Gigamon GigaVUE Cloud Suite for AWS Secret Regions Software User Guide

GigaVUE Cloud Suite for AWS SecretRegions Guide
GigaVUE Cloud Suite
Product Version: 5.13
Document Version: 1.0
(See Change Notes for document updates.)

GigaVUE Cloud Suite for AWS SecretRegions Guide

Change Notes
When a document is updated, the document version number on the cover page will indicate a new version and will provide a link to this Change Notes table, which will describe the updates.

Product Version| Document Version| Date Updated| Change Notes
---|---|---|---
5.13.00| 1.0| 08/13/2021| The original release of this document with 5.13.00 GA.

Change Notes
Copyright 2021 Gigamon Inc.. All rights reserved.
Information in this document is subject to change without notice. The software described in this document is furnished under a license agreement or nondisclosure agreement. No part of this publication may be reproduced, transcribed, translated into any language, stored in a retrieval system, or transmitted in any form or any means without the written permission of Gigamon Inc..
Trademark Attributions
Gigamon and the Gigamon logo are trademarks of Gigamon in the United States and/or other countries. Gigamon trademarks can be found at
www.gigamon.com/legal-trademarks. All other trademarks are the trademarks of their respective owners.
Gigamon Inc.
3300 Olcott Street
Santa Clara, CA 95054
408.831.4000

GigaVUE Cloud Suite for AWS

GigaVUE® Fabric Manager (GigaVUE-FM) is a web-based fabric management interface that provides a single pane of glass visibility and management of both the physical and virtual traffic that form the GigaVUE Cloud Suite Cloud.
GigaVUE-FM integrates with the Amazon Elastic Cloud Compute (EC2) APIs and deploys the components of the GigaVUE Cloud Suite for AWS in the Virtual Private Cloud (VPC). The GigaVUE Cloud Suite for AWS consists of the following components:

• GigaVUE-FM
• GigaVUE V Series node
• GigaVUE V Series controller
• GigaVUE Cloud Suite G-vTAP controller

GigaVUE-FM is launched by subscribing to the GigaVUE Cloud Suite for AWS in the AWS Marketplace.
Once the GigaVUE Cloud Suite for AWS instance is launched, the rest of the Amazon Machine Images (AMIs) residing in the AWS Marketplace are automatically launched from GigaVUE-FM based on the specifications in the GigaVUE-FM interface. GigaVUE Cloud Suite is available in both the public AWS cloud and in AWS GovCloud and supports the Bring Your Own License (BYOL) model and the hourly Pay-As-You-Go (PAYG) model that you can avail from the AWS Marketplace.
This guide describes how to deploy the GigaVUE Cloud Suite on the Amazon Web Services (AWS) cloud. For information about installing GigaVUE-FM in your enterprise data center, refer to the “Installation and Upgrade” section in the GigaVUE Fabric Management Guide available in the Gigamon Documentation Library.

GigaVUE Cloud Suite for AWS Secret Regions

Commercial Cloud Services (C2S) and Secret Commercial Cloud Services (SC2S) are the secure AWS Secret Regions for the Intelligence Community (IC) of U.S. Government. In GigaVUE-FM, a user with the appropriate agency name, mission, and role can toggle to an AWS Secret Region (C2S or SC2S) for IC’s Cloud environment. Refer to GigaVUE Cloud Suite for AWS Guide for detailed information on regular AWS configuration.

About AWS Secret Regions
There are more security enhancements and features contained in AWS secret regions than a regular AWS cloud service. Following are the key features of AWS secret regions.

• No outbound internet access—Users can not access GigaVUE-FM and C2S/SC2S services without a proxy connection.

• The reduced set of AWS services and/or components—Secret Regions have a limited set of AWS services and resources. While many fundamental AWS services such as EC2 and S3 are available, many of the managed services like AWS Elastic BeanStalk, AWS EFS, AWS Lambda, AWS CodeDeploy, AWS CodeCommit, etc. are absent.

• Secured access—Access to the IC’s cloud environment is based on two-way SSL communication through PKI certificates. For the IAM users, access to C2S/SC2S is only through tokens. C2S/SC2S has a built-in CAP module that is placed between the vendor software and the IAM services.
  o For C2S, GigaVUE-FM calls CAP for AWS token bypassing the appropriate Agency, Mission, and Role.
  o For SC2S, GigaVUE-FM first calls CAP to retrieve the agency, account name, and role name then pass in the appropriate agency, account name, and role.
  NOTE: The session token is always associated with expiration and GigaVUE- FM needs to renew the session token before expiration.

• Network differences—The AWS secret regions utilize service endpoints with different DNS names and require users to provide the service endpoints.

