(Why aggregating data from everywhere to anywhere is key)
Ian Moyse, Cloud Industry Thought Leader & Social Influencer
Digital transformation is difficult enough encompassing changes in platform, vendor, processes, skills, data stores and more. Additionally, the complexity of securing and monitoring this changed environment, in combination with the traditional systems already in place, often results in security and performance blind spots going unnoticed.
The pandemic has accelerated the speed of cloud adoption, resulting in a higher amount of pressure across the organisations to transform quickly enough and stay ahead of competitors.
It was already complex enough to bring together network tools to protect existing environments against today’s threats; the task of stitching in new cloud systems and applications makes the task even more daunting. New programs bring new complexities, increased data and noise – and “seeing the wood for the trees” becomes an even bigger challenge for the team having to monitor and secure the environment for the business, users and compliance.
Vulnerabilities are often missed, and the risk of not addressing security blind spots in today’s world – where data is the new currency, and threat actors are pervasive and sophisticated – is ever-more dangerous. In the second quarter of 2021, researchers found that 68% of malware downloads originated from cloud applications. As we have witnessed with recent security breaches, like that of Colonial Pipeline, organisations can be affected in a penalizing manner – 2021 had the highest average breach cost in 17 years.
Aggregating data from everywhere to anywhere is key to security, and this is where solutions are required to bridge the gap left by traditional methods and monitoring tools. It is essential that proactive monitoring and visibility to detect, alert and empower timely response is in place, and in a manner that does not impede on performance. It is critical to have a complete, real-time view that covers all areas and feeds data from one into another.
Gigamon aims to eliminate security and performance blind spots with Hawk – the industry’s first visibility and analytics fabric designed for the hybrid cloud – agnostically no matter what stage of the journey or transformation toward hybrid and/or multi-cloud that you’re in. Hawk closes a critical gap that exists for cloud visibility, eliminating compliance and security blind spots across all network data in motion – including cloud traffic. With an integrated approach, organisations can leverage Hawk alongside other monitoring and observability systems to provide a comprehensive analysis of hybrid infrastructures. Bridging multiple programs, the Hawk visibility platform from Gigamon is named after the ‘hawk’s eye’ view and stands for razor sharp accuracy. This is a platform that feeds network data to cloud observability tools (such as New Relic) and cloud security tools (e.g. giving the likes of Crowdstrike a view into network intelligence that today it cannot see).
The platform allows for continued expansion using ‘taps’ that can be physical for network traffic collection or virtual for cloud capture. Where a native ‘tap’ is available such as with AWS, Hawk uses this to capture data streams which it then flows out to the required tools. Through the likes of Kubernetes, ‘taps’ can be orchestrated as part of deployment – meaning Hawk can be baked into your cloud deployment process model. Add in support for Telco cloud through Openstack and you have a big gap filler in one vendor offering. ‘Taps’ today are supporting AWS, Azure, VMWare, Openstack, Oracle Cloud and Google Cloud. At the application layer, drop a ‘tap’ into a Vnet or VPC, a virtual ‘tap’ into a virtual host or into a container.
“Because traditional network monitoring tools struggle with visibility into cloud activity, increasing cloud adoption will heighten the presence and criticality of network blind spots. Here, cloud visibility and control problems can best be solved by next-generation cloud visibility solutions like those from Gigamon.” (Source: SCOTT WARD, PRINCIPAL SOLUTIONS ARCHITECT AT AWS)
Today, Hawk can see into 300+ applications utilizing advanced deep packet inspection techniques and can gather from 5,000 application meta points for data such as a certificate expiry.
Already organizations with mature and sophisticated cloud strategies are bringing this approach in at the start of their journeys to mitigate any exposure, and large cloud expert practices are using it as a tool embedded into their customer migration strategy. Hawk was launched in March 2021 and already is processing 25 petabytes of data globally per day, protecting a breadth of customers from being the next name in the news for an outage or data breach.
“The Smithsonian selected Gigamon as the single source of visibility across the hybrid cloud, providing protection from blind spots including within encrypted traffic.” (Source : TechValidate)
We have now established across the industry that geography and scale will center around hybrid and multi-cloud; mixing cloud and on-premises form factors. Therefore, there is no excuse for later identification of unforeseen management and security gaps – especially where they impact the availability and protection of user data. With these newly created problems, we need newly created solutions such as Hawk to enable us to continue accelerated growth towards a greater use of the power and flexibility, now affordable across the globe in a protected manner.
Learn more here.