I had the opportunity to visit with some of the Gigamon folks at their Milpitas, California, office last week as part of the Net Field Day 2 event and, frankly, what they showed us scared the shit out of me.
Gigamon has a variety of products in their line-up. At the most basic is the G-TAP, a “totally photonic” tapping system. Each G-TAP unit supports up to 8 optical uplinks — single mode, multi-mode, 1 gig, 10 gig, you name it.
At the top of the product line-up is the GigaVUE-HD8, sporting a 1.024 Tbps non-blocking backplane that can handle up to 96 10GbE ports. The company reps we spoke with ensured us that bigger, beefier boxes are coming. That’s a shitload of data to be siphoning up.
For an awesome overview of the Gigamon products, check out Matt Simmons’ article “Gigamon…fixing problems you didn’t know about”.
Kurt Bales called it one of “the greatest tools I never knew I needed” and, from a purely network management/troubleshooting/security perspective, I have to agree.
As far as use cases go, Gigamon’s literature specifically mentions “Telco 4G LTE” and “banking data center” deployments. If you have tens or hundreds of gigabits per seconds of data traffic that you need to monitor, these Gigamon boxes could be just what you need.
They have some pretty awesome filtering capabilities, allowing you to drill down and only capture the specific data you want. Like if, you know, you’re from the government and want to keep an eye on a certain user… or all users visiting a certain website… or specific SIP traffic coming out of a company’s network… or…
It was just this year that we read about various governments in the Middle East shutting down BGP links, spying on their users, and blocking access to various websites.
At first I thought maybe I was just being paranoid, but then Tony Bourke apparently had the same thought as me:
I mean, we all know that the U.S. government wouldn’t spy on innocent citizens, right?
Two things tell me that they would:
- the mere fact that a @GigamonFederal twitter account exists, and
- that the Department of Defense is listed as a Gigamon customer.
Am I being overly paranoid? You tell me.
{ 4 comments… read them below or add one }
You might just be paranoid, not overly though. It’s a fine distinction.
Like the feds don’t already know about you. ;-)
Like any tool, it can be used for good or bad.
For example many service provider routers have support for Lawful Intercept functionality (i.e. wiretaps). This is necessary to comply with U.S. legal requirements, to facilitate wiretaps that are used to prevent crime and terrorism etc. On the other hand these wiretap tools can be misused by governments around the world to invade privacy, suppress dissent, etc.
There are many other examples that one might consider, but the essential point is generally the same – technology doesn’t violate human rights, people that misuse technology do. We either make it a crime for good guys to use technology, or we risk the possibility that bad guys will also use the same technology. :(
Wonder if they can tap DWDM links.
{ 3 trackbacks }