Product Overview: Gigamon ThreatINSIGHT (Gigamon Insight)
Gigamon ThreatINSIGHT, often referred to as Gigamon Insight, is a cutting-edge, cloud-native network detection and response (NDR) solution designed to enhance the security posture of modern, highly dynamic network environments. Here’s a detailed look at what the product does and its key features.
Purpose and Functionality
Gigamon ThreatINSIGHT is engineered to address the complexities of today’s distributed networks, where employees, devices, and infrastructures are increasingly dispersed. This solution is built to provide comprehensive visibility, rapid threat detection, and efficient response mechanisms to network-based threats.
Key Features
Unequaled Visibility
- Offers comprehensive visibility across all attack surfaces, including north-south, east-west, and cloud environments (AWS, Azure, etc.), along with support for decrypted traffic and KVM.
- Provides unlimited storage of enriched network metadata with up to 30 days of retention, enabling detailed historical analysis.
High-Fidelity Threat Detection
- Utilizes leading threat intelligence and behavioral analysis from Gigamon Applied Threat Research.
- Accelerates threat detection with automatic risk scoring across the MITRE ATT&CK framework, ensuring that the most critical threats are identified and prioritized.
Rapid, Informed Response
- Automates security investigations and responses, allowing teams to focus on high-priority incidents with less effort.
- Detects suspicious DNS and SSL traffic associated with emerging threats using machine learning.
- Enables zero-touch visibility into new network segments within minutes, easing security deployment.
Advanced Threat Hunting and Investigation
- Supports rapid threat-hunting with rich metadata search capabilities for supported protocols.
- Offers powerful visualization tools to track various aspects of the network, enhancing the ability to detect and investigate threats.
- Allows for the tracking of historical threat activity on devices, even during network changes, and provides vast access to enriched metadata for deeper investigative activities.
Operational Efficiency
- Improves security workflows and tracking by transitioning from reactive to proactive monitoring and mitigation.
- Enhances investigation workflows, enabling faster discovery of relevant details.
- Supports custom alerting and query capabilities using a SQL-like language, which is highly valued by users for its power and flexibility.
Additional Benefits
- Centralized TLS 1.3 Decryption: Exposes hidden threats through centralized decryption, leveraging the Gigamon Visibility and Analytics Fabric™.
- Industry Recognition: Gigamon Insight has gained significant customer adoption and industry recognition, including multiple awards, for its effectiveness in improving network security by correlating network traffic with operational and security information.
In summary, Gigamon ThreatINSIGHT is a robust SaaS-based network security monitoring platform that delivers unparalleled visibility, high-fidelity threat detection, and rapid response capabilities. It is designed to empower security teams to efficiently detect, hunt, and investigate network-based threats, thereby strengthening the overall security posture of enterprise networks.