Gigamon, the leading deep observability company, is announcing Gigamon Precryption, an automated solution that grants unobscured visibility into encrypted traffic across virtual machine (VM) or container workloads. Enabling users to execute advanced threat detection, investigation, and response, Gigamon Precryption brings IT teams out of the dark when it comes to concealed threat activity within encrypted traffic.
As virtual environments grow in complexity, the nature of its traffic expands in tandem. Investigating traffic for threat actors—in a public cloud, private cloud, or multi-cloud environment—is as arduous and complex as it is expensive.
“There's a giant elephant in the room that no one's addressed, and it's a big blind spot that organizations have had for a very long time,” said Bassam Khan, VP of product and technical marketing engineering at Gigamon. “And that has to do with inspecting traffic that's going on laterally within a virtual environment.”
According to the Gigamon 2023 Hybrid Cloud Security Survey, over 70% of the 1,000 IT and security leaders reported that they don’t inspect the encrypted data flowing across their hybrid cloud infrastructure.
Gigamon Precryption tackles this security gap by revealing threat activity—such as lateral movement, malware distribution, and data exfiltration inside virtual, cloud, and container applications—that was previously concealed in encryption traffic.
Through the power of eBPF technology, Gigamon Precryption captures traffic before encryption or after decryption. The technology runs independent of the application and without the need for key management, reducing operational challenges expectant of agent-based approaches, according to Gigamon.
“Gigamon Precryption technology addresses the critical security challenge of our ability to see into certain encrypted traffic, which has the potential to expose our multi-cloud environment and business to unseen threats,” said Michael McCann, network manager of information systems at Foxwoods Resort Casino. “When I realized that Gigamon Precryption eliminates the complexity of key management and enables us to detect threats with a single view, it became clear this technology will redefine our security processes and significantly advance our security posture.”
Gigamon Precryption offers full visibility into encrypted traffic across VM or container workloads, seamlessly working with modern encryption methods, including TLS 1.3 and TLS 1.2 with perfect-forward secrecy (PFS). The solution also works with legacy encryption methods, such as TLS 1.2 without PFS.
The benefits of Gigamon Precryption include decreased operational complexity, reduced expenses, and efficient offloading of TLS description overhead. Not only does this grant wider accessibility, it reduces the pressure on developers while boosting decryption capacity and performance.
For enterprises working with personally identifiable information (PII), Gigamon Precryption masks this sensitive traffic from view to adhere to compliance policies.
“What's really exciting for us and the customers we've been working with so far is the new ability to inspect and stay ahead of the threat actor,” said Khan. “Threat actors operate in the dark. And so far, virtual traffic laterally, moving within a workload has been a really bad blind spot. [Gigamon Precryption] opens up a world of possibilities from a defense perspective and allows our customers to stay one step ahead.”
To learn more about Gigamon Precryption, please visit https://www.gigamon.com/.