IOT IS EXPANDING FASTER THAN IT CAN BE SECUREDThe number of IoT devices is exponentially increasing on enterprise OT and IT networks, often without administrators’ awareness or knowledge of their connection, location, or specific purpose. These devices present unique challenges to discovery and risk assessment as they typically access the network without authentication or an associated user. They are highly vulnerable, often running rudimentary or minimized versions of legacy operating systems without basic client protection software. Additionally, they are commonly closed, proprietary systems with minimal or no patching capabilities to defend themselves; installation of security software or device management agents is rarely an option.

Conclusion: IoT/OT devices introduce vulnerabilities and blind spots in network security, significantly increasing the potential for risk due to service disruption, data theft, or compromise leading to ransomware and other attacks.

TAKE CONTROL OF YOUR ENTERPRISEA basic tenet of network security and regulatory compliance is that “You cannot secure what you cannot see.” Gigamon and Ordr have teamed to deliver unsurpassed visibility and control into every thing connected to your network including unmanaged workstations and servers, industrial and medical devices, building automation systems, smart offices, payment processors in PCI zones, as well as mobile and personal assistant devices.

Gigamon Visibility & Analytics Fabric

• Efficiently collects full-fidelity information from your physical,

virtual, and cloud infrastructures

• Optimizes information sent to tools to maximize their efficiency

and ROI, such as performing de-duplication and advanced filtering

• Relieves “SPAN” limitations and capacity to support monitoring

requirements of the entire organization and all consumers

• Supports TLS decryption, ensuring traffic visibility with increasing

use of encryption

• Aggregates collected traffic to create a consistent view of all

information-in-motion

Ordr Systems Control Engine

• Rapidly inventories and classifies all devices including IoT and OT

assets in your domain with high-resolution details

• Automatically groups and tracks devices by type, business function,

OS type, and location

• Assesses devices for vulnerabilities and risk, then learns device

behaviors to establish baselines of safe communication and quick

detection of anomalous activity

• Rapidly stops active threats and isolates compromised devices

• Protects critical IoT/OT devices using microsegmentation

Gigamon and Ordr Joint Solution Brief

Comprehensive IoT/OT discovery, classification, and regulation

V1.0 MAY 2020 1

Gigamon1. Collects and aggregates traffic from all critical network points

2. Optimizes data forwarding, processing, and extraction

3. Sends the right information to Ordr in proper format

4. Serves as foundation for all current and future network and security

monitoring requirements

Ordr1. Identifies all devices including IoT/OT with rich context

2. Establishes baselines for safe behavior to detect anomalies and

generate Zero Trust policies

3. Assesses all devices and communications for risk

4. Protects IoT/OT devices via microsegmentation policies

The Joint Solution

INTERNET

ORDR SENSOR

ORDR SYSTEMS CONTROL ENGINE

PUBLIC CLOUD

BRANCH

FIREWALL

ROUTERS

SPINE SWITCHES

LEAF SWITCHES

GIGAMON VISIBILITY AND ANALYTICS FABRICPHYSICAL, VIRTUAL, AND CLOUD NODES

CONNECTED IT, OT, IOT

VIRTUAL SERVER FARM

IPS APM NPMD SIEM ThreatINSIGHT

PHYSICAL, VIRTUAL,

AND CLOUD

METADATA ENGINE

APPLICATION INTELLIGENCE

SSLDECRYPTION

INLINE BYPASS

V1.0 MAY 2020 2

ORDR TRANSFORMS GIGAMON VISIBILITY AND ANALYTICS FABRIC DATA INTO HIGH-FIDELITY DEVICE CONTEXT…

…AND PROVIDES COMPLETE VISIBILITY INTO ALL DEVICE COMMUNICATIONS.

Ordr Systems Control Engine (SCE) is the industry’s most comprehensive platform for visibility and security of unman-aged, IoT and OT devices. Ordr leverages passive, deep packet inspection and protocol decoding to auto-classify every device and extract rich context such as make, model, OS, and software/hardware versions. Device asset inventory is correlated against industry security feeds to detect vulnerabilities, and traffic monitored with intrusion detection to detect threats, assess risk, and to establish baselines for normal and safe device communications. Device baselines (or flow genomes) enable Ordr to alert on anomalous behavior and dynamically generate microsegmentation policies to protect critical IoT/OT.

To ensure comprehensive data classification and visibility into all communications, it is essential to have comprehen-sive, enterprise-wide traffic collection—enter Gigamon! The Gigamon Visibility and Analytics Fabric (VAF) optimizes data collection of all north-south and east-west traffic across branch, campus, data center and cloud. Collected data is efficiently delivered to consumers like Ordr in the required format and physical medium. The Gigamon VAF feeds Ordr’s big data machine-learning engine to gain complete visibility into all device communications. Gigamon also eliminates SPAN scarcity issues or worrying about oversubscribing a switch with “yet another SPAN port or session.” Furthermore, the Gigamon VAF can significantly reduce the number of sensors required to completely discover and monitor every network-connected device, simplifying your network and security monitoring architecture.

Total Network Visibility And Security

V1.0 MAY 2020 3

About Ordr

At Ordr, we’re energized by the explosive growth in

network-connected systems and devices. We recognize

the tremendous opportunities that this represents for the

hyper-connected enterprise: improved delivery of care,

efficient logistics and operations, quality enhancements

in manufacturing, more stable and intelligent busi-

ness-critical systems. We’re energized because we give

you the power to take control and realize these myriad

opportunities.

Learn more at www.ordr.net.

About Gigamon

Gigamon is the recognized leader in network visibility

solutions, delivering the power needed to see, secure

and empower enterprise networks. Our solutions

accelerate threat detection and incident response

times while empowering customers to maximize their

infrastructure performance across physical, virtual and

cloud networks. Since 2004 we have cultivated a global

customer base which includes leading Service Providers,

Government Agencies as well as Enterprise NetOps and

SecOps teams from more than 80 percent of the Fortune

100.

For the full story on how we can help reduce risk,

complexity, and cost to meet your business needs, visit

our website at www.gigamon.com.

The Gigamon Visibility and Analytics Fabric provides the insight into your network that makes it possible for Ordr SCE to keep track of your devices and understand how they communicate. The VAF enables traffic from across the network to be managed and selectively delivered to Ordr SCE efficiently and in the required format. Ordr SCE can be deployed in the data center or in the cloud, and because the Gigamon VAF can tap east-west data center traffic and monitor virtual and cloud networks, the two tools work seamlessly together in either configuration.

Numerous customers already deploy the joint Gigamon and Ordr solution in their networks, enjoying unparalleled network and device visibility and control. For more information, contact your reseller for a demonstration of the winning combination of Ordr’s sophisticated AI and Gigamon’s total visibility.

Summary