& cplSiteName &

Elastic Visibility Into Your Clouds – Without the Strain

Jeff Harris
1/10/2017
50%
50%

The rapid move to the cloud is understandable since it is so alluring: It is elastic, costs less to operate and manage and is scalable -- enhancing business agility. The latest Cisco Global Cloud Index states that by 2020, 92% of workloads will be processed in public and private cloud data centers and just 8% in physical data centers. But in engineering, there is no such thing as getting something for nothing. With cloud migration, the benefits of agility are realized at the expense of visibility and control.

When we surveyed a range of businesses on their virtualization practices, just 37% monitored their virtualized environments with the same rigor as their physical networks, revealing a big visibility gap when it comes to the cloud. While it may seem like a worthwhile trade-off today, it won't be if and when things go wrong.

For instance, malicious activity can happen right under a company's nose considering a significant portion of network traffic in virtualized environments doesn’t even hit a physical link or traditional monitoring tool. Moreover, virtualized networks introduce additional software layers that could be riddled with bugs. Organizations need to monitor their virtual networks even more rigorously than their physical counterparts. Not a risk worth taking, the visibility gap needs to be bridged quickly to ensure better control, maintain security no matter where their data goes and confirm the reliability of core business applications.

Inserting virtual network taps into the virtualized environment and sending the traffic to their monitoring, analytics and security tools should help the problem. Unfortunately, doing this would quickly flood these tools with data because internal "East-West" traffic in virtual data centers typically represents 80% of the total traffic. It would be like connecting a lawn sprinkler to a fire hydrant. Identifying and extracting only relevant traffic is key, but how can that efficiently be done efficiently? More so, how can virtual taps handle scaling up and down as virtual machines emerge and dissolve? Let's take a closer look at the key requirements for visibility and monitoring in virtual environments.

There are four key points to consider when deploying virtual for meaningful, granular access to critical application traffic on virtualized networks.


Want to know more about the companies, people and organizations driving developments in the test, monitoring and assurance sector? Check out Testapedia, the most comprehensive online resource covering the telecom test and measurement industry.


Horizontal scale: Cloud environments are attractive because they can scale up and down rapidly as user demands and workloads change. When placing virtual taps in a virtual network, ensure they can scale up to accommodate rapid growth in traffic volumes as well as user numbers and data interactions. The taps should do this automatically, without IT intervention. Virtualization means agility, so if an application or service expands to handle 10x or 100x the number of users, make sure the virtual tap in use can scale elastically -- without impacting application performance.

Securing in the dark: Virtualized networks are typically segmented using virtual firewalls to protect key applications and services from attack and to prevent compromising lateral movement in the virtualized environment. So the virtual taps used need to see the application and network traffic flowing between segments. With this comprehensive insight, it’s easier to make sure the appropriate security rules and policies governing each segment are being enforced.

More containers: As virtual machine use grows, container use multiplies even faster by as much as 10x or more since each application may employ multiple containers. An organization using container-based virtualization to boost application performance must have virtual taps that can access traffic in the container environment.

DevOps elasticity: When the DevOps team puts out a new build -- which doesn’t just cover new applications and services, but also updates to existing ones -- then that update propagates across the virtual environment. Individual virtual machines, containers and their hosted applications have shorter and shorter lifespans requiring continual awareness of the actual state of the environment. It is vital that these changes not block the entire traffic path or take the virtual tap down. As an example, consider how to archive and retrieve monitored traffic from a container that no longer exists. The tap is your sentinel, which has to maintain pervasive access to traffic to enable you to see what is happening on the virtual network: it must be fault-tolerant, even if the application it is monitoring fails.

These four points apply when monitoring any virtualized environment, whether public cloud, private cloud or software defined wide-area networks (SD-WANs). The virtual taps and the overall visibility solution need to be completely environment-agnostic.

Once the virtual taps have been deployed to extract traffic from the virtual machines in an environment, organizations can start processing packets. This can be done via network packet brokers, which keep duplicate data from overwhelming monitoring and security tools while ensuring they scale up/down as needed. Ultimately, data traffic should be broken up into manageable pieces using packet filtering, grooming and brokering processes, so security systems and analytics tools see everything.

