Yan Nurindra

Agenda
1. Introduction Gigamon
2. Fungsi Gigamon
3. Flow Mapping
4. Gigamon Product Portfolio
5. Partner & Posision Gigamon
6. Summary (KeyPoint Why Gigamon)
7. Q&A
 Agenda
1. Introduction Gigamon
2. Fungsi Gigamon
3. Flow Mapping
4. Gigamon Product Portfolio
5. Partner & Posision Gigamon
6. Customer Gigamon di BHp
7. Summary (KeyPoint Why Gigamon)
8. Q&A
 TH E ES S E N TI A L E LE ME N T OF YOU R
INFRASTRUCTURE

See what matters.™

• Founded in 2004 • #1 Market Leader for seventh consecutive year

• CEO: Paul Hooper • Over 4000 customers and growing
• Headquarters: Santa Clara, CA, U.S. • Verticals: Federal, Financial Services, Healthcare, Retail,
• Global Offices: 20 countries Technology, Service Providers
• Over 800 employees and growing • Global Patents Issued: 75+
 Gigamon Customer Worldwide
7 8
of the top ten of the top ten largest
Global Banks Tech Companies

8 83
of the top ten of the
Healthcare Providers Fortune 100

10 8
of the top ten of the top ten
U.S. Federal Agencies Mobile Phone
Network Operators

​Customer data from April 2018. List sources available upon request.
ENTERPRISE
Gigamon Customers Today
FEDERAL SERVICE PROVIDER
GENERAL ENTERPRISE / RETAIL / HEALTHCARE /INSURANCE
TECHNOLOGY MISC SERVICES FINANCE

4,000+ 83
of the
End Customers
Fortune 100
 Kondisi Infrastruktur tanpa Gigamon
LATAR BELAKANG
• Penambahan Monitoring Tool
• Tidak Consolidation Monitoring
Tools.
• Port SPAN/mirror yang terbatas
• Keterbatasan port monitoring tools
• Penempatan tapping – Link Putus
 Agenda
1. Introduction Gigamon
2. Fungsi Gigamon
3. Flow Mapping
4. Gigamon Product Portfolio
5. Partner & Posision Gigamon
6. Customer Gigamon di BHp
7. Summary (KeyPoint Why Gigamon)
8. Q&A
 2. Fungsi Gigamon
1. VISIBILITY &
ANALYTICS FABRIC
THE GIGAMON VISIBILITY & ANALYTICS FABRIC
 2. Fungsi Gigamon
1. VISIBILITY &
ANALYTICS FABRIC

2. Eliminate SPAN Port

Contention
 Use Case: Eliminate SPAN Port Contention
FEW SPAN PORTS, MANY TOOLS

Without Gigamon With Gigamon

Intrusion
Detection
System (IDS)
Intrusion Detection
System (IDS) Application
Performance
Application Performance
Management
Management
Switch with two SPAN
session limitation VoIP Analyzer
VoIP Analyzer Switch with
two SPAN
ports Packet
Packet Capture
Capture

Customer is unable to use all tools Customer has complete visibility for all tools
 2. Fungsi Gigamon
1. VISIBILITY &
ANALYTICS FABRIC

2. Eliminate SPAN Port

Contention
3. Change Media and
Speed
 Use Case: Change Media and Speed (Future proof to new network)
10, 40 OR 100GB TRAFFIC TO 1 OR 10GB TOOLS

Without Gigamon With Gigamon

GigaVUE® Matches Your Network to Your Tools

Intrusion Detection
System (IDS)
10Gb 1Gb
Application Performance
Management

VoIP Analyzer

Packet Capture Network Application

VoIP Packet
Performance Performance
Monitor Capture
Monitoring Management

Customer migrates to a 10Gb network and Customer able to extend the life
1Gb monitoring tools become useless of their 1Gb network and security tools
 2. Fungsi Gigamon
1. VISIBILITY &
ANALYTICS FABRIC

2. Eliminate SPAN Port

Contention

3. Change Media and Speed

4. Limited Access to
Environment
Use Case: Limited Access to Environment (Multi segments)
LIMITED TOOL PORTS, MANY SWITCHES

Without Gigamon With Gigamon

Switch 1 Switch 1

Switch 2 Switch 2

Switch 3 Switch 3

Analysis tool with Switch 4 Analysis tool with Switch 4

only 2 NICs only 2 NICs

Switch 5…n Switch 5…n

Limited Connectivity Pervasive Access – Can Connect to

to Full Environment All Points in the Environment
 2. Fungsi Gigamon
1. VISIBILITY &
5. Optimize Tool Efficiency
ANALYTICS FABRIC

