Jeff Harris
Chief Marketing Officer
Blog

A Bird's Eye View of the Cloud Visibility Gap

July 5, 2017 by Jeff Harris

Any of us who fly get to see clouds.  They are fun to look at, although they are often bumpy to fly through.  They are also opaque - i.e. you can't see through them.  You can’t easily see into them from the outside, and you can’t see much at all once you’re inside them.  It’s the same for many organizations that have moved business applications into public cloud environments.  When Ixia surveyed a range of enterprises about their cloud deployments, only 37 percent monitored their virtualized environments to the same standard as their physical environments.  

This is incredible, given that 67 percent of respondents said they were running mission-critical applications in public clouds.  Functions like communication, collaboration, storage, employee payroll and human resources applications, even recovery and backup services, are being moved to the cloud.  These especially cannot go unmonitored as they interact and transmit sensitive information.  It highlights the fact that ease of deployment, cost savings and flexibility are still winning out over concerns about monitoring, security, and the risk of potential data loss. 

We would never say that cloud is a bad idea.  Actually we think that cloud migration is a great business move for most enterprises.   Placing blind trust in the cloud, however, is another matter.  Trust but verify.  It is prudent to monitor your public cloud environments with the same robustness and vigor you apply to your on-premises and private cloud environments.  Security Week recently published our article looking at this issue, and here’s a recap of the best practices for getting visibility into public clouds that it outlined.

The first steps to getting visibility involve discovery:  IT teams need to establish how far their ‘cloud blindness’ extends, in terms of how many cloud-based applications are being used, how data is flowing off-premises, and how data is transferred to the cloud.  Based on this, they can establish the potential compliance risk.  IT also needs to determine what they can monitor and test, so they can establish performance and availability SLAs.  Finally, they need to understand their potential risk exposure from being in a multi-tenant environment – what assurances can the public cloud provider give around the security of individual tenants’ environments?

The article outlines four key actions \ enterprises can take to enhance their visibility and security in the cloud: 

  1. Extract and copy traffic from the cloud. You can then subject it to more detailed inspection. The easiest tool for achieving this is a cloud tap or packet capture agent – though they are not all the same.  You must take care to use one that does not negatively impact your cloud application performance. 
  2. Tunnel cloud data back to the enterprise, so you can review it in the same way as on premise traffic. Use a network packet broker (NPB) to aggregate and intelligently distribute the traffic. Alternately, the packet processing capability can be virtualized and implemented within the cloud itself, saving you a lot in bandwidth costs.
  3. Identify traffic by application source. You need to make sure your cloud agent supports this function, but this will enable you to make more intelligent, business-contextualized decisions when monitoring and securing. It will also prevent you from sending all traffic to all tools, which is expensive and burdens your resources unnecessarily. An intelligent cloud packet processing agent can achieve this.
  4. Treat each cloud application as an independent entity with its own SLA. When calculating total customer SLA, include the SLAs of each provider. You can then know – and actively monitor – each cloud SLA separately, building up a holistic view of overall cloud performance.

Public cloud is very cost effective and allows you to scale elastically as your business grows.  But to fully realize its benefits securely, it’s vital that the same due diligence that’s currently applied to a physical network is also applied to cloud-based infrastructures.  Because what you can’t see can kill your business.