Elastically scalable access is achievable for all the data crossing virtual networks and clouds through intelligent distribution to analytics and compliance tools. You do not have to give up visibility to gain cloud speed and cost advantages. Fortunately, you can have both with the right architecture.


CALLING ALL TEST, ASSURANCE AND MONITORING COMPANIES:
Make sure your company and services are listed free of charge at Testapedia, the comprehensive set of searchable databases covering the companies, products, industry organizations and people that are directly involved in defining and shaping the telecom test and measurement industry.



(1)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
danielcawrey
50%
50%
danielcawrey,
User Rank: Light Sabre
1/10/2017 | 4:09:03 PM
Visibility
I have long thought that these new systems, powered by servers far away and shuttled around with software - remain vulnerable. 

An improvement in visibility tools is certainly something that is needed. It will come, it's juts going to take time for there to be a footing in what we're looking for in these systems. 
More Blogs from Column
Will social media platforms be the next big disruptor of the pay-TV industry? Could be, but pay-TV providers have ways to respond to this and other threats.
Gigabit LTE is a must-have, not a gimmick, for operators around the globe.
What organizations can expect when becoming GDPR compliant and how they can effectively navigate it.
Is there an upside to Moore's Law slowing down? Actually, there are many.
As the industry looks to aggressively ramp up NFV efforts, it becomes critical for strong and interoperable industry standards to eliminate vendor lock-ins and create a marketplace for best-in-breed services.
From The Founder
Kicking off BCE 2017, Light Reading founder Steve Saunders lays blame for NFV's slow ramp-up and urges telecom to return to old-fashioned standards building and interoperability.
Flash Poll
Live Streaming Video
Charting the CSP's Future
Six different communications service providers join to debate their visions of the future CSP, following a landmark presentation from AT&T on its massive virtualization efforts and a look back on where the telecom industry has been and where it's going from two industry veterans.
Women in Comms Introduction Videos
Cisco: Mentoring Critical to Attract & Retain Women

7|19|17   |   6:40   |   (1) comment


Liz Centoni, senior vice president and general manager of Cisco's Computing System Product Group, shares why mentoring in all its forms is important for women and what Cisco is doing that's made a difference for women in tech.
LRTV Custom TV
Gigabit LTE With Snapdragon 835

7|12|17   |     |   (1) comment


At an event in Wembley stadium, EE used its live network to demonstrate gigabit LTE using a Sony Xperia XZ Premium smartphone with a Qualcomm Snapdragon 835 chip.
LRTV Custom TV
Implementing Machine Intelligence With Guavus

7|12|17   |     |   (0) comments


Guavus unites big data and machine intelligence, enabling many of the the largest service providers in the world to save money and drive measureable revenue. Learn how applying Machine Intelligence substantially reduces operational costs and in many cases can eliminate subscriber impact, meaning a better subscriber experience and higher NPS.
LRTV Custom TV
Unlocking Customer Experience Insights With Machine Intelligence

7|12|17   |     |   (0) comments


When used to analyze operational data and to drive operational decisions, machine intelligence reduces the number of tasks which require human intervention. Guavus invested in Machine Intelligence early. Learn about the difference between Machine Learning and Machine Intelligence.
Women in Comms Introduction Videos
Verizon VP Talks Network, Career Planning

7|12|17   |   4:49   |   (0) comments


Heidi Hemmer, vice president of Technology, Strategy & Planning at Verizon, shares how bold bets and the future of tech define her career.
Telecom Innovators Video Showcase
Masergy's NFV Journey

7|11|17   |     |   (0) comments


Ray Watson, vice president of global technology at Masergy, discusses the advantages and challenges in entering the still-maturing NFV market for the past three years.
Telecom Innovators Video Showcase
Mavenir on RCS Cloud Platform & Multi-ID

7|10|17   |     |   (0) comments


Guillaume Le Mener, head of marketing and corporate development at Mavenir, discussed RCS and the recent launch of Multi-ID, which supports T-Mobile's DIGITS, the revolutionary new technology that breaks down the limitation of one number per phone and one phone per number.
LRTV Custom TV
ADTRAN Executive Outlines Trends in Next-Generation 10-Gigabit Cable Networks

