Enable packet capture and send the packets to a centralized network visibility and analytics fabric before being selectively forwarded to monitoring and security tools.Use network access controls like security groups to their fullest extent, with logging of all events related to enabled rules for workloads and subnets.Collect network flow data for monitoring communication to, from, and between workloads within network segments and subnets.Link together virtual private clouds (VPCs) and network subnets to create the appropriate network scale and architecture.Choose solutions that span both on-premises and cloud environments - but offer centralized management.Assess your current network monitoring tools and capabilities to figure out what you have and where you are lacking.Here is a quick look at how you can create a comprehensive cloud network visibility program: So, How Can You Achieve Network Visibility in the Cloud?Īchieving network visibility in the cloud requires a different set of tools than is natively available in the cloud.
Cloud-native tooling for network traffic flows is rarely designed with optimal performance and tracking in mind.Switching (Layer 2) is no longer available and has been abstracted away by public cloud tenants, so all access control and segmentation are applied via policies that usually only focus on Layers 3 and 4 (IP addresses and ports), as well as tags or object references.Many cloud providers don’t have mature services available to access and collect network traffic.Securing hybrid cloud and multi-cloud environments has been hard to achieve, largely due to the operational headaches that occur when installing agents, enabling network traffic inspection and monitoring, and configuring centralized tools that enable stakeholders to keep track of it all.Īdditionally, the move to cloud security operations has been hindered because: The network traffic monitoring and visibility tools designed for on-prem datacenters aren’t built for the cloud and often need to be refactored, even as security teams have tried - often in vain - to adapt them for cloud-based infrastructure. However, the shift to a hybrid cloud or multi-cloud environment does pose one significant hurdle: Network visibility is significantly reduced, and that makes operational and security monitoring difficult. Migrating to the cloud can create tremendous opportunity, letting your organization operate more agilely, enable digital transformation, and accelerate growth - all while reducing complexity and cutting costs. ” Read Chapter 1 and Chapter 2, and check back for future posts covering Chapters 4–7. Editor’s note: This post explores Chapter 3 of the “ Definitive Guide™ to Network Visibility and Analytics in the Hybrid Cloud.
0 kommentar(er)
