By Brian Handrigan on Friday, 04 October 2019
Category: Network Access Solutions

Hybrid IT Monitoring: The ABCs of Network Visibility

​The recently released 2019 State of the Cloud report by RightScale found that 58% of 800 technical professionals surveyed use a hybrid strategy [1]. Combining on-premises, virtual, and cloud-based resources offers great flexibility, but managing hybrid IT is also more complex. IT teams need new strategies to monitor their hybrid infrastructure effectively.

​THE CHALLENGE OF HYBRID IT MONITORING

Effective performance and security monitoring require detailed information about the traffic flowing in your network. In hybrid environments, traditional network taps and SPAN ports cannot see all the traffic in your network. To identify anomalies and the root cause of performance issues, you need complete visibility to every corner of your network, including virtual and cloud-based infrastructure, just as you have in your on-premises data center.

In virtualized infrastructure and private clouds, traffic moving between virtual resources (referred to as east-west traffic) does not pass through a physical network switch. This traffic is a blind spot to your monitoring tools unless you deploy a solution that can access packets inside the virtualization (hypervisor) layer.

When you use public cloud, you do not have access to either the physical infrastructure or the virtualization layer. Public cloud workloads are highly dynamic and moved at will by the cloud provider to maximize performance of their overall infrastructure. To get access to network traffic in public clouds, you need a container-based, cloud-specific data access solution.

SPECIFIC USE CASES FOR HYBRID IT MONITORING 

Reduce migration risk. Deploying applications on hybrid IT carries more risk since traffic will flow on infrastructure that is not directly controlled or managed by the IT team. You will need a specific strategy for monitoring off-premises infrastructure to avoid application disruption and protect sensitive data. 

Maintain cybersecurity in the cloud. We know that clouds are susceptible to security breaches and data loss. The only way to stay vigilant is to monitor 100% of the network packets flowing through your cloud-based and virtual servers. You must not only gain access to all data, but also have a visibility solution that can scale automatically and cost-efficiently as traffic volume grows.

Troubleshoot performance issues. As enterprises shift more of their operations to virtual and cloud-based infrastructure, the network team must ensure performance monitoring is extended there as well. Hybrid environments increase IT complexity. The network operations team is often the first line of defense for the end-user experience, even if the network is not always the root cause of the issue. Network operations center staff need tools that can provide visibility into all traffic, to better identify the source of performance issues.

Monitor service level agreements of providers. With so much riding on the performance of hybrid IT infrastructure, it makes sense for IT to monitor the quality of service they receive from their cloud providers. Every organization using cloud should make sure their contract gives them access to the data they need for independent verification and audit of cloud services. Some cloud providers issue credits for not meeting the service level agreements stipulated in their contracts.

​CONSIDERATIONS FOR HYBRID IT MONITORING

As you develop your monitoring strategy and architecture, consider the following:

Pre-deployment testing. You can validate whether your network is up to the task of supporting a new application or service using a pre-deployment performance test platform (such as Ixia Hawkeye). The testing process also lets you establish thresholds and performance standards such as target, response time, bandwidth usage, and tolerable packet loss. You can also use these tests to determine the best location in the network to process a particular workload.

Cloud-native data access. Simply accepting your clouds as "blind spots" in your network is not an option because clouds are now the dominant mode of IT operation. To get visibility to data in a hybrid environment, you need to tap and filter data in every cloud. A container-based, cloud-native sensor, such as that used in Ixia CloudLens, can be deployed inside every cloud you spin up. With this solution, you do not need to manually configure data access and you automatically receive a copy of every packet that passes through all your clouds.

Support for a large number of tools. Traditionally, IT has physically connected monitoring tools right onto the network segment they wanted to monitor. That approach works well until the number of tools you want to use exceeds the number of available network access points. A visibility platform with a network packet broker (such as Ixia's Vision Series) overcomes this limitation by establishing a layer between the network and your monitoring tools. The NPB is able to receive traffic from any number of network segments, consolidate and filter the traffic, and send a customized stream of traffic to any number of monitoring tools.

Data capture at the edge. The expansion of data collection and processing at the network edge presents IT with a new challenge. Now they must actively observe user experience at the edge and resolve issues to keep the business running smoothly. Edge-specific visibility platforms are now available to cost-efficiently capture and filter packet data, so the network edge does not become a blind spot. (See Ixia Vision Edge.)

Tool efficiency. As your traffic volume increases, you should look at increasing the efficiency of your monitoring tools to keep costs from rising. You can use a network visibility platform and NPB to pre-process and streamline data before you deliver it to your tools. The NPB functions like a personal assistant to your tools, offloading non-core tasks and helping your tools run more efficiently. The NPB's intelligent processing engine reduces workload by filtering packets and sending tools only the data they need. The result is less work for your tools and better use of available tool capacity.

Continuous active monitoring. You can reduce the risk of an application disruption by continually monitoring your production network. An active monitoring platform (such as Ixia Hawkeye) runs test traffic through your network on a regular basis, to identify any new issues that emerge as a result of changes and upgrades to your infrastructure. Active monitoring also provides you with a map of how traffic actually moves through your network, which helps speed up troubleshooting.

​SUMMARY

​As you rely more on hybrid infrastructure, make sure your network monitoring architecture is up to the task of protecting your applications and services from performance disruptions and security breaches. Learn more about Ixia's approach to total network visibility.

​[1] RightScale: State of the Cloud, sponsored by Flexera, February 2019.

​Thank you to Lora O'Haver of Ixia, a Keysight Business, for the article.

Leave Comments