Gaining Application Level Visibility Across Private and Public Cloud Environments (5.13)

Introduction

Organizations have embraced hybrid cloud strategy (private and public cloud environments) as it provides an evolutionary path for migrating the on-premise data centers to the public cloud whilst protecting the existing investments in security and monitoring tools, and enforcing common security policies across all environments. In such hybrid environments, visibility becomes more imperative when workloads are migrated to the public cloud. GigaVUE cloud suite not only provides pervasive visibility across such hybrid cloud environments, but also provides deep packet inspection capabilities to forward relevant application traffic to NDR tool such as Gigamon. ThreatInsight and/or to export application metadata to SIEMs and NetFlow/IPFIX collectors for more targeted inspections. This Gigamon Validated Design (GVD) illustrates deploying the latter scenario. Please refer to Gaining-Pervasive-Visibility-into-AWS-environment-with-GigaVUE-Cloud-Suite-integration-with-Threat-Insight-Sensor for feeding traffic to an NDR.

NOTE: Please check with your Gigamon Sales contact or Gigamon Support for more information regarding the support for the cloud/virtualization platform that you are considering.

Design Topology

Design Overview

The following topology illustrates a hybrid cloud environment comprising of an on-premise data center and a public cloud environment. The choice of on-premise data center and the public cloud platforms differs from one organization to another based on technology and/or business needs. However, for this design, we shall presume that they are based on VMware NSX-T and AWS. Gigamon cloud suite supports other private and public cloud environments, and combinations as well. Please refer to the users documentation for more details.

The GigaVUE cloud suite for VMware NSX-T and AWS leverages RESTful APIs to provide seamless integration. While the solution is deployed separately on VMware NSX-T and AWS, the GigVUE-FM (Fabric Manager) provides a unified GUI for managing both the deployments. The deployment on VMware NSX-T is illustrated in the following GVD, Deploying Application Intelligence solutions for VMware NSX-T 3.1.3 (5.13). In this GVD, we shall focus on deploying the application intelligence on AWS that consists of the following components:

  • GigaVUE-FM (Fabric Manager):It provides an unified interface to deploy, configure, and troubleshoot the Gigamon solution.
  • GigaVUE-V Series Node version 2.3.0 (aka V Series 2.0):It is the traffic aggregator for the EC2 targets that support VPC mirroring. It supports various filtering and traffic optimization techniques to sanitize the traffic before forwarding to the tool/s.
  • G-vTAP Agent version 1.7-1:It is a lightweight agent for acquiring traffic on the EC2 targets that do not support VPC mirroring. It can monitor traffic over single or multiple vNICs.
  • G-vTAP Controller version 1.7-1:It is the control plane proxy between FM and G-vTAP agents. This is not illustrated in the topology for simplicity.

To learn more about this solution, read complete details on the Gigamon Community: Gaining Application Level Visibility Across Private and Public Cloud Environments 5.13