Deploying GigaVUE Cloud Suite across Multiple Accounts on AWS Cloud utilizing Transit Gateway (6.2)
Introduction
The cloud journey in many large enterprises may have started with simultaneous Cloud deployments across various business units or different cloud accounts/tenants within the same cost center. Over time, enterprises prefer to converge these independent deployments for effective and easy rollout of enterprise tools and policies. This is not an easy task with large deployments.
Gigamon Cloud Suite has the Deep Visibility advantage that provides in-depth visibility data to the security and analytic tools from multiple Cloud accounts. By leveraging Gigamon Cloud Suite along with the introduction of Next Generation GvTAP (pre-filtering capability at the tap level which will reduce the traffic flow from agent to V Series node), customers can reduce the operations cost and administrative overhead required to maintain separate tools for each account and also receive holistic insight into the data which is crucial especially in security installations.
This GVD covers how GigaVUE-FM manages visibility across multiple AWS accounts by sharing Gigamon fabric nodes between them for obtaining visibility on the Cloud while utilizing both Next Generation (NG) and Classic (Old) GvTAP agents to acquire traffic from workloads.
We also cover a GVD for similar use case on Azure, kindly refer Gigamon Visibility Approaches For A Multi-Tenant Solution On Azure Cloud for the steps to achieve the same on Azure Cloud.
Design Overview
This design illustrates deploying Gigamon Cloud Suite's solution in an enterprise to monitor the target VMs located across two accounts viz., Manufacturing and RnD. The visibility account (HUB) illustrates deployment of Gigamon fabric nodes and its traffic mapping. Transit Gateway is deployed on the visibility account and shared with other accounts so that the monitored traffic could be forwarded across accounts.
The target VMs located across the two accounts has both type of GvTAP Agents. One set of VMs installed with lesser Kernel versions of 5.4 to support Classic GvTAP agents and other set of VMs are installed with Kernel versions 5.4 and above to support NG GvTAP agents. Please refer below compatibility matrix for more
This design presumes monitoring the traffic from all VPCs and the target VMs that are able to communicate with each other based on the application requirements. The V Series node(s) can be configured to pass all IPv4 traffic. However, you can choose to monitor specific target VMs either by configuring filtering rules to match the IP address of specific hosts/interfaces or by configuring the inclusion/exclusion maps (refer to the Deployment Steps section).
GvTAP Agents Commonality
This GVD primarily focuses on deployment of NG GvTAP agents on AWS cloud. The same installation or management is applicable across cloud platforms like Azure, OpenStack, etc., where GvTAP agents are used for traffic acquisition.
GvTAP Agents Commonality
This GVD primarily focuses on deployment of NG GvTAP agents on AWS cloud. The same installation or management is applicable across cloud platforms like Azure, OpenStack, etc., where GvTAP agents are used for traffic acquisition.
GvTAP Compatibility Matrix
| Supported OS | Pre-Filtering | eBPF |
|---|---|---|
| Windows | X |
|
| Linux less than 5.4 Kernel |
|
|
| Linux above 5.4 Kernel Version | X | X |
WTo learn more about this solution, read complete details on the Gigamon Community: Deploying-GigaVUE-Cloud-Suite-across-Multiple-Accounts-on-AWS-Cloud-utilizing-Transit-Gateway-6-2
