Partner Spotlight: Power of 3 With Gigamon, LiveAction, and NTT

This spotlight focuses on two of our partners, LiveAction and NTT Data, who join with Gigamon to form a Power of 3 team forged to bring customers unparalleled visibility and security integrations.

We spoke to Joe Maissel, NTT Data's Practice Director - Observability and IT Ops, about observability and the value LiveAction and Gigamon bring to its customers. LiveAction Principal Engineer David Izumo took us on a deep dive into LiveAction's offerings. And finally, Gigamon Strategic Alliances Director Chris Dittert explained how the LiveAction-Gigamon joint solution enhances network visibility and optimization and the role NTT plays in this Power of 3.

Gigamon: Why is observability necessary, and what are the considerations in cloud as well as on-prem monitoring?

Joe: Our clients continue to tell us that providing secure and reliable digital infrastructure remains a top business priority. Business stakeholders are not concerned with the particulars of whether a problem is in the cloud or on-prem. They want systems to be "always on" and free from security incidents.

To provide the level of service modern enterprises demand, observability is necessary. Observability is how the root cause of a problem is identified rapidly or, ideally, found before it precipitates an incident in the first place.

Gigamon: Can you discuss the potential financial and reputational costs of cybersecurity incidents for companies, and provide a specific example?

Joe: We've seen countless times how performance issues or security breaches degrade customer experience, brand equity, and employee morale. After a serious security problem like a ransomware attack, businesses struggle to regain the confidence of their customers. The CDK Global ransomware incident alone cost an estimated $1 billion, let alone the damage to CDK's brand.

Gigamon: Some say enterprise observability is a key to effective network management. What are the challenges organizations face with security and performance?

Joe: Without reliability, stability, security, and the ability to easily demonstrate the innocence of the network during an incident, organizations are wasting valuable time. Their network engineers will be bogged down with operational issues instead of building the future state infrastructure all businesses need to remain competitive.

Gigamon: How does a network performance solution coupled with a network visibility solution optimize security?

David: Integrating network performance with visibility solutions significantly enhances security by offering:

• Full network visibility, which provides insights into traffic flow and behavior across all network environments, including cloud and encrypted traffic. This helps detect anomalies like unusual spikes or patterns, revealing potential threats early.
• Network performance monitoring, focusing on both volumetric and performance metrics like bandwidth utilization, latency, jitter, and packet loss to identify vulnerabilities such as DDoS attacks or malware. By monitoring the health of the network, performance issues can be quickly flagged.

Together, network performance and visibility systems enable holistic monitoring, improving the detection of threats and facilitating faster root cause analysis. This integrated approach allows organizations to maintain both secure and efficient networks by detecting and resolving issues in real time.

Gigamon: Has AI increased the effectiveness of your solution, and do you consider it a cornerstone of all solutions going forward?

David: Yes, AI has significantly enhanced network performance monitoring and will be crucial for LiveAction's solutions moving forward.

Here's how:

• Real-time anomaly detection: AI continuously monitors network traffic, quickly identifying anomalies like unusual spikes or dips in performance, ensuring faster response to potential threats. We achieve this by leveraging our robust alerting system, which allows for cross-correlation between several forms of telemetry.
• Pattern recognition and baseline behavior: AI establishes baselines for normal network performance, detecting deviations and enabling dynamic thresholding for both performance and volumetric alerts - an area LiveAction is actively advancing. This leads to more accurate and proactive alerting.
• Root cause analysis and remediation: AI automates issue identification by correlating data to trace the root cause, reducing manual troubleshooting. LiveAction is advancing our LiveNX platform to correlate the vast amounts of network data in our database, providing clear and concise root cause analysis within our alerting framework. Additionally, users can interactively query the system through our LiveAssist natural language AI.

This integration of AI enables faster detection, improved accuracy, and more efficient responses to network anomalies, making it foundational to LiveAction's network intelligence solution.

Gigamon: Where does your solution have a place in Zero Trust and compliance requirements?

David: LiveAction's solutions, including LiveNX, LiveWire, and LiveNCA, play a critical role in supporting Zero Trust architecture (ZTA), as outlined in the CISA Zero Trust Maturity Model and NIST 800-207 Zero Trust Architecture framework. Our solutions align with the Visibility and Analytics requirements and are especially focused on the network pillar by ensuring continuous monitoring and enforcement of security policies across diverse environments.

