Gigamon & Zscaler unveil Zero Trust access integration

Gigamon has partnered with Zscaler on an integration for Zero Trust Private Access. The offering is available in limited access for joint customers.

The integration combines Zscaler Private Access, or ZPA, with Gigamon Application Metadata Intelligence, or AMI, to give security and operations teams more visibility into application activity across Zero Trust and hybrid cloud environments.

It is aimed at organisations replacing legacy virtual private networks with Zero Trust Network Access systems and seeking more insight into what users do after they are granted access to private applications.

Under the arrangement, ZPA provides identity-based access controls, while Gigamon adds application metadata and network-derived telemetry. This can help teams investigate incidents, check policy enforcement, and look for signs of lateral movement between systems.

The setup captures East-West traffic forwarded from the Zscaler App Connector to private applications. Gigamon said its AMI product extracts and enriches nearly 6,000 metadata attributes from network traffic, including application behaviour indicators, DNS queries, SSL certificate details, and latency telemetry.

Visibility gap

The launch addresses a common issue for security teams working across hybrid cloud systems. Gigamon cited a survey of more than 1,000 security and IT leaders in which 45 per cent said visibility was their main security challenge, despite continued spending on security tools.

The problem has grown more acute as companies spread applications and workloads across on-premise systems, private environments, and public cloud infrastructure. Zero Trust models can limit who gets access to an application, but monitoring activity after that point can still be difficult, particularly when traffic is encrypted or moving laterally within networks.

Gigamon said the joint approach is intended to link the identity and location of a user's access request with metadata showing how the application is used. That context can then be passed to downstream monitoring, analytics, and security operations tools.

The companies positioned the integration as a way to validate least-privilege policies and extend oversight beyond encrypted tunnels. They said it can also help security teams isolate performance issues affecting users, applications, and hybrid cloud infrastructure.

Partner comments

Srinivas Chakravarty outlined how the companies view the division of roles between access control and network visibility.

"Zero Trust access determines who can connect to an application. Deep observability helps organizations understand what happens after access is granted," said Srinivas Chakravarty, Vice President, Cloud Ecosystem at Gigamon. "By combining Zscaler Private Access with Gigamon AMI, customers can detect lateral movement faster, validate policy, and give security teams the application-level context needed to accelerate investigations."

Zscaler described the tie-up as an extension of the Zero Trust model for private applications accessed by distributed users.

"Organisations are adopting Zero Trust architectures to securely connect users to private applications from anywhere, without exposing the apps to the internet," said Satish Madiraju, Vice President, Product Management at Zscaler. "By integrating ZPA with Gigamon AMI, customers can gain deeper visibility into application activity and user behaviour after access is granted, helping security teams strengthen Zero Trust operations, accelerate investigations, and detect lateral movement faster."

Market context

The partnership reflects a broader shift in cybersecurity spending towards tools that work across mixed infrastructure rather than only within traditional corporate networks. As companies move away from older VPN models, suppliers are trying to fill gaps between identity-based access, network monitoring, and incident response.

ZPA is designed to give users secure access to private applications based on business policies without placing them directly on the corporate network. Gigamon's AMI technology, meanwhile, focuses on metadata drawn from network traffic to provide another layer of operational and security context.

For customers already using both vendors, the integration offers a way to connect those datasets without relying solely on endpoint or log-based monitoring. That matters in environments where security teams want to track suspicious communication between workloads and applications after a user session has already been approved.

The limited-access launch suggests the companies are initially targeting existing shared customers before making the integration more widely available. Gigamon said the product is available now for joint Gigamon and Zscaler customers.