Set up AWS Secret Region
To set up AWS Secret Region: About AWS Secret Regions

1. From the left navigation pane of GigaVUE-FM, select Inventory > VIRTUAL > AWS > Settings. The settings page appears.

2. On the Advanced tab of the Settings page, click Edit.

3. On Aws secret region field, select any of the following secret regions.
   Secret—C2S (Commercial Cloud Services)
   Top Secret—SC2S (Secret Commercial Cloud Services)

4. Click Save. Then the Secret Regions tab appears on the Settings page.

5. Click the Secret Region tab and then click Edit.

6.  On the Secret Region page, enter or select the values and files as follows.
   Click Certification, and select .pem files for certification, Click Trust Store, select a .pem file and enter a password for Trust Store.
   Select a .p12 file, and enter a password or Server Key.
   Enter CAP Base URL, and AWS EC2 Endpoint.

Set up AWS Secret Region

7. Click Save.

Additional Sources of Information

This appendix provides additional sources of information. Refer to the following sections for details:

• Documentation
• Documentation Feedback
• Contact Technical Support
• Contact Sales
• The Gigamon Community

Documentation
This table lists all the guides provided for GigaVUE Cloud Suite software and hardware. The first row provides an All-Documents Zip file that contains all the guides in the set for the release.
NOTE: In the online documentation, view What’s New to access quick links to topics for each of the new features in this Release; view Documentation Downloads to download all PDFs.
Table 1: Documentation Set for Gigamon Products
GigaVUE Cloud Suite 5.13 Hardware and Software Guides
DID YOU KNOW? If you keep all PDFs for a release in a common folder, you can easily search across the doc set by opening one of the files in Acrobat and choosing Edit > Advanced Search from the menu. This opens an interface that allows you to select a directory and search across all PDFs in a folder.
Hardware
how to unpack, assemble, rack-mount, connect, and initially configure ports the respective GigaVUE Cloud Suite devices; reference information and specifications for the respective GigaVUE Cloud Suite devices
G-TAP A Series 2 Installation Guide
GigaVUE-HC1 Hardware Installation Guide
GigaVUE-HC2 Hardware Installation Guide
GigaVUE-HC3 Hardware Installation Guide
GigaVUE M Series Hardware Installation Guide
GigaVUE TA Series Hardware Installation Guide
GigaVUE-OS Installation Guide for DELL S4112F-ON
Software Installation and Upgrade Guides
GigaVUE-FM Installation, Migration, and Upgrade Guide
GigaVUE-OS Upgrade Guide

Additional Sources of Information
Documentation
GigaVUE Cloud Suite 5.13 Hardware and Software Guides
Administration
GigaVUE Administration Guide
covers both GigaVUE-OS and GigaVUE-FM
Fabric Management
GigaVUE Fabric Management Guide
how to install, deploy, and operate GigaVUE-FM; how to configure GigaSMART operations; covers both GigaVUE-FM and GigaVUE-OS features
Cloud Configuration and Monitoring
how to configure the GigaVUE Cloud Suite components and set up traffic monitoring sessions for the cloud platforms
GigaVUE Cloud Suite for AnyCloud Guide
how to deploy the GigaVUE Cloud Suite solution in any cloud platform
GigaVUE Cloud Suite for AWS Guide
GigaVUE Cloud Suite for AWS Quick Start Guide
quick view of AWS deployment
GigaVUE Cloud Suite for AWS SecretRegions Guide
GigaVUE Cloud Suite for Azure Guide
GigaVUE Cloud Suite for Kubernetes Guide
GigaVUE Cloud Suite for Nutanix Guide
GigaVUE Cloud Suite for OpenStack Guide
GigaVUE Cloud Suite for VMware—GigaVUE-VM Guide
GigaVUE Cloud Suite for VMware—GigaVUE V Series Guide
GigaVUE Cloud Suite for VMware—GigaVUE-VM Guide
Reference
GigaVUE-OS CLI Reference Guide library of GigaVUE-OS CLI (Command Line Interface) commands used to configure and operate GigaVUE H Series and TA Series devices
GigaVUE-OS Cabling Quick Reference Guide
guidelines for the different types of cables used to connect Gigamon devices
GigaVUE-OS Compatibility and Interoperability Matrix
compatibility information and interoperability requirements for Gigamon devices
GigaVUE-FM REST API Reference in GigaVUE-FM User’s Guide
Sample uses of the GigaVUE-FM Application Program Interfaces (APIs) GigaVUE Cloud Suite 5.13 Hardware and Software Guides
Release Notes
GigaVUE-OS, GigaVUE-FM, GigaVUE-VM, G-TAP A Series, and GigaVUE Cloud Suite Release Notes new features, resolved issues, and known issues in this release ; important notes regarding installing and upgrading to this release
NOTE: Release Notes are not included in the online documentation.
NOTE: Registered Customers can log in to My Gigamon to download the Software and Release Notes from the Software & Docs page on to My Gigamon. Refer to How to Download Software and Release Notes from My Gigamon.
In-Product Help
GigaVUE-FM Online Help with how to install, deploy, and operate GigaVUE-FM.
GigaVUE-OS H-VUE Online Help provides links the online documentation.
How to Download Software and Release Notes from My Gigamon
Registered Customers can download software and corresponding Release Notes documents from the Software & Release Notes page on to My Gigamon. Use the My Gigamon Software & Docs page to download:

• Gigamon Software installation and upgrade images,
• Release Notes for Gigamon Software, or
• Older versions of PDFs (pre-v5.7).

To download release-specific software, release notes, or older PDFs:

1. Log in to My Gigamon
2. Click on the Software & Release Notes link.
3. Use the Product and Release filters to find documentation for the current release. For example, select Product: “GigaVUE-FM” and Release: “5.6,” enter “pdf” in the search box, and then click GO to view all PDF documentation for GigaVUE-FM 5.6.xx.

NOTE: My Gigamon is available to registered customers only. Newer documentation PDFs, with the exception of release notes, are all available through publicly available online documentation.
Documentation Feedback
We are continuously improving our documentation to make it more accessible while maintaining accuracy and ease of use. Your feedback helps us to improve. To provide feedback and report issues in our documentation, send an email to: documentationfeedback@gigamon.com
Please provide the following information in the email to help us identify and resolve the issue. Copy and paste this form into your email, complete it as able, and send. We will respond as soon as possible.

Documentation Feedback Form

About You| Your Name|
Your Role|
Your Company
For Online Topics| Online doc link| (URL for where the issue is)
Topic Heading| (if it’s a long topic, please provide the heading of the section
where the issue is)
For PDF Topics| Document Title| (shown on the cover page or in page header )
Product Version| (shown on the cover page)
Document Version| (shown on the cover page)
Chapter Heading| (shown in footer)
PDF page #| (shown in footer)
How can we improve?| Describe the issue| Describe the error or issue in the documentation. (If it helps, attach an image to show the issue.)
How can we improve the content?
Be as specific as possible.|
Any other comments?|

Additional Sources of Information
Documentation Feedback
Contact Technical Support See https://www.gigamon.com/support-and-services /contact-support for Technical Support hours and contact information. You can also email Technical Support at support@gigamon.com.
Contact Sales
Use the following information to Gigamon channel partner or Gigamon sales representatives.
Telephone: +1.408.831.4025
Sales: inside.sales@gigamon.com
Partners: www.gigamon.com/partners.html
Premium Support Email Gigamon at inside.sales@gigamon.com for information on purchasing 24×7 Premium Support.
Premium Support entitles you to round-the-clock phone support with a dedicated Support Engineer every day of the week.
The Gigamon Community
The Gigamon Community is a technical site where Gigamon users, partners, security and network professionals, and Gigamon employees come together to share knowledge and expertise, ask questions, build their network and learn about best practices for Gigamon products.
Visit the Gigamon Community site to:

• Find knowledge base articles and documentation
• Ask and answer questions and learn best practices from other members.
• Join special-interest groups to have focused collaboration around a technology, use-case, vertical market or beta release
• Take online learning lessons and tutorials to broaden your knowledge of Gigamon products.
• Submit and vote on feature enhancements and share product feedback. (Customers only)
• Open support tickets (Customers only)
• Download the latest product updates and documentation (Customers only)
  The Gigamon Community is a great way to get answers fast, learn from experts and collaborate directly with other members around your areas of interest.
  Register today at community.gigamon.com

Additional Sources of Information
Contact Technical Support

GigaVUE Cloud Suite for AWS SecretRegions Guide
Questions? Contact our Community team at community@gigamon.com.
Additional Sources of Information
The Gigamon Community

References

• Gigamon VÃœE Community
• Identity and access management for Amazon EC2 - Amazon Elastic Compute Cloud
• Managing IAM policies - AWS Identity and Access Management
• IAM roles - AWS Identity and Access Management
• AWS Marketplace: Homepage
• AWS Marketplace: Gigamon
• Logically Isolated Virtual Private Cloud—Amazon VPC – Amazon Web Services
• Gigamon VÃœE Community
• Gigamon VÃœE Community
• GigaVUE 5.11 Online Documentation
• Secure Login
• Documentation Library

Read User Manual Online (PDF format)

Download This Manual (PDF format)

Download this manual  >>