Virtualization offers many benefits to organizations. But at the same time, you’ll have to figure out how to monitor your virtual environment, because a lack of visibility can cause many problems. This blog will cover how organizations can use Scrutinizer to take full advantage of a virtual environment without the accompanying challenges.

End-to-End Visibility with Virtual Environments

When a user accesses an application, that activity traverses both the physical network and the virtual environment. Most organizations can see the physical portion, but once that communication hits the virtual data center, it’s invisible.

But application experience encompasses everything from the user all the way to the app, which is often in that virtual environment. Without visibility there, you’re missing a part of the big picture.

Further complicating the issue, applications aren’t tiered the same way they used to be. Before, all three tiers of an application (Presentation, Application, and Database) were deployed on the same VM. But now, they’re often on different VMs that communicate with each other. East-west traffic like this is less straightforward to monitor.

Virtualization Challenges

Without end-to-end visibility, there are a few challenges you’ll run into with a virtual environment.

Performance monitoring: When a user encounters a performance issue, you need to isolate the issue’s root cause as quickly as possible. This is be trickier in a virtual environment, which is inherently more difficult to diagnose than a physical environment. With good visibility, however, you can quickly identify and resolve performance issues.

Security: Virtual machines, like physical machines, fall under regulatory compliance standards. This means that if you can’t see what’s going on in your virtual data center, you may not be adhering to those standards. Furthermore, any area on your network where you lack visibility is a security risk. When you can see everything that’s happening, your virtual data center will be much less vulnerable to threats.

Virtual machine sprawl: Since creating new virtual machines is easy, you can end up with so many that they become unmanageable. According to Plixer’s own Bob Noel, “there can be up to a 10X gap between the number of VMs that are believed to be deployed versus the number that actually exist.” If the NetOps and SecOps teams don’t have visibility into every VM—or they’re otherwise siloed—they can’t be monitored for performance and security.

What Data Can Hypervisors Provide?

What’s great is that you can get NetFlow/IPFIX data from most virtual switches. If you’ve been following our blog for a while, you’ll know that we’re huge fans of flow data as a lightweight, but rich source of network information.

Visit our NetFlow, IPFIX, & sFlow Configuration Guide to find out how to start exporting flow data from your devices.

If you have a vSphere Distributed Switch (VDS), you’ll have some extra metadata details available. These include Egress Attribute, VXLAN ID, Tenant Protocol, and more.

VDS metadata

Now you just need to collect this all this information somewhere for analysis.

Virtualization Monitoring with Scrutinizer

Scrutinizer is a network traffic analysis system that delivers security and network intelligence. It can ingest all types of flow data, as well as over 5000 metadata elements. Then it analyzes and visualizes that information so it’s easy to identify and investigate problems.

Of course, this extends to virtual environments. By exporting data from your virtual devices to Scrutinizer, you’ll gain the end-to-end visibility needed to manage and maintain your virtual environment.

To see what data you can leverage from your virtual environment, check out the free edition of Scrutinizer.



Alienor is a technical writer at Plixer. She especially enjoys writing about the latest infosec news and creating guides and tips that readers can use to keep their information safe. When she’s not writing, Alienor spends her time cooking Japanese cuisine, watching movies, and playing Monster Hunter.