Discover how Gigamon’s Precryption technology revolutionizes cybersecurity by enabling organizations to uncover hidden threats in encrypted traffic. Explore the innovative approach to enhancing security and compliance in the cloud while maintaining data privacy.
Gigamon, the foremost provider of deep observability solutions, has unveiled a series of groundbreaking advancements in cybersecurity within its latest software release, GigaVUE 6.4. These innovations are set to enhance the Gigamon Deep Observability Pipeline. Leading this innovation is Gigamon’s Precryption™ technology, which, for the first time, offers automated solutions to IT and security organizations. This technology grants them unobstructed visibility into encrypted traffic within virtual machine (VM) or container workloads, enabling advanced threat detection, investigation, and response across hybrid cloud infrastructures with remarkable efficiency. Encryption, initially designed for security and privacy, has inadvertently provided cover for cybercriminals, with over 93% of malware now concealed behind encryption. Gigamon’s announcement at their Visualyze Bootcamp addresses this issue, helping IT organizations eliminate blind spots by exposing previously hidden threat activities within encrypted traffic, bolstering the foundations of the Zero Trust model.
Hidden Threats in Encrypted Traffic Go Unnoticed
According to Gigamon’s 2023 Hybrid Cloud Security Survey, over 70% of the surveyed 1,000 IT and security leaders currently do not inspect the encrypted data flowing across their hybrid cloud infrastructure. This poses significant business risks, as encrypted data remains inadequately analyzed, making it impossible for security and monitoring tools alone to detect malware threats as encrypted data moves internally, externally, or laterally throughout an organization.
“As our reliance on the cloud continues to grow, the ability to inspect encrypted communications becomes critical for safeguarding the United States Holocaust Memorial Museum and its assets from potential threats,” stated Michael Trofi, principal at Trofi Security. He added, “With Precryption, Gigamon is a decade ahead of the security industry, offering a technology that efficiently detects previously concealed threat activity, allowing us to move away from monolithic firewall architectures and complex decryption standards toward an efficient distributed model where our servers handle processing without compromising performance. Gigamon Precryption will greatly benefit the entire security industry, and organizations should closely consider it as they transition to the cloud.”
Gigamon Precryption Technology: A Unified Solution for All Cloud Traffic and Encryption Methods
Gigamon Precryption technology uncovers hidden threat activity, including lateral movement, malware distribution, and data exfiltration within virtual, cloud, and container applications. It leverages eBPF technology within the Linux kernel to provide plaintext visibility, capturing traffic before encryption or after decryption. No interception or sniffing of encryption keys is necessary, and expensive decryption is eliminated. Moreover, Precryption technology operates independently of applications, avoiding the operational complexities associated with agent-based approaches.
“Gigamon Precryption technology addresses a critical security challenge by providing visibility into previously inaccessible encrypted traffic, which has the potential to expose our multi-cloud environment and business to hidden threats,” emphasized Michael McCann, network manager, Information Systems at Foxwoods Resort Casino. He continued, “When I realized that Gigamon Precryption simplifies key management and allows us to detect threats with a single view, it became clear that this technology would redefine our security processes and significantly enhance our security posture.”
“Global enterprises are increasingly successful in consolidating security logs in a security data lake, but encrypted traffic poses a real challenge,” noted Omer Singer, head of cybersecurity strategy at Snowflake. He added, “Advancements like Gigamon Precryption technology present a compelling solution for organizations to convert encrypted cloud traffic into visibility, enhancing security and compliance across hybrid cloud infrastructures.”
Gigamon Precryption technology caters to various advanced security requirements, including:
Facilitating InfoSec, Network, and CloudOps teams in gaining full visibility into encrypted traffic across VM or container workloads. Seamlessly working with contemporary encryption methods, including TLS 1.3 or TLS 1.2 with perfect-forward secrecy (PFS) enabled, as well as legacy encryption methods like TLS 1.2 without PFS. Fully supporting organizations handling sensitive personal identifiable information (PII) by concealing this traffic for data security, compliance, and governance. Significantly reducing operational complexities related to decryption by eliminating the need for cumbersome private key management, key sharing, passing, and library updates. Efficiently offloading TLS decryption overhead from cloud, security, and observability tools, enhancing their capacity and performance.
“In a recent study involving large enterprise IT and security leaders, we found that a concerning 50% accept the risk and do not decrypt traffic today due to technical and cost challenges,” said Christopher Steffen, vice president of research at EMA. He remarked, “At a time when organizations are striving for a Zero Trust model, it’s evident that half of them face obstacles in achieving it. It’s time to address the issue of visibility into encrypted traffic and move it out of the ‘too difficult, impossible, and expensive’ category. Innovations like Gigamon Precryption technology empower organizations to attain the deep observability necessary to meet evolving standards, regulatory compliance, and secure their hybrid cloud infrastructure confidently.”
“As cloud adoption accelerates across an increasing number of private and public platforms, organizations must also confront the growing risks associated with concealed threat activity within encrypted traffic,” noted Michael Dickman, chief product officer at Gigamon. He concluded, “Until now, decrypting cloud traffic has been a challenging and costly endeavor. With Gigamon Precryption technology, we are changing the game, bringing deep observability to encrypted traffic and enabling customers to significantly enhance their security posture across various clouds and workloads without burdening developers.”
In a related development, Gigamon’s partners have embraced Precryption technology for their global security strategies.
GigaVUE 6.4 Enhances Security Integration across Infrastructure and Applications
The latest software release, GigaVUE 6.4, also incorporates several advanced security features, including:
Cloud SSL Decryption, expanding classic on-prem decryption capabilities to a wide array of virtual and cloud platforms. Universal Cloud Tap (UCT), a single, executable tap designed for leading platforms, extending across VMs and containers, with pre-filtering at the source to maximize efficiency. Application Metadata Intelligence (AMI) Integration, enabling the detection of vulnerabilities and suspicious activities across both managed and unmanaged hosts, such as IoT devices.
In an ever-evolving digital landscape where security threats continue to grow in complexity and sophistication, Gigamon’s Precryption technology emerges as a beacon of innovation, addressing the longstanding challenge of decrypting and analyzing encrypted traffic. By providing organizations with the means to uncover concealed threats and vulnerabilities, Gigamon not only enhances security but also empowers businesses to embrace the full potential of the cloud while maintaining compliance and governance. With these groundbreaking advancements in cybersecurity, Gigamon not only leads the way but also illuminates a path towards a safer and more secure digital future for organizations across the globe.