Story image

The public cloud dilemma with virtualised network monitoring

21 Jun 16

Managing security in a virtualised environment in critical, according to Ixia, following the release of Cisco’s Global Cloud Index this week forecasting a dramatic shift from private to public cloud in the next three years.

“Public cloud offers great elasticity and scalability. However, many businesses face issues when shifting workloads to the public cloud,” says Stephen Urquhart, general manager, Ixia Australia and New Zealand.

“The biggest struggle is to achieve the same level of network performance and security monitoring as that of their private data center,” he explains.

According to a recent Ixia survey on virtualisation, 67% of respondents use virtualisation for business-critical applications. However, only 37% monitor their virtualised environment like they monitor their physical network environment.

“Before companies can trust the public cloud to run business critical applications reliably and securely, they need to feel comfortable monitoring virtual application traffic, starting with their own data center,” says Urquhart.

“Without this competence, a shift to the public cloud will be risky.”

Ixia has identified five key stages for businesses to develop virtual network monitoring competency and ensure a safer transition to the public cloud.

Copy traffic from the virtual machines (VMs) of interest in your data center. 

This can be done by configuring a virtual switching layer that copies the traffic or adding a packet capture agent to the VM. Packets are the single units of data in a network.

Perform basic filtering.

Filtering virtual traffic before it impacts a host computer is important as it will reduce the amount of traffic and help avoid system overload. East-west traffic between computers or machines in your own data center is much larger than north-south traffic entering and exiting the host. Filtering stops the system being overwhelmed with traffic.

Perform advanced packet manipulation and grooming. 

This phase of advanced and intelligent visibility includes packet manipulation, packet grooming, and brokering. It can lead to much greater tool efficiency and additional security protections.

Filter the groomed traffic through analysis tools. 

This may be done on the same host network or large amounts of copied network traffic may need to exit the host using a tunnelling protocol, where it can be filtered externally.

Analyse the traffic for insights. 

Out-of-band security and performance monitoring tools capture packets for analysis and alerting. Inline security tools analyse the packets for threats. This helps identify key weaknesses that need to be fortified prior to transitioning to public cloud.

 “It can be challenging to find the right balance of system resource usage for virtual applications versus virtual monitoring,” Urquhart says.

“Increased visibility will, in turn, take processing, memory and network bandwidth away from the monitored applications.

“Choosing the best strategy that meets performance and security monitoring goals will depend on the application you are monitoring, where you are running the application, the virtualisation software you are using, and the outcome you want to achieve,” he says.

Dell dominates enterprise storage market, HPE declines
The enterprise storage system market continues to be a goldmine for most vendors with demand relentlessly rising year-on-year.
The key to financial institutions’ path to digital dominance
By 2020, about 1.7 megabytes a second of new information will be created for every human being on the planet.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.
Record revenues from servers selling like hot cakes
The relentless demand for data has resulted in another robust quarter for the global server market with impressive growth.
Opinion: Critical data centre operations is just like F1
Schneider's David Gentry believes critical data centre operations share many parallels to a formula 1 race car team.
MulteFire announces industrial IoT network specification
The specification aims to deliver robust wireless network capabilities for Industrial IoT and enterprises.
Google Cloud, Palo Alto Networks extend partnership
Google Cloud and Palo Alto Networks have extended their partnership to include more security features and customer support for all major public clouds.
DigiCert conquers Google's distrust of Symantec certs
“This could have been an extremely disruptive event to online commerce," comments DigiCert CEO John Merrill.