Hi [[ session.user.profile.firstName ]]


  • Date
  • Rating
  • Views
  • Threat Detection in TLS: The Good, the Bad, and the Ugly
    Threat Detection in TLS: The Good, the Bad, and the Ugly
    Ian Farquhar, Distinguished Sales Engineer, Gigamon Recorded: Dec 11 2018 59 mins
    While TLS (formerly known as SSL) has become the de facto way of encrypting data in motion on networks, it can also hide threats from your InfoSec team. As the volume of encrypted traffic continues to grow, organizations become even more vulnerable to encrypted attacks, hidden command and control threats and data exfiltration exploits that go undetected.

    To make this situation even more complex, the TLS 1.3 draft 28 proposal, ratified at the IETF 101 conference in London and now moving toward official RFC status, has actually removed the visibility which was widely deployed for threat identification in TLS 1.2.

    Once again, InfoSec teams find themselves at the fulcrum of a delicate balancing act. On one hand, encryption is moving toward ubiquity but on the other, we need to detect when threat actors use it too. And in detecting that misuse, we need to acknowledge and address critical management, troubleshooting, legal, regulatory, ethical and technical concerns. For example, we can’t decrypt just at the edge of our networks if we believe “perimeter security is dead.” Proxies on the network edge are a step backwards.

    What can you do? “Threat Detection in TLS: The Good, the Bad and the Ugly” will discuss the necessity of deploying TLS decryption in the core of networks and will explore innovative architectures that deliver that capability while maintaining availability and reliability.

    Learn how organizations can manage growing SSL/TLS traffic volumes by creating a centralized “decryption zone” to decrypt traffic once and give security tools newfound visibility into formerly encrypted traffic and threats.
  • Achieve Your Security Goals with Inline Prevention Tools
    Achieve Your Security Goals with Inline Prevention Tools
    Patrick Riley, Principal Product Manager, Gigamon Recorded: Dec 5 2018 60 mins
    While inline security tools actively prevent threats in your network, deploying and optimizing these tools presents several challenges to both network and security engineers. They present a potential point of failure, they can degrade network and application performance, and they are difficult to scale and upgrade. These challenges can be overcome with the inline bypass functionality of a next-generation network packet broker.

    Join Patrick Riley, Principle Product Manager for this technical session to learn how inline bypass can:

    • Overcome physical deployment obstacles
    • Maximize network availability
    • Reduce impact to network performance
    • Increase scale of inspection
    • Deploy inline prevention tools within dual-path networks

    Watch “Overcome the Challenges of Inline Tools to Achieve Your Security Goals” now to gain the benefits of inline security tools while eliminating their challenges.
  • Improving Security with Metadata
    Improving Security with Metadata
    Preetham Gopalaswamy, Senior Director, Product Management, Gigamon Recorded: Dec 4 2018 62 mins
    Imagine what a security analyst could deduce if they had visibility into all the common applications flowing through their network. They could optimize the data being sent to security tools, correlate information across the various protocols to know who is talking to whom and get visibility into malware and bad actors that may be hiding on the network.

    Many enterprises aggregate information from various sources, such as events and logs from DNS servers, web servers and security tools, to hunt for threat events and indicators of compromise. But these are not reliable sources; logging can be turned off inadvertently or for performance reasons. Raw network data is the ultimate source of truth – but sending it all to a SIEM can become very expensive.

    The bottom line is visibility into your application traffic is elemental to security – if you can’t see it, you can’t secure it. What’s needed is deep insight into your applications. Attend this ISC2 webinar to learn how NetOps and SecOps can:
    •Identify which applications are contributing to network traffic.
    •Use application metadata to gain more context of potential threat events and to more easily enforce corporate compliance.
    •Lower tool cost and improve tool efficiency by filtering out low-risk, high-bandwidth traffic.
    •Send suspicious traffic to a tool on-demand when an anomaly is detected.