2. Eliminate SPAN Port

Contention

3. Change Media and Speed

4. Limited Access to
Environment
 Use Case: Optimize Tool Efficiency (Centralization)
MAXIMIZE THE TOOL INVESTMENT BY CENTRALIZING

Without Gigamon With Gigamon

Remote 1 Remote 1
Remote 2 Remote 2
Switch 1 Switch 1
Switch 2 Remote 3 Switch 2 Remote 3
Switch 3 Switch 3

Remote 4 Remote 4
Switch 4 Switch 4
Central
Central
Switch Switch

1 site per Tool – Tools not optimized Centralize the Tools for maximum efficiency
 2. Fungsi Gigamon
1. VISIBILITY &
5. Optimize Tool Efficiency
ANALYTICS FABRIC

2. Eliminate SPAN Port

Contention 6. Visibility into Virtual

3. Change Media and Speed

4. Limited Access to
Environment
 Use Case: Visibility into Virtual
USE EXISTING TOOL FOR VIRTUAL

Without Gigamon With Gigamon

VM VM VM
??? VM VM VM
1 2 3 1 2 3

EXSi / NSX / KVM EXSi / NSX / KVM

Switch Switch

Existing Tool have no visibility into virtual Visibility into Virtual World with existing Tools
environment
 2. Fungsi Gigamon
1. VISIBILITY &
5. Optimize Tool Efficiency
ANALYTICS FABRIC

2. Eliminate SPAN Port

Contention 6. Visibility into Virtual

3. Change Media and Speed

4. Limited Access to 7. Inline Bypass to Scale

Environment Security Delivery
Inline Bypass to Scale Security Delivery
SOLVING PAIN POINTS OF BOTH SECURITY & NETWORK TEAMS Inline
Bypass
Inline Bypass to Scale Security Delivery
SOLVING PAIN POINTS OF BOTH SECURITY & NETWORK TEAMS Inline
Bypass

No service

Service continue
Inline Bypass to Scale Security Delivery
SOLVING PAIN POINTS OF BOTH SECURITY & NETWORK TEAMS Inline
Bypass

Maximize tool
efficiency

Increase scale of
security monitoring

Add, remove, and upgrade

tools seamlessly

Consolidate multiple points of failure

into a single, bypass-protected solution

Integrate Inline, Out-of-Band, and Flow-based tools

via the GigaSECURE® Security Delivery Platform
 Agenda
1. Introduction Gigamon
2. Fungsi Gigamon
3. Flow Mapping
4. Gigamon Product Portfolio
5. Partner & Posision Gigamon
6. Customer Gigamon di BHp
7. Summary (KeyPoint Why Gigamon)
8. Q&A
 3. Flow Mapping
Apakah Flow Mapping ?

Filtering Data :
1. Ingress Filtering
2. Egress Filtering
 Ingress Filtering

Ingress Ports Egress Ports

Tool 1 (VoIP)

Tool 2 (IDS)

Tool 3 (CEM)

Tool 4 (Web)

Tool 5 (SQL)

Tool 6 (Recorder)

VoIP IDS CEM WEB

Bit Bucket
 Egress Filtering
Ingress Ports Egress Ports

Tool 1 (VoIP)

Tool 2 (IDS)

Tool 3 (CEM)

Tool 4 (Web)

Tool 5 (SQL)

Tool 6 (Recorder)

VoIP IDS CEM WEB

Bit Bucket
Cara kerja flow mapping pada Gigamon
Fabric Ingress Fabric Egress

Flow Mapping®
Map Rule Tool 1 (VoIP)

Map Rule Tool 2 (IDS)

Map Rule Tool 3 (CEM)

Map Rule Tool 4 (Web)

Tool 5 (SQL)

Map Rule Tool 6 (Recorder)

VoIP IDS CEM WEB

Configurable HW-Based Rules,

Bound to Ingress Ports
 Agenda
1. Introduction Gigamon
2. Fungsi Gigamon
3. Flow Mapping
4. Gigamon Product Portfolio
5. Partner & Posision Gigamon
6. Customer Gigamon di BHp
7. Summary (KeyPoint Why Gigamon)
8. Q&A
 4. Gigamon Product Portfolio

