Finding out who - or what - is lurking in your network
Bassam Khan, Vice President of Product and Technical Marketing at Gigamon, shares the importance of application intelligence for governments in this region.
And yet, network operations teams may not have the capability to automatically identify every single application running on the network, notes Bassam Khan of Gigamon, a leading network visibility and analytics provider. This can become a huge security problem for agencies if they can’t see all the data going across their networks, he notes.
For example, it is possible for non-compliant or “shadow IT” applications such as BitTorrent to be found lurking even in highly controlled environments, he shares. Much of this is due to the lack of application visibility and awareness in most networks today, Khan continues.
Yet, helping governments gain network visibility can be difficult. “Every government network, in Singapore and worldwide, is a complex mix of different kinds of physical networks, as well as virtual and increasingly cloud networks,” Khan explains.
Also, the usual method for identifying apps on networks - ‘port mapping’ – is an imperfect approach at best. “The vast majority of network traffic will just show up as ‘Application Unknown’,” Khan says. “In most cases, there is not enough depth or insight for port mapping to be useful.”
Why it’s important to boost your (application) awareness
In mid-2019, Gigamon launched Application Intelligence to solve these problems. Since then, it has been the “fastest adopted software technology” in the solution provider’s history, according to Khan. “One government agency in Asia particularly loved the depth of application visibility,” he says.
Why is visibility important? “Network visibility is foundational for the security of any agency organisation,” says Khan. “Simply put, if you can't see the data, you can't secure it. Gigamon does the heavy lifting in pulling in all the ‘data in transit’, cleansing the data and extracting intelligence so that the security and analytics tools can work efficiently and effectively.”
Application Intelligence also maximises the Return on Investment of tools. Network analysis and monitoring tools get the performance boost they need because Gigamon automatically sends only the appropriate data to them. “You can choose to send all Dropbox traffic to your advanced threat protection and data loss prevention tools to perform full-packet analysis,” Khan points out. “But for apps like Spotify, it’s enough to have a single tool inspect the first few packets of a data stream to ensure that the data is what it claims to be.”
Without application intelligence in the network, each tool must expend valuable resources hunting for the data it needs to analyse. By way of an analogy, “it's like each home having to dig its own well, versus turning on a tap,” Khan says.
Better security and user experience for digital initiatives
What’s more, as government agencies embark on digital transformation initiatives, highly complex applications have become core to both internal operations and public services. These apps have to be available, robust and secure enough to support thousands or even millions of citizens and government employees 24/7. They also have to deliver a great user experience in order to get people to adopt and use them.
How does Gigamon help in this case? Gigamon Application Intelligence identifies each application, and then extracts valuable metadata about that application. Gigamon is able to generate over 5,600 metadata attributes.
This way, an agency’s IT folks and their tools will have access to thousands of new pieces of data about application and user behavior, user experience metrics and security events. “With Application Intelligence, they can discern how many users are accessing these applications, how long it takes to load screens, and the time it takes for queries to reach the database, for instance. With this information in mind, they can serve users’ performance needs and expectations better, and deliver a better user experience all around,” Khan explains.
The game changer
In essence, Gigamon Application Intelligence enables stronger cybersecurity by shining a light on all the packets of data traversing an agency’s networks. “Having a network visibility platform makes all network monitoring and security tools perform better, and allows organisations to adopt changes much faster and easier,” says Khan. “New customers often say ‘I didn't know what I was missing’.”
He describes Application Intelligence as “truly a game changer” for improving the user experience and security of any agency’s digital services. When asked for one thing he hoped to achieve this year, Khan’s response was simple: “We hope to show what this cutting-edge technology can do for government organisations, and the industry in general.”
To learn more about application intelligence, click here.