Warakorn - Fotolia

News Stay informed about the latest enterprise technology news and product updates.

Gigamon adds SSL decryption, 100 GbE and Cisco BiDi visibility

Network visibility vendor Gigamon adds 100 GbE and Cisco BiDi monitoring and integrates SSL decryption into its fabric.

Network visibility infrastructure vendor Gigamon introduced 100 Gbps blades for its network packet broker chassis and taps for Cisco's low-cost BiDi 40 Gbps interfaces. Gigamon also added integrated SSL decryption offload into all of its products.

The new network packet broker blade ships with two 100 Gbps ports and eight 10 Gbps ports, and it slots into either the GigaVUE-HD4 or GigaVUE-HD8 chassis.

Enterprises are still predominantly tapping 1 Gbps and 10 Gbps flows for networking monitoring, said Jonah Kowall, research vice president with Gartner. Very few monitoring tools are even capable of handling 100 Gbps, he said. Gigamon is almost certainly offering these blades now to demonstrate investment protection for the bulk of its customers.

"It's probably more important for people buying the chassis network packet brokers to have the upgradability there for when it's relevant to them," he said.

Gigamon's new BiDi taps, offered as 1U and 3U chassis enclosures, are designed to give visibility into Cisco Nexus 9000 switches that use BiDi optics, a technology that Cisco introduced to allow engineers to migrate from 10 Gigabit Ethernet (GbE) to 40 GbE without upgrading cable.

"It's tough to do typical tapping [of BiDi] links because of incremental loss in the light levels," said Jim Frey, vice president of research for Enterprise Management Associates. "So you have to do a different approach. [Gigamon is] the first I've seen to actually come out with a tap for 40 Gb BiDi. I've seen other vendors only talking about it."

BiDi adoption is still in its very early stages, and BiDi visibility hasn't come up much at all in the conversations that Kowall has had with Gartner enterprise clients. Still, BiDi does offer an affordable migration path from 10 to 40 GbE, so it will draw more interest in the future, Kowall said.

SSL decryption will be introduced as a new GigaSMART application that runs on all of Gigamon's network packet brokers. This feature will allow Gigamon's platform to decrypt traffic before sending it to network monitoring and network security tools.

Gigamon is the first network visibility vendor to offer SSL decryption as an integrated technology, Frey said. VSS Monitoring offers a standalone SSL decryption appliance, which it sells through an OEM agreement with a third-party vendor, he said.

Many enterprises will decrypt SSL traffic on board their monitoring or security tools, but that work can degrade the performance of the tools, Frey said.

Moving SSL decryption from individual monitoring tools to a central visibility fabric like Gigamon's also reduces the risk and complexity of SSL certificate management, Kowall said.

"The alternate way is to load all these SSL certificates into the monitoring tools," Kowall said. "Obviously those are very sensitive. This provides a centralized way for certificates to be managed."

Dig Deeper on Network Monitoring

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

How do you gain visibility into SSL traffic on your network?
We use the Blue Coat Visibility Appliance for this, and have found that the amount of exposure with SSL traffic has increased.