Professional Documents
Culture Documents
GigaVUE-VM
Product Description
The Gigamon GigaVUE-VM Visibility Fabric node provides an intelligent filtering technology that allows virtual
machine (VM) traffic flows of interest to be selected, forwarded, and delivered to the monitoring infrastructure
centrally attached to the GigaVUE platforms, thereby eliminating any traffic blind spots in the enterprise private
clouds or Service Provider NFV deployments.
Table 1: Features and Benefits
GigaVUE-VM
Features
Benefits
Intelligent selection, filtering, and forwarding of VM traffic to the monitoring and tool infrastructure;
extend the reach and leverage of existing tools to monitor virtual network infrastructure; onboard
virtual traffic visibility for n-tier application cluster.
Multi-hypervisor support
Supports the most popular private cloud hypervisors, VMware ESXi, VMware NSX-V
and KVM/OpenStack
Virtual switch
agnostic solution
Support for VMware vSS/vDS and Cisco Nexus 1000V and any virtual switch on OpenStack/KVM.
Use VMware NSX Dynamic Service Insertion to associate visibility policies with security groups,
thereby providing continuous and automated traffic visibility for applications as they scale up
Centralized management
Manage and monitor the physical and virtual fabric nodes using GigaVUE-FM while also configuring
the traffic policies to access, select, transform, and deliver the traffic to the tools.
Conserve production network backhaul and optimize monitoring infrastructure processing by slicing
VM traffic at required offset, before forwarding it for analysis.
Tunneling support (standards Leverage the production network to tunnel and forward the filtered virtual traffic from the hypervisor
L2 GRE encapsulation)
to the GigaVUE platforms; tenant-based IP Tunneling facilitates isolation, privacy, and compliance of
monitoring traffic. Simplified virtual traffic policy creation to identify and select the physical tunnel
termination end-point where the filtered and transformed virtual workload traffic is to be delivered.
Optimized traffic delivery
Tunneled traffic can be marked with DSCP values for per hop behavior to get preferential treatment
on the production network. If changing MTU size in the network is an issue, fragmentation can be
enabled to transport the packets using standard MTU sizes. These packets will then be re-assembled
at the Visibility Fabric nodes before further analysis.
Ensure the integrity of visibility and monitoring policies in a dynamic infrastructure, have real-time
adjustment of monitoring and security posture to virtual network changes, and the ability to respond
to disasters/failures without losing NOC insight and control.
Hotspot monitoring
Pro-actively monitor and troubleshoot GigaVUE-VM nodes by elevating Top-N and Bottom-N virtual
traffic policies to the centralized dashboards.
Having an end-to-end solution that provides traffic visibility into both the physical and virtualized infrastructures empowers the infrastructure
administrators and operators with the insight needed to ensure service quality, security compliancy, and maintain business continuity.
VM
VM
VM
VM
HYPERVISOR
HYPERVISOR
SERVER I
SERVER II
Internet
GigaVUE-FM
vCenter
Tunneling
vCenter integration
Bulk GigaVUE-VM onboarding
Virtual traffic policy creation
Automatic migration of monitoring policies
Private
Cloud
Application
Performance
Network
Management
Visibility Fabric
Production Network
Security
GigaVUE-FM
1
NetOps / SecOps
Admin
licy
an
tus
Sta
7
SG1
SG2
SG3 GigaVUE-VM
VM
VM
VM
6
vSwitch
VMware NSX-V
Copy Packet
dT
raf
fic
Po
Ch
ec
ks
Cloud
Admin
APM
SIEM
IDS
NSX Manager
vCenter
IPS
?,.
(Inline)
E?3;"3/F
Anti-Malware
+36"()$;7$0/
(Inline)
E?3;"3/F
Data
Loss
@$6$2C8--2
Prevention
,0/1/36"83
Intrusion
?360:-"83
Detection
@/6/A6"83
System
.>-6/B
Forensics
G80/3-"A-
Email Threat
Detection
A
P
I
Internet
GigaVUE-VM and
GigaVUE Nodes
TAPs
GigaVUE VM
Metadata
Engine
Application
Session Filtering
SSL
Decryption
Inline
Bypass
Tenant level Traffic Visibility for Monitoring Dynamic Service Insertion of GigaVUE-VM
vRealize Automation (vRA)
REST APIs
Software-Defined Visibility
Centralized Tools
GigaVUE-FM
Security
vCenter
Anti-Malware
VXLAN=6000
POWERED BY
GigaSMART
SSL
Decryption
DLP
SSL Decryption
NetFlow / IPFIX
Generation
Adaptive
Packet Filtering
TAPs
GigaVUE VM
Header
Stripping
Visibility Fabric
Application
Session Filtering
Internet
IDS
Network Forensics
APT
Monitoring
De-cap VXLAN
Application Performance
Network Performance
NetFlow / IPFIX
Customer Experience
Traffic policy filters are configured to mirror the target VMs interface traffic to GigaVUE-VM
The filtered traffic can be sampled at configured rates to reduce backhaul to the monitoring tools
GigaVUE-VM optimizes (complex filters and slicing) and delivers traffic to the physical Visibility Fabric nodes where additional
GigaSMART traffic intelligence can be applied before delivering the traffic to the monitoring tools
Based on the number of tap points (vNICs) being monitored, GigaVUE-FM auto-deploys the requisite number of GigaVUE-VM nodes
1 OpenStack: Horizon/Nova deploys tenant
Glance
Tenant
Horizon
Nova
GigaVUE-VM
VM
VM
KVM
Visibility Node)
APM
Traffic
Policies
Any vSwitch
GigaVUE-FM
KVM
Visibility Fabric
5 Any vSwitch
VM
NPM
Tunneling
Description
Hypervisor
CPU
One or more 64-bit x86 CPUs with virtualization assist (Intel-VT or AMD-V) enabled
Network
The following table lists the virtual computing resources that the VMware ESXi server must provide for each GigaVUE-VM fabric
node instance.
Table 3: Computing Requirements for GigaVUE-VM on VMware
Requirement
Description
Memory
One (1)
Description
G-vTAP
vCPUs
Memory
Disk space
vNICs
2GB
N/A
2GB
4GB
G-vTAP-CTL
2GB
10GB
Ordering Information
Table 5: GigaVUE-VM for VMware
Part Number
Description
GFM-VM010
GFM-VM050
GFM-VM100
GFM-VM250
GFM-VM1000
GFM-VM-NSX
Table 6: For OpenStack Clouds (GigaVUE-VM is included as part of the solution below)
Part Number
Description
GFM-VTAP-100
Virtual Monitoring in OpenStack deployments for up to 100 virtual tap points. A virtual tap point is any end
point that can be monitored, for ex., a vNIC in a VM.
GFM-VTAP-250
Virtual Monitoring in OpenStack deployments for up to 250 virtual tap points. A virtual tap point is any end
point that can be monitored, for ex., a vNIC in a VM.
GFM-VTAP-1000
Virtual Monitoring in OpenStack deployments for up to 1000 virtual tap points. A virtual tap point is any end
point that can be monitored, for ex., a vNIC in a VM.
2013-2016 Gigamon. All rights reserved. Gigamon and the Gigamon logo are trademarks of Gigamon in the United States and/or
other countries. Gigamon trademarks can be found at www.gigamon.com/legal-trademarks. All other trademarks are the trademarks
of their respective owners. Gigamon reserves the right to change, modify, transfer, or otherwise revise this publication without notice.
3300 Olcott Street, Santa Clara, CA 95054 USA | +1 (408) 831-4000 | www.gigamon.com
4022-11 07/16