Key outcomes from the Gigamon & Vectra AI Demonstration:
- Traffic capture and analysis: utilizes the GigaVUE Cloud Suite from Gigamon to effectively capture Kubernetes traffic, using the vSeries node and the UCT for comprehensive visibility.
- Vectra AI sensor processing: the captured traffic is forwarded to Vectra AI sensors over VXLAN, which undergoes decapsulation, optimization and transformation into metadata.
- AI-Driven threat detection: Vectra AI’s brain utilizes supervised and unsupervised models to analyze the metadata, detecting attacks by analyzing adversarial behavior.
- Reduced workload and effort due to alert prioritization and correlation; allows for consolidation and retirement of legacy IDS capabilities.
- Known threat matching: this component, based on the Suricata engine, complements the AI brain by identifying threats that match known signatures, enhancing the detection of both known and unknown threats.