Pervasive Visibility in GCP and GKE using Gigamon Cloud Suite (6.1)

Introduction

Cloud implementations have vastly transformed with digital transformation. In Cloud, the application services can be broken down as micro services and managed from different Containers. However, the communication between the containers on the same host introduces a new blind spot that can be exploited by the threat actors. This visibility gap can be addressed by Gigamon Cloud Suite which aggregates the traffic for further processing and monitoring. This GVD walks you through the scenario of traffic acquisition on GCP GKE cluster using Universal Container TAP (UCT) solution and subsequent packet processing using V-Series GigaSMART applications in an GCP cloud environment.

Design Topology

Design Overview

This design illustrates deploying Gigamon Cloud Suite in Google Cloud Platform (GCP). In the GCP cloud, traffic from the GKE clusters will be acquired using kernel hook and forwarded to the V-Series nodes for traffic aggregation. The V-Series node will process the acquired traffic using GigaSMART (GS) applications and subsequently, forward it to tools.

Gigamon Cloud Suite in this solution consists of the following components:

GigaVUE-FM:A web-based fabric management and orchestration interface that provides a single-pane-of-glass visibility, management, and orchestration of both physical and virtual traffic in theUCT.

UCT Controller: The management component of UCT to control and communicate with UCT Pods. UCT Controller collects the data from the UCT Pods and sends the collected statistics and heart beats to GigaVUE-FM.

UCT Pod: The primary UCT module responsible for programming eBPF configurations, such as tapping containers, traffic to be filtered, adding tunnel encapsulation to the filtered traffic, and forwarding to the tools or to the GigaVUE V Series2.0 nodes. UCT Pod also sends the statistics and heart beats to UCT Controller.

GigaVUE V Series node: For aggregating all the traffic, optimizing the traffic by removing the duplicate packets, and forwarding the traffic to either new or existing tool probes.

 

To learn more about this solution, read complete details on the Gigamon Community: Pervasive-Visibility-in-GCP-and-GKE-using-Gigamon-Cloud-Suite-6-1-00