Physical, Virtual, and Cloud Infrastructure

 Gigamon Product Portfolio

Physical, Virtual, and Cloud Infrastructure

 HC Series Nodes Comparison
GigaVUE-HC1
​ 1 RU Chassis with 2 bays
​ 2 x AC or DC power modules
​ 12 x 10Gb + 4 x 1Gb RJ45 ports
​ 4 x 1Gb Copper TAP/Bypass Module
​ 2 x 1/10G Optical Bypass module w/ 4 x
10G SFP+ ports
​ 4 x 40Gb (QSFP+) & 8 x 1Gb/10Gb
(SFP/SFP+)
​ Integrated GigaSMART module
​ Clusters with H or TA Series nodes
​ Managed by: CLI, GUI, *FM
* FM – Fabric Manager provides centralized management for all Gigamon visibility nodes . FM supported on vSphere , KVM or Hyper-V. FM physical appliance available.
GigaVUE-HC2 GigVUE-HC3
​ 2 RU chassis with 5 bays and 2 x AC or ​ 3 RU for HC3
DC power modules
​ 4 x AC or DC power modules
​ Max 96 x 1G/10G ports (SFP/+)
​ Max 128 x 10G HC3
​ Max 24 x 40Gb ports (QSFP)
​ Max 64 x 40G HC3
​ Max 8 X 100Gb ports (QSFP28)
​ Max 32 X 100G HC3
​ 4 x 1G/10G Optical Bypass module
​ 2 x 100Gb SR4 Bypass Pairs
​ 2 x 40G Bypass module
​ Max 4 x GigaSMART cards on HC3
​ 12 x 1G Copper Tap/Bypass module
​ Clusters with H or TA Series nodes
​ Max 5 x GigaSMART modules
​ ​ Managed by: CLI, GUI, *FM
Clusters with H or TA Series nodes
​ Managed by: CLI, GUI, *FM
 Gigamon Product Portfolio

Physical, Virtual, and Cloud Infrastructure

 Traffic Aggregators Comparison

GigVUE-TA25 GigVUE-TA200

​ 1 RU front mount ​ 2 RU front mount

​ 2 x AC or DC power modules ​ 2 x AC or DC power modules

​ Port Configuration Modes

​ Port Configuration Modes
• 64 x 100Gb / 40Gb ports
8 x 100Gb / 40Gb ports (QSFP)
• Up to 128 10Gb / 25Gb with breakouts
48 x 1Gb / 10Gb / 25Gb (PNL-M341 (MM), PNL-M343 (SM))
(SFP/SFP+/SFP28)
VLAN tagging
​ VLAN tagging
Clusters with H-Series
​ Clusters with H-Series nodes Managed by: CLI, GUI, *FM

​ Managed by: CLI, GUI, *FM

* FM – Fabric Manager provides centralized management for all Gigamon visibility nodes . FM supported on vSphere , KVM or Hyper-V. FM physical appliance available.
 Gigamon Product Portfolio

Physical, Virtual, and Cloud Infrastructure

 Copper Taps Comparison

GTAP – A* Copper TAP module on HC2

​ 1 RU front mount with chassis ​ 12 TAPs on single module

​ 3 x GTAPs per rack mount chassis ​ Requires HC2 chassis
​ G-TAP-A with fixed RJ45 ports ​ Max Density: 96 TAPs per HC2 chassis
​ G-TAP-ASF with SFP based ports ​ Each TAP can also be used for Inline Bypass
Supports Cisco Twinax (10G Copper)
​ Monitor port on TAP does not exist because traffic from
​ 1 x AC or DC power supply network port A/B hits backplane of chassis for mirroring
2nd power supply is optional ​ Less cabling and optics required for each TAP
​ Optional Power Supply Tray compared to standalone TAPs.
Support up to 12 x GTAP-A taps
​ Rechargeable lithium ion battery

* A – Means “Always ON”. Rechargeable lithium ion battery runs for one hour in case of power failure. It is charged by AC, DC or PoE power.
 Optical Taps Comparison

GTAP – M Series GTAP - BiDi

​ 1 RU front mount ​ 1 RU up to 3 BiDi tap modules

​ Thin Film multi-mode TAPs ​ 3 RU up to 14 BiDi tap modules
​ 1G/10G TAP modules with 50/50
​ Only for 40G BiDi SR Links
and 70/30 split ratios
​ 40G SR4 TAP module 50/50 with ​ Requires 40G BiDi QSFPs on
split ratios network ports of H-Series or TA
​ 40G/100G LR4 TAP modules with nodes
50/50 and 70/30 split ratios ​ Max TAP Density:
​ Max TAP Density:
3 TAPs per 1 RU
36 LC 1/10/40/100G TAPs
14 TAPs per 3 RU
18 MPO 40G SR4 TAPs

* Optical TAPs are 100% Photonic, no power required.

Gigamon Product Portfolio

Physical, Virtual, and Cloud Infrastructure

 GigaSMART® Software Intelligence
Packet Identification,
Filtering and Forwarding
Physical

Network
Management

Application
Performance
Flow Mapping® GigaSMART®
Virtual

GigaVUE-VM
Security

GigaVUE-VM
 GigaSMART® Feature
Application Description Benefits
Packet Slicing • Optimize processing and monitoring throughput
Compliance and confidentiality requirements
•
• Reduce storage requirement.

