Gigamon specializes in leveraging network metadata to increase the efficiency of security tools. It does this by ensuring the identification and delivery of the right information to operational intelligence platforms like Splunk. It works in a fast and flexible way to enable faster detection time of problems and potential threats, according to Phil Griston, director of alliances and business development at Gigamon.

Griston and Jai Balasubramaniyan, director of product management at Gigamon, spoke with John Furrier (@furrier) and John Walls (@JohnWalls21), cohosts of theCUBE, from the SiliconANGLE Media team, during Splunk.conf 2016, held at the Walt Disney World Swan and Dolphin Resorts in Orlando, FL. The duo discussed Gigamon’s role in the network space.

Providing a single tap into the network

Furrier initiated the conversation by asking about how Gigamon does itsbusiness; how do they “peel the onion,” so to speak?

“We add an architecture layer to the network to make it very easy to take traffic from a network and deliver the relevant traffic into those tools. … We provide a total ‘single tap’ in the network,” said Griston. “For Splunk, for example … we’ll take packet data and … filter that data to what is of essential interest to your security analysts and feed it into the Splunk app for stream.”

Getting a handle on your network and malware

Regarding how customers roll out Gigamon and get the value they’re looking for, Balasubramaniyan said: “We often bring in the particular chain … malware floats around the network, looking for target hosts, etc. … [many] security practitioners say that it’s too late to catch the malware in the final stages, when the data is being stolen. You actually want to catch malware when it’s ‘noisy,’ when it’s moving around.” He added that once it gets to the host, it’s too late; the damage has been done, the security has been breached.

Gigamon enables its clients to see all of the data on their network, whether it’s moving betweenvirtual machines or between switches; it can all be seen and accessed. “The network is seen as the problem, but also as the source of truth … if you’re looking at data in motion, you know what’s really happening on your network,” Griston pointed out.

Keeping up with new technology

Walls pointed out that for many technology companies, it’s a perpetual cycle to stay ahead of the game. There’s always new intrusions and new threats to client systems. How does Gigamon approach that?

“As technology changes, to be able to expand your visibility to cover that new technology is also vitally important. … Gigamon spends a huge amount of effort making sure that whatever network technology is coming along, we have a way of tapping it,” said Griston.

Balasubramaniyanadded: , “We’re this middle layer between a fast network and the tools that need to keep doing more and more.”

Watch the complete video interview below, and be sure to check out more of SiliconANGLE and theCUBE’s coverage of Splunk.conf 2016.

Photo by SiliconANGLE