Enhance Security with Virtual Traffic Monitoring
With the trend toward companies of all sizes migrating to cloud architectures, Jeremy Castile, product marketing manager at APCON, discusses the impact of this movement on network traffic monitoring and security needs.
Why are organizations deploying virtual network architectures?
As the global trend in data center growth continues to accelerate in the coming years, the number of services delivered to businesses by these data centers will also surge. Modern data centers go beyond simple network, compute and storage by providing essential IT services to an ever-expanding list of networked devices. Innovative technologies like big data analytics and IoT require vast amounts of data center resources, connectivity and expertise, and they’re also helping to drive data center growth. These factors are pushing businesses to aggressively optimize data center functionality to remain nimble and competitive. By deploying virtualization and software defined networking architectures, businesses are gaining tremendous efficiencies in their data centers.
Hypervisors are the key to virtualization. How do you choose one?
There are many varieties of hypervisors available, both open source and paid versions, and by far the most popular is VMware ESXi. However, Microsoft Hyper-V is also a solid option that seems to be one of the favorites for smaller companies. Much of the decision depends on two key factors: price and features. While larger enterprises may require the full feature sets from paid versions of VMware ESXi, these features come with a price tag. Smaller companies that have fewer resources to invest in virtualization may get along fine with the free version of Microsoft Hyper-V, despite not having all the advanced functionality. Other honorable mentions include KVM and XenServer.
Are there network visibility gaps in this virtual environment?
The network visibility gap in virtual environments stems from not having access to intra-Virtual Machine (VM) – or east-west – network traffic. With a majority of enterprises deploying virtualization for cost savings and optimization, the data center visibility gap will continue to grow. More and more of today’s application workloads are being performed in the virtual environment. Traditional methods of gaining network visibility rely on access (via TAPs and SPANs) to physical network traffic. However, as data centers continue to migrate toward virtualization, an increasing percentage of traffic never hits the physical network. Maintaining security and compliance means security tools must have access to intra-VM traffic to detect threats and potential attacks.
What are the critical items for network and security teams to consider when it comes to monitoring traffic in a VMware environment?
Ensuring that security tools and compliance applications have access to the right traffic is crucial. Network engineers need the capability to not only see what traffic is traversing the virtual network, they need the ability to filter specific traffic and isolate suspicious behaviors. Security tools can easily become overwhelmed with multiple streams of non-optimized, or non-filtered, traffic.
How does APCON help monitor traffic in a VMware infrastructure?
APCON’s IntellaTap-VM provides magnified visibility of intra-VM network traffic for VMware environments. The centralized platform combines point-and-click VM selection with configurable traffic filters to tap VM traffic of interest for security, performance and efficiency. IntellaTap-VM is part of APCON’s integrated network visibility and security solution, providing complete traffic visibility across entire infrastructures virtual, physical and cloud.