Skip to main content
Cequence eBPF Sensor

Search

Configuring Gigamon Precryption

© 2024 Cequence Security. All Rights Reserved.

Configuring Gigamon Precryption

  • Updated on
  • ~ minute read
Download PDF

The Cequence Unified API Protection (UAP) platform can integrate with the GigaVUE Fabric Manager to examine encrypted network traffic. Integrating the Cequence UAP platform with GigaVUE requires Gigamon Precryption.

Prerequisites

Before you start, confirm that you have an active Precryption license. You also need access to a Cequence UAP platform instance with Cequence Sensor.

Configuring GigaVUE Fabric Manager

Integrating the GigaVUE Fabric Manager with the Cequence UAP platform requires you to set up a monitoring domain, a policy, and an output tunnel.

  1. Log in to the GigaVUE Fabric Manager.
    The GigaVUE management dashboard appears.
  2. Select Containers > Universal Cloud Tap-Container (UCTC).
    The New Monitoring Domain dialog box appears.
  3. In the Monitoring Domain Name, Connection Name, and Cluster Name fields, type a name.
  4. Select a cluster endpoint URL from the drop-down.
  5. In the upper right corner, click Save.
    The new Monitoring Domain is ready and the New Monitoring Domain dialog box closes.
  6. Create a new connection to the Monitoring Domain. (TKK we never discuss how exactly this connection is made)
  7. Click the Monitoring Domain tab.
    The Monitoring Domain tab displays all the UCTC pods on the GigaVUE instance.
  8. Click Discovered Sources.
    GigaVUE filters the list of UCTC pods to show only pods that are currently running on the cluster.
  9. Verify that the new monitoring domain is present in the list of UCTC pods.
  10. Click the Traffic icon > Universal Cloud Tap-Container.
    The policy wizard appears.
  11. Type a policy name in the policy wizard.
  12. From the drop-down selectors, choose the Monitoring Domain created earlier in this procedure.
  13. From the drop-down selectors, choose the connection created earlier in this procedure.
  14. Select Precryption Policy, then click Next.
    The wizard advances to the Source Selector.
  15. In the Source Selector, type a name for the Source Specification.
  16. Specify sources and the inclusion and exclusion criteria for those sources.
    Click the + or - buttons to add or remove criteria or sources.
  17. Source Specification Name: <source selector name>
  18. Inclusion Criteria: You can select all sources or specific namespaces, services and pods to capture the traffic. In this example, we have chosen to capture traffic for the 'cequence' namespace only.
  19. Exclusion Criteria: You can exclude specific namespaces, services and pods to be ignored while capturing the traffic. In this example, we have chosen to ignore traffic to and from 'uctc' pods.
  20. Click Save.
    The wizard advances to Rules.
  21. In Name, type the name of the Cequence Sensor.
  22. In Tunnel Type, select VXLAN.
  23. In Destination IP, type the IPv4 address of the Cequence Sensor.
  24. In Destination Port, type 4789, then click Next.
    The wizard advances to Deploy.
  25. Click Deploy.

The Cequence UAP platform is now integrated with the GigaVUE Fabric Manager.

 

Was this article helpful?
Japanese (Japan)