    If you need to monitor, identify, and filter application traffic so you can more easily identify anomalies and lateral propagation of threats, you’ll want to attend this webinar!
  • Select and Deploy New Security Tools Faster
    Select and Deploy New Security Tools Faster
    Ian Farquhar, Distinguished Sales Engineer, WW Security Subject Matter Expert, Gigamon Recorded: Nov 20 2018 62 mins
    Sign up for this webinar and find out how to increase the efficiency of your security tools. Efficient prevention coupled with rapid detection and containment improves your overall security posture. Threats don't stand a chance.

    Discover how to select and deploy new security tools faster and more easily than you ever thought possible.

    You’ll learn how to:
    • Implement strategies for keeping up with ever-changing security tools.
    • Test multiple tools under consideration without impacting network performance.
    • Set up tests for inline tools.
    • Strengthen testing and streamline deployment of tools.

    See how to eliminate the challenges of testing and deploying security tools with a security delivery platform.

    Join Gigamon and (ISC)² to learn how to select and deploy new security tools faster.

    Presenter: Ian Farquhar, Distinguished Sales Engineer, WW Security Subject Matter Expert, Gigamon
    Moderator: Tony Vizza, CISSP, Director, Cybersecurity Advocacy for APAC, (ISC)²
  • Achieve Your Security Goals with Inline Prevention Tools
    Achieve Your Security Goals with Inline Prevention Tools
    Ian Farquhar, Distinguished Engineer, Security, Gigamon; Moderator: SC Leung, Member, Asia-Pacific Advisory Council Recorded: Nov 15 2018 61 mins
    Inline security tools operate by actively preventing threats in your network, but deploying and optimizing these tools presents several challenges to both network and security engineers. The downsides can include a potential point of failure, degradation of network and application performance, difficulty to scale and upgrade. The use of a next-generation packet broker and its inline bypass functionality can mitigate these challenges.

    Join Gigamon and (ISC)² to examine how inline bypass can overcome physical deployment obstacles, maximize network availability, increase the scale of inspection and reduce the impact to network performance.
  • Security Briefing: What’s So Hard About Securing Virtual Workloads?
    Security Briefing: What’s So Hard About Securing Virtual Workloads?
    Baseer Balazadeh Sr. Technical Marketing Engineer, Public Cloud, Gigamon; Brandon Dunlap (Moderator) Recorded: Nov 13 2018 44 mins
    As organizations build out their infrastructure across public, private and hybrid platforms, security architects need to extend their enterprise security policies and protocols to all workloads, no matter where they reside. Still, security operations teams are challenged with proactively detecting threats, deviations from organizational policies and violations of industry and organizational compliance for mission-critical applications in the cloud. Why is that?

    Join Gigamon and (ISC)2 as we explore ways to assure compliance and decrease time to detect threats in mission-critical applications, reduce risk by leveraging a common platform across your entire IT environment and ensuring SLAs are met by tightly integrating the public cloud provider’s APIs and critical cloud provider services to automatically detect changes in virtual private clouds and virtual networks.
  • Security at Network Speeds
    Security at Network Speeds
    Ian Farquhar, Principal Sales Engineer, Gigamon Recorded: Nov 13 2018 62 mins
    Exponentially increasing network traffic volumes and security tool sprawl are overwhelming security operations and network operations teams. A network packet broker is supposed to eliminate complexity and save costs, not add to them!

    Organizations need to:
    • Deliver just the right data to the right tools.
    • Drive consolidation across their security stack.
    • Manage a common platform across physical, virtual and public cloud environments.

    Hence, a next-generation network packet broker is required to deliver visibility to security tools focused on threat prevention, detection, analytics and forensics. The right tools get the right traffic at the right time, every time.

    Attend this webinar to learn how to:
    • Maximize tool performance and ROI by applying advanced traffic intelligence.
    • Rapidly detect and respond to new threats while eliminating security tool sprawl.
    • Have pervasive and consistent visibility across their physical, virtual and cloud infrastructure.

    Join Gigamon and (ISC)² to learn how to increase efficiency of your security stack.
  • Strengthen Security While Ensuring Network Uptime
    Strengthen Security While Ensuring Network Uptime
    Sam Kumarsamy, Senior Product Marketing Manager, Gigamon Recorded: Nov 8 2018 38 mins
    Your financial services network is critical to operations and that makes it a juicy target for cyberthreats like ransomware and data breaches. What can you do? Inline security tools can be an effective solution, but represent multiple points of possible failure, particularly as network speeds increase because they simply can’t keep up. But if they go down, so can your network. And the difference of a nanosecond can severely impact currency, stock trading, and critical financial transactions.