7|10|17   |     |   (0) comments


Hossam Salib, VP of Cable and Wireless Strategy at ADTRAN, outlines key trends as MSOs begin to deploy next-generation Gigabit and 10-Gigabit cable networks. In the interview, Hossam outlines the advantages of a Fiber Deep architecture, FTTH options including EPON and RFoG, and the importance of SDN and NFV in building next-generation high-bandwidth cable networks.
LRTV Interviews
Global Capacity: Bandwidth Demand Driving Ethernet Growth

7|6|17   |   6:37   |   (0) comments


At Light Reading's Big Communications Event in Austin, Texas, Global Capacity's VP of Marketing Mary Stanhope talks about how the demand for bandwidth is changing the way service providers deliver broadband services.
LRTV Interviews
Colt's Services Chief on Digital Delivery

7|5|17   |   16:12   |   (0) comments


Rogier Bronsgeest, the chief customer experience officer (chief CEO!) at Colt, discusses the way in which the service provider interacts with its customers these days and his aggressive net promoter score (NPS) targets.
Women in Comms Introduction Videos
BT VP: Women Should Fill Security Talent Gap

7|5|17   |   6:00   |   (2) comments


By 2020 there will be six security jobs for every qualified worker, and Kate Kuehn, vice president of Security for BT in the Americas, says BT wants to encourage women to fill the shortage in jobs.
LRTV Interviews
Colt Sales Exec on Services Trends

7|4|17   |   12:59   |   (0) comments


Colt's sales director for enterprise, James Kershaw, sheds some light on the services currently in demand and how network upgrades are influencing customer demand.
Upcoming Live Events
September 28, 2017, Denver, CO
October 18, 2017, Colorado Convention Center - Denver, CO
November 1, 2017, The Royal Garden Hotel
November 1, 2017, The Montcalm Marble Arch
November 2, 2017, 8 Northumberland Avenue, London, UK
November 30, 2017, The Westin Times Square
All Upcoming Live Events
Infographics
With the mobile ecosystem becoming increasingly vulnerable to security threats, AdaptiveMobile has laid out some of the key considerations for the wireless community.
Hot Topics
Is IBM's Watson Overhyped & Soon to Be Outdone?
Sarah Thomas, Director, Women in Comms, 7/13/2017
Mobile to Power Online Video Consumption – Zenith
Aditya Kishore, Practice Leader, Video Transformation, Telco Transformation, 7/19/2017
Can Mushroom Sprout in Crowded SD-WAN Field?
Carol Wilson, Editor-at-large, 7/18/2017
AI Will Be Ubiquitous in 2020 but Overhyped in 2017 – Gartner
Sarah Thomas, Director, Women in Comms, 7/18/2017
Telcos Beware: Sidewalk Labs Is on the Move
Mari Silbey, Senior Editor, Cable/Video, 7/13/2017
Like Us on Facebook
Twitter Feed
BETWEEN THE CEOs - Executive Interviews
Following a recent board meeting, the New IP Agency (NIA) has a new strategy to help accelerate the adoption of NFV capabilities, explains the Agency's Founder and Secretary, Steve Saunders.
One of the nice bits of my job (other than the teeny tiny salary, obviously) is that I get to pick and choose who I interview for this slot on the Light Reading home ...
Animals with Phones
Fuzzy Quick Fix Click Here
If you can't access it, is it really broken?
Live Digital Audio

Playing it safe can only get you so far. Sometimes the biggest bets have the biggest payouts, and that is true in your career as well. For this radio show, Caroline Chan, general manager of the 5G Infrastructure Division of the Network Platform Group at Intel, will share her own personal story of how she successfully took big bets to build a successful career, as well as offer advice on how you can do the same. We’ll cover everything from how to overcome fear and manage risk, how to be prepared for where technology is going in the future and how to structure your career in a way to ensure you keep progressing. Chan, a seasoned telecom veteran and effective risk taker herself, will also leave plenty of time to answer all your questions live on the air.