Masking • Confidentiality & compliance requirements

Conceal private data, e.g. financial, medical
•
• Maintain PCI and HIPAA compliance

• Existing Tool can process packet – by removing

Header headers such as VN-Tags, VXLAN, MPLS, VLANs,
Stripping Fiberpath and tunnels
• Enable routing of traffic from remote to
Remote site centralized
IP Tunneling Remote site • Enable routing of traffic from virtual to physical
GigaVUE-VM Central site for monitoring and analysis
 GigaSMART® Feature
Application Description Benefits
• L2 to L7, pattern identification using regular
expressions (PCRE).
Adaptive Packet • Extract protocols like VXLAN, VN-Tag, and GRE to
Filtering MAC
IP port
http post/get, website,
credit card etc..
send the original packet out to monitoring tools.

• Extract application sessions including initial TCP

Application 1 1 handshake packets to forward or drop.
Filtering 2 2
• Examples, applications that can be detected /
match identified include YouTube, Netflix, Windows
Inteligence 3 updates, VoIP traffic, emails with attachments etc.
• Load balanced Tool/Probe with different capacity.
• Example, least bandwidth, weighted least
Load Balancing bandwidth, least packet rate etc.
 GigaSMART Feature ®

Application Description Benefits

@#$ This • Provide visibility into SSL encrypted sessions
!#%2
• Decrypt once send to multiple out-of-band tools
is
SSL Decryption (IDS, DLP, APM, CEM, etc.)
4_*% clear • Private server keys are encrypted and protected by
role-based access controls
• Offloading NetFlow Generation to Gigamon,
1 NF
eliminates the risk of dropping production traffic
NetFlow/IPFIX 2 • Unsampled 1:1 NetFlow record generation for
Generation 3
security and root cause capability
• Additional metadata inserted into NetFlow/IPFIX records
• Enhance the tool efficiency by eliminating the
same same duplicated data streams across IPv4 / IPv6 networks
• Packet duplication caused by inter-VLAN
De-duplication same
communication or incorrect switch configuration or
same multiple Tapping points.
GigaSMART® Feature
Gigamon Product Portfolio
 GigaVUE-FM
• GigaVUE Fabric Manager (GigaVUE-FM) adalah sebuah web-based fabric management system yang
menyediakan manajemen, akses terpadu, dan administrasi terpusat untuk node-node physical, virtual dan cloud
gigamon.
 Agenda
1. Introduction Gigamon
2. Fungsi Gigamon
3. Flow Mapping
4. Gigamon Product Portfolio
5. Partner & Posision Gigamon
6. Customer Gigamon di BHp
7. Summary (KeyPoint Why Gigamon)
8. Q&A
 5. Partner & Posision Gigamon
Network,
Virtual & Security and
Cloud Vulnerability
Management

Customer
Experience
Management

Network
Performance
Management

Application
Performance
Management

Network
Forensics/Big Data
Analytics
 Gigamon Ecosystem Partners
Security and Vulnerability Management ` Service Performance
Provider Management
Infra-
structure
 Agenda
1. Introduction Gigamon
2. Fungsi Gigamon
3. Flow Mapping
4. Gigamon Product Portfolio
5. Partner & Posision Gigamon
6. Summary (KeyPoint Why Gigamon)
7. Q&A
 6. Summary (KeyPoint Why Gigamon)
• Mengapa menggunakan Gigamon ?
– Mengatasi keterbatasan port.
– Meningkatkan kinerja dan performa Network Infrastructure.
– Meningkatkan kinerja dan performa dari monitoring Tool.
– Mengurangi downtime.
– Mengurangi jumlah monitoring tool dan menghemat biaya (reduce cost).
– Memperpanjang umur dari monitoring tool (dapat menggunakan tool existing).
– Management traffic ke monitoring tool.
– Dapat memberikan visibilitas pada trafik data yang terenkripsi.
 Kondisi Infrastruktur tanpa Gigamon
• Penambahan Monitoring Tool
• Tidak ada consolidation Network
Monitoring
• Port spam/mirror yang terbatas
• Keterbatasan port monitoring tools
• Penempatan tapping – Link Putus
 Infrastruktur Jaringan dengan Gigamon
• Termonitornya data Network yang
penting
• Terkoordinasinya penempatan
monitoring tools.
• Trafik dapat di monitor secara
menyeluruh
• Production Network tidak
terganggu jika ada perubahan
• Filtering Trafik
Q&A
Thanks to all