Seeing what others miss: A conversation with Gigamon COO Gareth Maclachlan

Gigamon COO Gareth Maclachlan on deep observability, the Elastic AI Ecosystem partnership, and AI traffic governance for security teams

Summary
  • Elasticsearch and Elastic Security can ingest Gigamon's enriched network telemetry in near real time, helping security teams detect lateral movement and investigate threats across hybrid and multicloud environments.
  • Gigamon's Application Metadata Intelligence (AMI) — mapped to the Elastic Common Schema (ECS) — provides enriched network context that organizations can use to validate Zero Trust policies against observed network activity.
  • Gigamon AI Traffic Intelligence provides visibility into generative AI and LLM traffic across a broad set of AI applications and services, helping organizations identify and manage shadow AI usage.
  • Together, Gigamon and Elastic help more than 4,000 joint customers worldwide, including many of the Fortune 100, improve network visibility and accelerate security investigations, reducing mean time to detect and respond to threats.

You can't secure what you can't see. That's been Gigamon's North Star for more than two decades. And as hybrid cloud and AI have exploded the attack surface, Gigamon’s network visibility platform has become more essential than ever. We sat down with Gigamon’s COO Gareth Maclachlan to talk about our partnership, what deep network observability means for security teams today, and where we are headed together.

Gigamon has been in network visibility for over 20 years. Where do you sit in today's AI-driven security landscape?

The attack surface has transformed. You've got workloads distributed across on-premises infrastructure, public cloud, private cloud, and edge environments. And now, AI is both something organizations are deploying and something attackers are exploiting. Our response has been to go deeper with the Deep Observability Pipeline: real-time, network-derived telemetry enriched with application-level context across every layer of the hybrid environment. We serve more than 4,000 customers globally, including over 80% of the Fortune 100 and hundreds of government organizations. The challenge is universal, and the need for visibility has never been greater.

One of the newest dimensions is AI governance itself. We launched AI Traffic Intelligence to give security teams visibility into generative AI and large language model (LLM) traffic across more than 40 AI engines. Shadow AI is one of the fastest-growing risk vectors right now, and most organizations have zero visibility into it. We're changing that.

What brought Gigamon to Elastic and what made it the right partnership?

Honestly, our customers brought us there. We kept hearing that teams loved the quality of our network telemetry but needed a platform that could ingest it at scale, correlate it across data sources, and surface actionable insights quickly. Elastic came up again and again. Its ability to handle high-volume, high-velocity data — with the speed and searchability security teams need — was exactly the right complement to what Gigamon provides. And the philosophy aligned: open standards, no walled gardens, and meet customers where they are. That's how we think about our ecosystem, too. The recognition of Elastic as our Alliance Partner of the Year wasn't a formality; it reflected a genuinely collaborative relationship at every level.

How do the two platforms work together in practice?

Gigamon's Application Metadata Intelligence (AMI) captures enriched network metadata at every layer without requiring full packet decryption. That telemetry, normalized to Elastic Common Schema, flows directly into Elastic Security. Elastic ingests it in near real time; correlates it with endpoint data, threat intel, and cloud logs; and puts it in front of analysts in a unified environment. For Zero Trust, specifically, the combination enables continuous policy validation — you're not just setting policy and hoping; you're verifying against live network behavior constantly. The use cases our joint customers value most include lateral movement detection, threat hunting, compliance and encryption audit trails, and now, AI traffic governance.

What's the before-and-after for a customer?

Before, they had alerts; after, they have answers. It's the difference between looking through a keyhole and an open door: Security teams that were flying partially blind — with good endpoint and cloud log visibility but had a network blind spot — suddenly see the full picture. Investigations that took days now take hours. And in the public sector, especially, the compliance posture shift is significant: Agencies can demonstrate continuous monitoring and enforce Zero Trust with real data, not assumptions.

Where is this partnership heading?

We're deepening integration around Gigamon Insights — our agentic AI application built on network-derived telemetry. The vision is that Elastic surfaces the detection, and Insights guides the analyst through response, pulling in network context to accelerate the investigation automatically. Longer term, I'm most excited about what this means for the public sector. Government agencies face some of the most sophisticated threats in the world. The Gigamon–Elastic combination gives those agencies a world-class security foundation. And the mission impact of that is real.

It's the difference between looking through a keyhole and an open door.

Gareth Maclachlan, COO, Gigamon

Learn more

Explore how Gigamon and Elastic work together to deliver deep network visibility and AI-powered security analytics and what it means to be part of the Elastic AI Ecosystem.

Gigamon is a proud member of the Elastic AI Ecosystem

The Elastic AI Ecosystem brings together the most widely deployed, open source vector database with industry-leading AI technology partners — reducing complexity and accelerating how organizations build and deploy AI-powered applications. Gigamon's Deep Observability Pipeline and AI Traffic Intelligence capabilities make it a natural fit in an ecosystem purpose-built for intelligent, data-driven security.

 

The release and timing of any features or functionality described in this post remain at Elastic's sole discretion. Any features or functionality not currently available may not be delivered on time or at all.

In this blog post, we may have used or referred to third party generative AI tools, which are owned and operated by their respective owners. Elastic does not have any control over the third party tools and we have no responsibility or liability for their content, operation or use, nor for any loss or damage that may arise from your use of such tools. Please exercise caution when using AI tools with personal, sensitive or confidential information. Any data you submit may be used for AI training or other purposes. There is no guarantee that information you provide will be kept secure or confidential. You should familiarize yourself with the privacy practices and terms of use of any generative AI tools prior to use. 

Elastic, Elasticsearch, and associated marks are trademarks, logos or registered trademarks of elasticsearch B.V. in the United States and other countries. All other company and product names are trademarks, logos or registered trademarks of their respective owners.