Multicloud deployments are on the rise for companies looking to optimize performance, drive innovation, reduce costs, and improve security and compliance. According to a Forrester Consulting study, 86 percent of enterprises have adopted a multi-cloud strategy, while 60 percent are moving or already have moved mission-critical applications to the public cloud.
As the network has become more complex, however, disparate communications metrics for different devices and applications have made it harder to assure performance and security. In a recent conversation with the CUBE’s Dave Vellante and Stu Miniman, Russ Currie, vice president of enterprise strategy at NETSCOUT, explained that the introduction of virtualization has increased east-west traffic flow as opposed to the traditional north-south direction, which presented visibility problems for IT. And as workloads moved to the cloud, traffic grew even more obfuscated, making traditional monitoring tools even less effective.
“In a column, everything is floating north and south,” Currie said. “So you’ve got everything right there, and usually you have a place where you can look into it.” But when data is flowing east-west—or “flat”—“you’re looking at devices talking to other devices that don’t necessarily have to traverse any part of the network, so providing solutions that allow you to gain visibility into that environment is really important,” he explained, “and the protocols that we use there change a bit, so traditional tools don’t necessarily fit well.” The industry has been trying to solve this problem primarily by looking at things like NetFlow and log events and then aggregating that information and normalizing it. The challenge has been to make use of that network traffic in a meaningful way.”
NETSCOUT provides the ability to gather network traffic from anywhere it’s deployed, whether it’s public cloud or private cloud. “Our solution set can go anywhere,” Currie said. “That’s our secret sauce.” In the virtual world, NETSCOUT vSTREAM virtual appliances provide pervasive visibility with software-based instrumentation into packet traffic and application workloads; for physical environments, NETSCOUT InfiniStreamNG software and hardware appliances convert high-value network packets to smart data in real-time, providing actionable insights for service assurance and cybersecurity applications.
“Both of these devices leverage Adaptive Service Intelligence technology,” Currie explained, “which allows us to watch all that network traffic and build metadata in real-time, so we can surface key indicators of performance and security events and get that information up into a collection mechanism that doesn’t have to normalize the data—it just looks at it as is—and we build that into a services context that allows users to see across a multi-cloud environment in a single pane of glass.”
Gaining Visibility: The Importance of a Common Framework
As applications shift to microservice architectures with layers across data centers as well as public and private clouds, the interconnections and interdependencies become more challenging to monitor. This complexity ultimately places a greater burden on IT, which is tasked with ensuring application performance and security. A common framework for visibility is crucial, said Currie.
“When you’re starting to infer based on different data sets, it becomes very difficult to identify the source of a problem,” he explained. This is made even more challenging as IT organizations take on more of a multidimensional role involving network performance and security, which rely on different data sets, he added, “and that’s where it kind of falls apart. If you have a common data set, you’re going to have a better perspective.”
It boils down to gaining the ability to get the right information to the right people at the right time, so they can do the right thing—in short, enabling them to be more effective.
Using Insights to Block Exfiltration
One of the advantages of improved visibility, of course, is that the insights gained can also help improve security. According to Currie, if you know who the bad actors are and you know their addresses, then you can prevent exfiltration of critical information from your network.
NETSCOUT continues to leverage its expertise in both security and performance workloads to enhance its solutions in this area. “We are in the process of taking our highly curated threat intelligence feed and adding it to our InfiniStreams, which will improve our ability to detect problems deep inside the network,” said Currie. “The only way to catch bad actors who are in your network is by continually monitoring that network. In order to minimize risk from both performance and security problems, it is imperative to understand what your assets are, and then stop the bad guys from trying to access them.”
Transforming to Software-Centric Solutions
More and more hardware-first solution providers are adopting software-first strategies. Currie pointed out that NETSCOUT has taken this approach, transforming its business model to meet the rapidly evolving needs of today’s businesses. “We are building out our software solutions to address the most pressing issues that our customers face in these increasingly complex environments,” he said. “Software is eating the world, but ultimately it’s hardware that’s doing the chewing.”
Watch the Russ Currie CUBE interview
Learn more about nGeniusONE
David Pitlik is a long-time technology and business writer and frequent contributor to NETSCOUT’s blog.