    To provide pervasive visibility into data in motion and maintain compliance in high-speed networks, many financial services companies have turned to Next-Generation Network Packet Brokers (NGNPB), which offer flexible inline bypass protection. This feature automates access to traffic, scales and optimizes existing monitoring infrastructure, and simplifies rollout of new technology. NGNPB also:

    • Delivers complete network-wide visibility across physical, virtual and cloud environments.
    • Scales metadata extraction for improved forensics.
    • Isolates applications for targeted inspection.
    • Gives you visibility into encrypted traffic for threat detection.

    See how you can strengthen security while ensuring network uptime and reducing costs. Learn how a simplified, resilient, and scalable architecture can:

    • Maximize tool efficiency by providing the right data to the right tools and by offloading processor-intensive tasks such as SSL decryption.
    • Scale to speed of the network without “rip and replace” by load balancing across tool groups.
    • Remove single points of failure and increase availability of both the tools and the network.
    • Give you operational agility to seamlessly add, remove, and upgrade tools, and instantly change between detection and prevention modes.

    Find out how both network and security teams can operate faster and safer in a swiftly evolving cybersecurity landscape within regulated industries such as financial services–register today!
  • Network Architecture With Security in Mind
    Network Architecture With Security in Mind
    Matt Bromiley, Instructor and Security Expert, SANS and Sam Kumarsamy, Senior Product Marketing Manager, Gigamon Recorded: Nov 6 2018 61 mins
    It’s time to face a hard truth: modern enterprise networks can be extremely – sometimes painfully – complex to manage and defend. Increased network speeds to 100Gb, unfettered access to cloud applications and end-to-end encryption are just some of the requirements of today’s employees. When you add in mobile and IoT devices, the complexity grows exponentially, especially when it comes to the security of the networks to which they connect.

    And when we couple expanding networks with security needs, many organizations struggle to protect their users. This leads to conflicts between NetOps and SecOps goals. The networking team is concerned about availability and performance to ensure the business is being conducted whereas the security team needs to ensure the data and the users are safe from bad actors.

    We need a new approach that provides pervasive visibility to data flowing across the physical, virtual and cloud infrastructure to ensure that the right traffic is sent to the right security tools. This approach should also enable SecOps and NetOps to collaborate and improve the security posture of an organization

    Watch this SANS webinar to learn:
    •The common security pain points as networks expand and grow with increasing speeds
    •How today’s users are forcing organizations to consider/include security in their network architecture
    •How a lack of security can impact network availability and performance
    •How to bridge the NetOps and SecOps divide

    We will discuss how pervasive network visibility improves security tool utilization and can shorten detection and response times. We hope this webcast will inspire you to reassess the current state of your network and security infrastructure to enable collaboration between the two teams and improve your security posture. Watch now!
  • Gigamon 3 - Threat Hunting: Objectively Measuring Value
    Gigamon 3 - Threat Hunting: Objectively Measuring Value
    Justin Kohler, Sen Dir, Customer Success, Gigamon; Patrick Perry, Technical Acct Mgr, Gigamon Insight; Brandon Dunlap Recorded: Nov 1 2018 57 mins
    Someone in leadership always seems to ask the question “How can I tie my threat hunting activities to real impacts for the organization?” Threat hunting programs are encouraged as part of a mature and successful incident response capability and teams invest significant time and effort in the development and maintenance of that program. However, management is always looking for metrics to demonstrate the value of threat hunting in real terms due to the number of hours consumed by such highly skilled professionals. It’s a big investment. Join Gigamon on November 1, 2018 at 1:00PM Eastern for an examination of how to demonstrate value from threat hunting operations with practical methods and examples for tracking hunting operations, reporting and attributing outcomes to industry-leading frameworks and plot hunting goals and coverage across the MITRE ATT&CK framework.

Embed in website or blog