr:25.0.1.0/28
IP
IP Addr:7.1.1.1/24
Addr:7.1.1.1/24
Src/Dst Port: 80
Protocol: TCP

Unsampled
Unsampled 1:1
1:1 flow
flow
record generation
from
from incoming
incoming
traffic streams

Incoming
Incoming Packets:
Packets:
1,000,000,000

NetFlow
NetFlow Records
Records
1000

Security

App
Performance

CEM

Transforms packet data across multiple devices into NetFlow records

Advanced filters for custom exports to one or multiple NetFlow collectors, performance, and security monitors
Combined flow analytics with packet-level analytics
High-performance solution to meet the rigorous demands of high-speed networks

2014 Gigamon. All rights reserved.

14

GigaVUE-VM
VMware
vSphere

The process in detail:

Start with a VMware version 5 deployment
Install a Visibility Fabric
Install GigaVUE-FM to
manage the virtual visibility
SERVER I
nodes.
Deploy GigaVUE-VM into
each hypervisor.
Hypervisor
GigaVUE-FM interrogates
vSphere to learn the virtual
environment.
Configure vMaps in GigaVUE-FM
All vMaps are pushed.
Selected traffic is
tunneled to a
GigaSMART.

2014 Gigamon. All rights reserved.

SERVER II

Virtual
Gigamon
Fabric
Nodes

Hypervisor

Tunneled Traffic

15

Inter-Host VM Monitoring
Enhanced Visibility into the Virtualized Environment
Inter-VM traffic visibility flowing within host and across physical hosts
Selectively detect, select, and forward VM traffic of interest using patented Flow
Mapping
Forwards monitored virtual traffic over existing IP network infrastructure
Centralized management through the GigaVUE-FM

vCenter
VM1
VM1

Monitor
Monitor
VM1
VM1

VM2
VM2

VM3
VM3

vSphere Distributed
Switch (VDS)

vSphere Distributed
Switch (VDS)

Hypervisor

Hypervisor

Application
Performance
Network
Management
Security

Tools and Analytics

2014 Gigamon. All rights reserved.

16

GigaVUE-CV

Future Availability

Extend Gigamons Value into Software Defined Networks

GigaVUE-CV (Controller Visibility):
Extend pervasive visibility by enabling the SDN Controller to function as a
Fabric Node
Gather flow information from SDN controller and correlate the flows to GigaVUE-FM
for dynamic provision of monitoring policies from production SDN network to
the tools
Enables dynamic TAP and mirroring of data traffic from SDN infrastructure into
higher-functioning Fabric Nodes (e.g. Gigamon GigaVUE H series)
GigaVUE
GigaVUE && GigaSMART
GigaSMART

OpenDayLight
Controller

Application
Performance

Network
Management

T
T

Security

Production Network
2014 Gigamon. All rights reserved.

Visibility
Unified Visibility
FabricFabric

Tools and Analytics

17

In Line By Pass Solutions

Gigamon BPS Solutions

With BPS the Visibility Fabric is able to bypass an inline device upon failure, allowing the
production network to remain up. Since the bypass is being handed outside of the failed
device, any necessary maintenance can be performed while keeping the link active.

2014 Gigamon. All rights reserved.

18

Gigamon Customer Success Story

Large US carrier: 4G-LTE VoLTE rollout (2014)
Deployed VoLTE ahead of AT&T and
VZW by deploying on top of existing
Gigamon visibility infrastructure which
was already in place
Customer was able to de-risk
deployment of new service through
comprehensive visibility and Gigamon
partnership with existing tool vendor
partner
Deployment mostly involved handset
upgrades and testing interoperability
as core network already tapped and
visible
With Gigamon as monitoring vendor
they are future proofed from impacts
of Network Virtualisation such as SDN
+ NFV etc.

Visibility Fabric Architecture

FW
2014 Gigamon. All rights reserved.

DLP

Web

BPA

DBTM

SIEM

CEM
19

Thank you!
Q&A

2014 Gigamon. All rights reserved.