Gigamon’s Precryption: Deep Visibility into Encrypted Cloud Traffic

News Desk -

Share

Gigamon, the observability solutions provider, has introduced a groundbreaking innovation within its Gigamon Deep Observability Pipeline through the release of GigaVUE 6.4 software. The star of this release is Gigamon Precryption™ technology, a game-changing development that offers IT and security teams an automated solution to attain unobstructed insights into encrypted traffic within virtual machines (VMs) and container workloads. This advancement empowers advanced threat detection, investigation, and response across hybrid cloud infrastructures with unprecedented efficiency. The proliferation of encryption, originally aimed at bolstering security and privacy, has inadvertently become a refuge for cybercriminals, with more than 93 percent of malware now concealed behind encryption. Gigamon’s announcement at the Visualyze Bootcamp event seeks to address this issue by shedding light on previously hidden threats within encrypted traffic, strengthening the foundation of the Zero Trust security approach.

Hidden Threats Abound in Encrypted Data Streams

A recent survey conducted by Gigamon in 2023 revealed that over 70 percent of the 1,000 IT and security leaders surveyed do not currently inspect encrypted data traversing their hybrid cloud infrastructures. This omission poses a significant business risk, as encrypted data remains largely impenetrable to analysis, rendering security and monitoring tools ineffective in detecting malware threats as encrypted data flows within an organization’s network, externally, or laterally.

Michael Trofi, Principal at Trofi Security, stated, “As our reliance on the cloud increases, being able to inspect encrypted communications is critical in keeping the United States Holocaust Memorial Museum and its assets safe and secure from threat actors. With Precryption, Gigamon is 10 years ahead of the security industry with technology that detects previously concealed threat activity in a highly efficient manner that allows us to shift away from monolithic firewall architectures and complex decryption standards toward an efficient distributed model where our servers handle the processing without compromising performance. Gigamon Precryption will benefit the security industry as a whole and is a technology that organizations should closely evaluate as they migrate their operations to the Cloud.”

Gigamon Precryption Technology: A Unified Solution for All Cloud Traffic and Encryption Methods

Gigamon Precryption technology exposes previously concealed threat activity, including lateral movement, malware distribution, and data exfiltration within virtual, cloud, and container applications. This innovative approach leverages eBPF technology within the Linux kernel to provide plaintext visibility, capturing traffic before encryption or after decryption. Importantly, no interception or sniffing of encryption keys is required, and costly decryption processes are eliminated. Furthermore, Precryption technology operates independently of the application, avoiding the operational complexities associated with traditional agent-based approaches.

Michael McCann, Network Manager at Foxwoods Resort Casino, noted, “Gigamon Precryption technology addresses the critical security challenge of our ability to see into certain encrypted traffic, which has the potential to expose our multi-cloud environment and business to unseen threats. When I realized that Gigamon Precryption eliminates the complexity of key management and enables us to detect threats with a single view, it became clear this technology will redefine our security processes and significantly advance our security posture.”

Omer Singer, Head of Cybersecurity Strategy at Snowflake, commented, “Global enterprises are increasingly successful with unifying security logs in a security data lake, but encrypted traffic poses a real challenge. Industry advances like Gigamon Precryption technology present a compelling path for organizations to turn encrypted cloud traffic into visibility for better security and compliance across hybrid cloud infrastructure.”

Gigamon Precryption technology caters to a range of advanced security needs by:

– Facilitating full visibility into encrypted traffic across VMs or container workloads for InfoSec, Network, and CloudOps teams.

– Seamlessly integrating with modern encryption methods, including TLS 1.3 or TLS 1.2 with perfect-forward secrecy (PFS) enabled, as well as legacy encryption methods like TLS 1.2 without PFS.

– Supporting organizations dealing with sensitive personal identifiable information (PII) by masking such traffic to maintain data security, compliance, and governance.

– Drastically reducing operational complexity tied to decryption by eliminating the need for cumbersome private key management, key sharing, and library updates.

– Efficiently offloading TLS decryption overhead from cloud, security, and observability tools, significantly enhancing their capacity and performance.

Christopher Steffen, Vice President of Research at EMA, highlighted, “In a recent study of large enterprise IT and security leaders, we found that an alarming 50% accept the risk and don’t decrypt traffic today due to technical and cost challenges. At a time when organizations have a Zero Trust goal, it’s clear that half have no hope of achieving it. It’s time to pull visibility into encrypted traffic out of the ‘too hard, impossible, and too expensive bucket.’ With innovations like Gigamon Precryption technology, organizations can get the deep observability they need to meet evolving standards and regulatory compliance and confidently secure their hybrid cloud infrastructure.”

Michael Dickman, Chief Product Officer at Gigamon, emphasized, “As cloud adoption accelerates across an expanding number of private and public platforms, organizations must also address the escalating risks of threat activity concealed within encrypted traffic. Until now, decrypting cloud traffic has been arduous and expensive. With Gigamon Precryption technology, we’re turning the tables on cybercriminals by bringing deep observability to encrypted traffic, allowing customers to dramatically improve their security posture across any number of clouds and workloads, without any burden on developers.”

In a related announcement, Gigamon partners have embraced Precryption technology to enhance their global security practices.

GigaVUE 6.4 Enhances Security Integration Across Infrastructure and Applications

The latest software release also incorporates advanced security features, including:

– Cloud SSL Decryption, expanding traditional on-prem decryption capabilities to encompass various virtual and cloud platforms.

– Universal Cloud Tap (UCT), a single, executable tap compatible with leading platforms, extending across VMs and containers with pre-filtering at the source for maximum efficiency.

– Application Metadata Intelligence (AMI) Integration, facilitating the detection of vulnerabilities and suspicious activities across both managed and unmanaged hosts, such as IoT devices.

To delve deeper into these latest innovations and explore how they enhance observability in hybrid cloud environments, join the immersive virtual technical sessions at Gigamon’s Visualyze Bootcamp.


Leave a reply