Gigamon

Gigamon provides visibility and analytics infrastructure that aggregates, optimizes, and distributes network traffic to security, observability, and performance tools across hybrid and multi-cloud environments.

• Network visibility and traffic aggregation for on-premises (on-prem), cloud, and hybrid infrastructures (network observability).
• Traffic intelligence and de-duplication to optimize security and monitoring tool performance (security operations optimization).
• Encrypted traffic visibility and inspection support for security controls (network security).
• Cloud-native visibility services for public cloud workloads and virtualized environments (cloud observability).
• Centralized management and orchestration of visibility policies and traffic flows (network operations management).

More About Gigamon

Gigamon focuses on providing network visibility and analytics platforms used by enterprises, service providers, and public-sector organizations to gain consistent access to traffic across physical, virtual, and cloud environments. Its technology collects and processes packet-level data from diverse network segments and delivers the right subset of traffic to security, observability, and performance monitoring tools. This supports use cases such as threat detection, incident response, compliance monitoring, and application performance analysis in data centers, campus networks, branch sites, and cloud infrastructures.

The company’s offerings are typically deployed as a visibility fabric (network observability) that sits between production networks and downstream tools. Packet brokers and related components ingest traffic via network taps or switch port mirrors, perform filtering, de-duplication, header stripping, and load balancing, then forward tailored flows to intrusion detection systems, firewalls, Security Information and Event Management (SIEM) platforms, Application Performance Management (APM) tools, and network performance monitors. This helps consolidate capture points, reduce redundant data, and extend the reach of existing tooling without inline performance penalties on production workloads.

Gigamon also supports visibility into virtualized and cloud-native environments (cloud observability). Virtual taps and cloud-specific components collect traffic from virtual machines, containers, and cloud infrastructure, enabling similar filtering and distribution functions in public, private, and hybrid cloud deployments. This is relevant for organizations adopting architectures such as microservices and Kubernetes, where traditional hardware taps and port mirrors are not sufficient for complete coverage.

Security use cases form a core focus area, with features that assist in inspecting encrypted traffic and providing context for tools in Security Operations (SecOps) centers (network security). By centralizing decryption and traffic processing, organizations can route decrypted flows to multiple security tools without replicating decryption functions in each system. This can simplify policy management, key handling, and scaling of security analytics, while also reducing the processing load on individual tools.

From an architecture perspective, Gigamon’s platforms operate at the network packet layer, interfacing with common protocols such as Ethernet, IP, and Virtual LAN (VLAN) tagging, and integrating with Switched Port Analyzer (SPAN), Test Access Points (TAP), and cloud-native mirroring mechanisms. Management and orchestration components provide a single control plane for configuring traffic policies, mapping source interfaces to tools, and applying Role-Based Access Control (RBAC). This centralized model supports large-scale enterprises with distributed data centers and multi-region cloud footprints.

Within an enterprise IT directory or marketplace, Gigamon is typically categorized under network observability, traffic aggregation, and security visibility. Its active solution areas can be grouped as network visibility fabrics (network observability), cloud and virtual visibility services (cloud observability), and traffic optimization for security and monitoring stacks (security operations optimization). These offerings are used to extend the effectiveness of existing monitoring and security products by ensuring they receive the appropriate traffic in a manageable and cost-efficient form.