Clemson University Balances Network Performance and Security with Gigamon

A case study detailing how Clemson University enhanced its network infrastructure and security posture.

Introduction

Clemson University, with its sprawling 1,400-acre campus, houses extensive facilities including classrooms, research labs, power stations, and supervisory control and data acquisition (SCADA) systems. Protecting these diverse assets and the network connecting them presents a significant challenge for the university's IT infrastructure and operations team.

John Hoyt, Director of Security Infrastructure and Operations, highlighted the delicate balance required: "Students, faculty, and researchers—including those traveling abroad—all want to connect, collaborate, and share over an open network easily, but at the same time, my team is responsible for protecting sensitive, critical assets like their data and research. It can be tough to maintain a balance between network access, performance, and protection."

The Challenge: 100Gb Upgrade and NetFlow Loss

When Clemson University upgraded its network to 100Gb speeds using equipment from Juniper Networks, a critical issue arose: the new networking equipment no longer supported NetFlow. For years, Hoyt's team had relied on NetFlow to analyze network traffic, gain insights into usage patterns, and identify potential security risks. The loss of NetFlow was a serious impediment, as it was essential for troubleshooting incidents and tracking down problem users and systems.

Hoyt stated, "I understand the need to upgrade a network to meet the demands for increased throughput. But for my team, the loss of NetFlow was a serious issue. We depend on NetFlow to give us the broad and deep visibility we need to troubleshoot incidents and track down problem users and systems."

Gigamon Recommendation

In the higher education sector, where collaboration and information sharing are common, peer recommendations carry significant weight. Hoyt noted, "Universities are different from corporations, which may be less inclined to share 'competitive' information. In higher education, we're in this fight together. If I have questions, I turn to the community. If someone reaches out to me, I'm happy to share lessons learned. My community colleagues are an invaluable source of trusted information, and when they recommended Gigamon, I listened."

The Solution: Gigamon Visibility and Analytics Fabric

Following peer advice and conducting careful due diligence, Clemson University selected Gigamon's Visibility and Analytics Fabric. This solution was chosen for its cost-effectiveness, its ability to support 100Gb throughput, and its compatibility with IPv6 and NetFlow Version 9.

Customer Benefits

Maintained security after the 100Gb network upgrade.
Increased NetFlow capacity from 30,000 flows/second to 70,000 flows/second.
Optimized the existing security stack.
Achieved over 75 percent increase in network visibility.
Reduced false positives by over 60 percent.

Increased Visibility and Security

With the Gigamon platform implemented, Clemson gained confidence in its ability to conduct broader and deeper inspections of network traffic. Hoyt's team successfully increased the flow rate, enabling more comprehensive monitoring. Hoyt commented,

? To protect the university from cyberthreats, we need to know our network — and Gigamon — provides the visibility we need to know what's traversing our network. Our board of directors and executive staff are prioritizing security, and they understand how challenging it is for my team to do our jobs without adequate network visibility.

Optimized Security Stack and Operations

The Gigamon Visibility and Analytics Fabric, with its NetFlow support, allows Hoyt's team to obtain a high-level metadata view of network information, including data location, author, and timestamps. Through Flow Mapping®, they can now prioritize which tools receive specific data. Furthermore, Clemson extended its capabilities with additional GigaSMART® applications, which enhance the fabric's functions. These include de-duplication to reduce packet-processing overhead on security tools and load balancing to distribute monitoring across multiple devices, thereby improving visibility into packet contents.

Hoyt expressed satisfaction with the improved monitoring: "I always felt we were barely scratching the surface with our network monitoring. My highest priority was finding a solution that allowed us to watch more than the ocean of data passing at the network border, which allowed us to sharpen our focus on the data we care about most."

The SecOps team now feels more assured that they are not missing important traffic and can effectively highlight and inspect activity of interest. This strategic approach has led to a 60 percent reduction in false positives and an optimization of inline security tool performance.

Conclusion

Ultimately, Gigamon enabled Clemson University to support its staff and research students with the necessary network speed for their projects. Crucially, it ensured that the university's security posture remains robust and resilient against today's evolving threat landscape.

	Gigamon GigaSMART Intelligent Traffic Handling Data Sheet Explore Gigamon's GigaSMART solution for intelligent traffic handling, enhancing network visibility, traffic management, and tool efficiency. Learn about key benefits, features, and ordering information for GigaSMART applications across Gigamon's hardware platforms.
	Gigamon GigaVUE-TA100 Hardware Installation Guide Comprehensive installation guide for the Gigamon GigaVUE-TA100 Traffic Aggregator, detailing hardware setup, connections, configuration, and safety procedures for network visibility and analytics.
	Gigamon GigaVUE-FM & GigaVUE-OS Factory Reset Guidelines Comprehensive guidelines for performing a factory reset on Gigamon GigaVUE-FM and GigaVUE-OS devices. Learn the procedures for clearing configurations, logs, licenses, and data to restore devices to their default state.
	GigaVUE-OS Security Hardening Guide This guide provides best practices for securing the Gigamon GigaVUE-OS operating system, covering physical and network controls, cryptographic best practices, and other security hardening measures to protect against threats.
	GigaVUE-OS CLI Reference Guide A comprehensive guide to the GigaVUE-OS Command Line Interface (CLI), detailing commands, syntax, and configuration examples for Gigamon visibility platform nodes.
	GigaVUE-OS CLI Reference Guide v5.14 This comprehensive reference guide details the GigaVUE-OS Command-Line Interface (CLI), providing essential information for configuring and managing Gigamon's network visibility platform, including GigaVUE-HC and TA series nodes.
	Gigamon GigaVUE-FM Installation and Upgrade Guide v5.15 This guide provides comprehensive instructions for installing and upgrading Gigamon's GigaVUE-FM Fabric Manager (version 5.15) across various platforms including VMware ESXi, AWS, Azure, MS Hyper-V, and KVM.
	GigaVUE-TA25E Hardware Installation Guide This guide provides detailed instructions for the installation of the Gigamon GigaVUE-TA25E hardware, covering setup, connections, and configuration.