Evaluate your SIEM
Get the guideGigamon Deep Observability Pipeline App for Sumo Logic
Strengthening Security Using Network-derived Intelligence from Gigamon Deep Observability Pipeline to Sumo Logic
Strengthening Security Using Network-derived Intelligence from Gigamon Deep Observability Pipeline to Sumo Logic
Full visibility and expand data points to gather and visualize rich metadata attributes from network from over 3000+ applications and 5000+ attributes
The integration delivers adversary activities and behaviors in the form of detections, observations, and aggregations of network events.
With the ability to see all traffic in network, this solution can gather all DHCP and IP related transactions and identify attributes as granular as DHCP Hostname and DHCP Offer with mac address, making it easy to discover any new assets on the network.
This dashboard provides overview of all the applications from network perspective and identify and suspicious apps like BitTorrent, potential crypto jacking.
The dashboard shows overall usage of SSL ciphers in environment and identify any week ciphers in use. The other part shows the TLS certs expiring near term.
DNS Queries dashboard helps identify if any of the internal host is talking to outside DNS servers (Common case in C&C attacks) SMB File movement shows any files moving on network with SMB (notice unusual file movement). DHCP IP and hostnames help identify any OT/IoT devices on network. Http response codes helps track performance.