A Loss of Visibility
Traditional visibility, security analytics, and troubleshooting tools must evolve to keep pace with today’s cloud-first models. Applications reside off premise, yet when user experience is poor, the first call goes to the internal network, security, and helpdesk teams. Application traffic destined for the cloud is web-based, encrypted, and sent to a content delivery network (CDN) like Akamai. With legacy tools, visibility and data context is lost. When incidents arise, IT is tasked with quickly determining if the problem is on premise, with the ISP/WAN carrier, or at the cloud service provider. Root cause analysis is impossible without visibility extending from your network all the way to the cloud provider.
Cloud computing creates new challenges for maintaining application performance:
- Data packet encryption limits insight from packet analyzers
- Direct ISP access at remote locations makes it difficult and expensive to use packet analyzers for data collection
- Latency is difficult to measure and service providers typically point fingers
Scrutinizer Delivers Visibility and Context Extending into the Cloud
Scrutinizer enables IT to not only investigate and pinpoint cloud service performance problems, but also constantly monitor service level agreements (SLAs) and reports if missed. DNS correlation provides visibility into encrypted traffic and AWS log collection extends application awareness all the way into the cloud.line-break
Monitoring CDN Traffic with NetFlow
Monitoring network traffic to CDNs (content delivery networks) is becoming network engineers’ and network admins’ nightmare. Since a lot of social media and even malware are being hosted on these large cloud servers, host reputation (typically done with IP information) is in most cases becoming obsolete. This blog will show you how using our NetFlow probe and our advanced DNS analytics to provide insight into encrypted CDN traffic.
Cloud Service Security Checklist: 7 Questions
Most companies ask about security before outsourcing to a cloud service. The real problem that we see is that the malware trying to steal confidential information is written in a way that can be incredibly clever. The SAAS is behind a firewall, right? And all connections involve SSL and require passwords that are at least 10 characters with special characters and they are regularly rotated, right? Perhaps the cloud service even monitors behaviors and claims to trigger events for abnormal patterns. These are all good proactive efforts, but we all know the malware still gets in. This is why we need to build a good cloud service security checklist, but how do we go about it?
5 Metrics Cloud Services Can’t Hide From
IT departments want to know how they can reliably monitor cloud applications and answer questions such as, “how much bandwidth is each application consuming?” or “why is performance poor?” The infrastructure needed to answer questions like these are already in place on most networks, but it can’t be done with SNMP, ping utilities, or packet probes as these solutions don’t scale. We need to take advantage of a smarter, deeper analysis, architecture and we need to know how to leverage it.