The 2015 Global Cloud Index, by Cisco, has forecast a dramatic shift from private to public cloud in the next three years, from 30 per cent to 56 per cent.[1] This means businesses must carefully consider how they will manage security in a virtualised environment.
Stephen Urquhart, general manager, Ixia A/NZ, said, “Public cloud offers great elasticity and scalability. However, many businesses face issues when shifting workloads to the public cloud. The biggest struggle is to achieve the same level of network performance and security monitoring as that of their private data centre.
“A recent Ixia survey on virtualisation found that 67 per cent of respondents use virtualisation for business-critical applications. But only 37 per cent monitor their virtualised environment like they monitor their physical network environment. Before companies can trust the public cloud to run business critical applications reliably and securely, they need to feel comfortable monitoring virtual application traffic, starting with their own data centre. Without this competence, a shift to the public cloud will be risky.”
Ixia has identified five key stages for businesses to develop virtual network monitoring competency and ensure a safer transition to the public cloud.
- Copy traffic from the virtual machines (VMs) of interest in your data centre. This can be done by configuring a virtual switching layer that copies the traffic or adding a packet capture agent to the VM. Packets are the single units of data in a network.
- Perform basic filtering. Filtering virtual traffic before it impacts a host computer is important as it will reduce the amount of traffic and help avoid system overload. East-west traffic between computers or machines in your own data centre is much larger than north-south traffic entering and exiting the host. Filtering stops the system being overwhelmed with traffic.
- Perform advanced packet manipulation and grooming. This phase of advanced and intelligent visibility includes packet manipulation, packet grooming, and brokering. It can lead to much greater tool efficiency and additional security protections.
- Filter the groomed traffic through analysis tools. This may be done on the same host network or large amounts of copied network traffic may need to exit the host using a tunnelling protocol, where it can be filtered externally.
- Analyse the traffic for insights. Out-of-band security and performance monitoring tools capture packets for analysis and alerting. Inline security tools analyse the packets for threats. This helps identify key weaknesses that need to be fortified prior to transitioning to public cloud.
Stephen Urquhart, said, “It can be challenging to find the right balance of system resource usage for virtual applications versus virtual monitoring. Increased visibility will, in turn, take processing, memory and network bandwidth away from the monitored applications. Choosing the best strategy that meets performance and security monitoring goals will depend on the application you are monitoring, where you are running the application, the virtualisation software you are using, and the outcome you want to achieve.”
[1]Cisco, 2015, ‘Cisco Global Cloud Index, 2014-2019’, http://www.cisco.com/c/en/us/solutions/collateral/service-provider/global-cloud-index-gci/Cloud_Index_White_Paper.html