仮想化ネットワーク可視性に関する課題

クラウド展開の利点はたくさんありますが、仮想トラフィックのアクセスやモニタリングが課題です。 仮想トラフィックへの粒度の細かいアクセスがないと、アプリケーションパフォーマンスやセキュリティに障害を来すネットワークの盲点に悩まされることになりかねません。 貴社の可視性プラットフォームは、パブリック、プライベート、ハイブリッドクラウドなどあらゆるクラウド環境に無類の可視性を提供しなくてなりません。

これらの環境下で総合的な可視性を保証するということは、ホストと仮想マシン(VM)の間のトラフィックに簡単にアクセスできるようにすることを意味します。 VMがホストやサイト間で移動してもデータへのアクセスを保証するということです。 しかし実際には、現在のほとんどの仮想データセンターは、東西のトラフィックに対して限定的なアクセスしかなかったり、あるいはまったくアクセスがない状態です。 仮想化によって発生する一般的な盲点をいくつかあげてみましょう。

  1. ホスト-to-ホストの可視性 - スイッチの下では限定的かほとんど可視性がなく、サーバーシャーシ内では可視性がない。
  2. VM-to-VM 可視性 - 物理的なネットワークにトラフィックが入らないため、トラフィックは100%見えないか検証されない。
  3. VM モビリティ可視性 - VMがホストとサイト間で移動できる。

思考のリーダーシップ

Photo of man looking out over landscape
CloudLens™ - The No Compromise Visibility Platform

Ixia CloudLens™ is our public, private, and hybrid cloud visibility platform. For the private cloud, Ixia’s CloudLens Private offers integrated virtualized visibility products to deliver a powerful visibility platform, ensuring complete data access, filtering, and intelligent distribution across private cloud environments.

CloudLens Vision Platform

Elements of CloudLens Private

Elements of CloudLens Private

Virtual taps (vTaps) enable you to access east-west traffic in virtual machines and tunnel it to either a physical or virtual network packet broker. The network packet broker provides packet and application flow filtering, or Netflow, with advanced application identification, geographic location, secure socket layer (SSL) decryption, and deduplication to provide unprecedented insight into network traffic in the virtualized environments.

 

In addition, Ixia’s Hawkeye™ enables continuous proactive monitoring of your virtualized network infrastructure. It quickly and effectively validates network performance, isolates problems, and proactively detects issues by running scheduled verification tests. Using a combination of hardware and software agents, called performance endpoints, Hawkeye simulates application traffic and sends key performance metrics to a central console for fast action.

High Availability Monitoring in Multi-Tenant Environments

Ixia’s CloudLens Private has self-healing and fault tolerance. It continuously checks the availability of individual virtual taps (vTaps), and if one is unavailable, a new vTap is instantiated with the same configuration. vTap Manager continuously monitors its virtual machine (VM) instance memory, central processing unit (CPU) load, and critical alerts to take self-healing corrective action, scale-out based on application load, and if needed, create another monitoring VM instance with the same persistent configuration.

 

The monitoring and flow configuration of the vTap service instance is persisted in the controller, so in the case of a critical host failure, like a shutdown or reboot, the vTap service agent starts again automatically with the same configuration.

High Availability Monitoring in Multi-Tenant Environments Image

Most Comprehensive Hypervisor Support

Hypervisor support

In addition to supporting multiple hypervisor environments, Ixia's visibility platform provides access to traffic and distributes it to the security fabric through an array of tunneling options (Generic Routing Encapsulation (GRE), virtual local area network (VLAN), encapsulated remote switched port analyzer (ERSPAN)).

 

Tighter integration with private and hybrid cloud environments orchestrate virtual tap and virtual network function (VNF) spin-up within OpenStack. 

 

Ixia provides a trusted and reliable infrastructure with uncompromising quality of experience (QoE) and easier configuration and visibility through automation and powerful monitoring tools. And, that translates to being able to accelerate time to revenue and improve network reliability.

Securing your multi-tenant environment

Private and public cloud service providers who own the virtualized infrastructure host workloads from multiple customers (tenants) on top of the same shared virtual fabric. Depending on how the cloud service provider (CSP) addresses the confidentiality, integrity, and availability of tenant workloads, this could increase the attack surface, risk compromise of sensitive customer data, and result in compliance and service level agreement (SLA) issues.

 

Since both the infrastructure owner and the tenant implement their own security analytics and application monitoring solutions, the design of intelligent visibility for data access and distribution needs to serve both the tenant and the infrastructure separately. CloudLens Private provides access to data of interest, allowing you to access traffic within defined availability zones, network segments, application types, security groups, and services within a tenant or across multiple tenants.

Securing Multi-Tenant Virtualized Environment

仮想ネットワークの可視性CTA

仮想と物理機能のエンドツーエンドな可視性をもって運用することで、より高い洞察を得ましょう。 詳細をご覧ください。