• LiveNX: Provides end-to-end visibility into both network infrastructure and security devices, spanning on-premises, cloud, SDN (with VXLAN visibility), and SD-WAN deployments. Using ML/AI, LiveNX analyzes telemetry data to detect anomalies in application performance and network behavior, offering real-time insights to guide security policy enforcement and proactive defense.
• LiveWire: Offers packet-level analysis for real-time and forensic visibility, essential for detecting, capturing, and analyzing network traffic. This deep insight supports threat detection and network activity monitoring, aiding compliance with Zero Trust requirements by ensuring the inspection of both encrypted and unencrypted traffic at the packet level.
• LiveNCA: Facilitates the deployment, verification, and management of Zero Trust policies. It ensures compliance by identifying policy drift and validating security across the infrastructure. LiveNCA also simplifies the onboarding of new devices within ZTA environments, providing consistent policy deployment and validation.

Aligned with CISA Zero Trust Maturity Model and NIST 800-207, LiveAction's solutions deliver comprehensive network visibility, real-time anomaly detection, and forensic analysis, enabling organizations to meet Zero Trust and regulatory compliance requirements with confidence.

Gigamon: With the complexity of network environments today, we need to simplify to monitor effectively. How does the addition of two solutions help a user to do this?

Chris: Complex network environments require simple monitoring solutions. Organizations use LiveAction to manage network performance in these environments. By leveraging the Gigamon Deep Observability Pipeline to capture and route network-derived intelligence from network traffic, and efficiently delivering the telemetry data to LiveAction, organizations can effectively monitor, manage, and troubleshoot applications and network performance. This approach provides significant benefits in today's enterprise IT environments, including:

• Hybrid WAN/SD-WAN monitoring and service assurance
• Cloud monitoring
• Application performance and troubleshooting
• Voice and video optimization
• QoS configuration and validation
• Root cause analysis
• Comprehensive packet analytics for multi-domain
• Capacity planning and WAN bandwidth management

Gigamon: How does the LiveAction-Gigamon joint solution provide visibility and optimize application delivery?

Chris: The Gigamon Deep Observability Pipeline, combined with LiveAction's network intelligence and analytics platform, provides effective visibility and smart analysis to optimize application traffic delivery. This joint solution can provide full packet analytics and visibility into areas of the network where flow data isn't available or is only available as sampled. The solution provides two visibility options:

• Flow-based: Troubleshooting complex problems requires granular flow analysis. LiveAction LiveNX can provide flow visibility across multiple domains in a multi-vendor environment. The Gigamon Deep Observability Pipeline generates NetFlow and application metadata without sampling and provides LiveNX with NetFlow and/or metadata records for real-time and historical analysis. The solution provides scalability, improves data center, cloud, and WAN visibility, and accelerates troubleshooting and resolution of performance issues.
• Flow and packet-based: LiveAction allows for simple workflows from flow data to deep packet analysis. LiveAction LiveWire physical and virtual appliances extend visibility with advanced visual analysis of network, application, and VoIP issues at data centers, public clouds, WAN links, and remote sites and branches. Leveraging intelligent pattern-match filtering in the Gigamon Deep Observability Pipeline to direct only the traffic of interest to one or more LiveWire analyzers provides deep observability to troubleshoot any sized network environment.

Gigamon: Is this joint solution able to acquire lateral traffic in a virtualized data center, and what role do you see NTT playing in this Power of 3?

Chris: East-West virtualized data center and public traffic is growing increasingly fast. Gigamon is able to acquire this traffic and incorporate it into the Deep Observability Pipeline for delivery to LiveAction - ensuring all traffic can be monitored and analyzed together, avoiding blind spots, increasing the likelihood of spotting suspicious behavior, and removing the need to learn a new set of tooling for virtual and public cloud environments.

NTT helps customers navigate the complexities of network management. As a globally trusted network service provider, NTT has helped leading organizations achieve 95 percent resolution before network health impact, a fivefold reduction in downtime, 25 times the application performance, and nearly 30 percent lower operational costs. NTT's network services include connectivity, infrastructure, security, and managed services, providing everything enterprise networks need to thrive. This is supported by strong partnerships with technology leaders such as Gigamon and LiveAction.