Virtual environments could be creating real headaches for network managers, with network edges in many organisations being stretched and distorted due to increased virtualisation, cloud migration, the Internet of Things (IoT) and mobile devices connecting to the network.
As a result, many network managers are losing sight of where the edges are and what lies beyond them, according to Ixia.
Ixia says this situation is further complicated when IT infrastructures are moved to the cloud in multiple stages.
Budgetary constraints and security and performance concerns mean that enterprises are increasingly implementing hybrid models, with critical workloads sitting outside of the main on-premise and private cloud environments.
“Hybrid environments, and the flow of business data between on-premise applications and clouds, increase complexity and make it harder for IT teams to gain the edge-to-edge network visibility they need to identify and predict outages, spot security breaches and analyse mission-critical application performance issues,” explains Areg Alimian, senior director, solutions marketing, Ixia.
“When they first look into moving critical workloads from on-premise data centers into virtualised, software-defined data centers or public clouds, IT decision-makers need to ask themselves two key questions,” he explains.
“How can we ensure the availability, reliability, and performance of our mission-critical applications; and how do we get relevant critical data to analytics and monitoring tools, regardless of where the applications are?,” he says.
Alimian says obscured visibility into virtualised public or private clouds leads to increased threat exposure and an inability to monitor and troubleshoot critical events.
“Blind spots are a major security issue for businesses and service providers alike,” he adds.
“Verizon notes that blind spots prevent around 75% of businesses from knowing that they have suffered a security breach.
Ixia suggests that organisations consider six key elements to ensure resilience and security:
1. Infrastructure and tenant separation. Cloud service providers with virtualised infrastructure host workloads from multiple customers on top of the same virtual fabric. This can increase the potential attack surface and cause compliance issues. Intelligent visibility is needed to serve both the tenant and infrastructure separately, giving organisations visibility into their own workload packet data.
2. Correct monitoring tools and timing. Every business's monitoring tools need to access critical application data across virtualised networks and off-site environments. Getting the right data to the right tool, at the right place and right time requires a level of intelligent coupling between security, application analytics tools, and the visibility architecture. Businesses that achieve this can gain higher-level security and access critical data from any virtualised environment or location.
3. Security. Virtualised data centers are just like other segments of the organisation's network; they are consistently at risk of attack. Visibility can be a challenge because of the lack of advanced security forensics and analytics tools available for cloud environments. It's important the security solutions used are able to collect packets in a segmented, secure environment, to avoid compromising the security walls between networks.
4. Elastic scale. As elasticity is a fundamental characteristic of any hybrid environment, it is important the network monitoring system can also scale as needed, to match the size and demand of the hybrid cloud environment or data center.
5. Performance. In virtualised environments, data can be challenging to monitor, as it never crosses a physical switch or network. If a performance problem emerges with a mission critical application it is important the organisation can pinpoint where the fault is. Visibility tools can help deliver this.
6. Fault tolerance and reliability. In hybrid environments it is important that no instance in an application is a single point of failure. Cloud service providers don't do this. Instead, it is up to the application owner. This drives a need for visibility services that provide data access, intelligent and fault tolerant packet processing and distribution that can scale as the service grows.
“The common theme across these elements is visibility,” says Alimian.
“Businesses need complete access to all data across their networks and clouds, and intelligent processing and distribution of this data to analytics tools,” he explains.
“These two functions can be achieved by deploying a visibility solution to eliminate network and security blind spots.
“With this in place, even if the network is losing its edges, you will not lose sight of what really matters: ensuring business applications are resilient, fast and secure,” Alimian says.