VISIBILITY INTO CLOUD COMPUTING Brendan Leitch, Head of APAC Marketing 1
SECURITY AND PERFORMANCE DEPENDS ON DATA VISIBILITY Access Challenges: Get data access for tools VISIBILITY: Seeing the Traffic on Your Network Data Distribution Challenges: Scale tool capacity Network taps vs. SPAN ports Filter traffic to tools Limited tool ports Tool 1 Tool 2 Tool N Manage access for each tool Clients Network Tap Switch Network Tap Switch Network Tap Server 2
VISIBILITY IN THE PHYSICAL DATA CENTRE NETWORK Network Operations Taps Switch Network Packet Brokers 1G 1G Application Operations Taps Switch Taps Servers Aggregation Filtering Load Balancing SSL Decryption NetFlow 10G 40G Security Admin Forensics THE DATA CENTER 3
ENTERPRISE NETWORK EVOLUTION Then Now Internet of Things Distributed Network Mobile Devices SSL APIs Private & Public Cloud Virtualization 4
VISIBILITY PHYSICAL -> VIRTUAL / PUBLIC Network Operations Switch Application Operations Private & Public Cloud Switch Security Admin Servers Virtualization Forensics THE DATA CENTER 5
VIRTUALIZATION & CONTAINERIZATION 6
Public Cloud Customer CUSTOMER RESPONSIBILITY BOUNDARIES Customer Data Applications Identity & Access Management Operating System & Network Foundation Services Compute Storage Database Network Public Cloud Infrastructure Availability Zones Regions Edge Locations Customer Public Cloud 7
VISIBILIY - CHALLENGES WITH CLOUD ADOPTION Packet data to Tools Platform agnostic service Data access Manual vs On-demand vs Scheduled Solves Scale Up as well as Scale Out Elasticity & Scale Effective handling of transient data Configuration management Dynamic no dependency on the physical location Infrastructure churn 8
INTRODUCING IXIA CLOUDLENS CloudLens CloudLens Private CloudLens Public Branch Office Virtual DC Private Cloud Public Cloud CloudLens vtap CloudLens vpb CloudLens vatip 9
HOW CLOUDLENS WORKS IXIA CloudLens Public Management Layer Monitoring Tools Secure Visibility Path Filtering at source Filtered Traffic securely sent from Instance to Tool 10
WORKFLOW OVERVIEW CLOUDLENS PUBLIC Create source groups based on metadata Identify source instances Source Configuratio n Identify tool instances Tool Configurati on Create secure visibility path from source to tools with intelligent filtering 5 step process to complete visibility Focus on relevant data Create visibility paths with easy drag and drop Create tool group based on metadata 11
users IAM Cognito Management Layer API Gateway Lambda Code Commit Application Layer CloudLens Public SaaS Config S3 DynamoDB Data Access Layer HOW GROUPING WORKS Work from an instance description In the form of a search Can rebuild list at any time Source Group 1 Source Group 2 App Tier Destination Group 1 New instances automatically categorized Expected behavior is known based on existing group configuration Web Tier Scale tools also Destination Group 2 Source instances divided among targets DB Tier Tenant 1 12
GROUPING + METADATA = ELASTIC SCALABILITY Source Group 1 App Tier App Tier App Tier Destination Group 1 Web Tier Web Tier Web Tier Source Group 2 Web Tier Web Tier Web Tier Destination Group 2 DB Tier Tenant 1 13
USE CASE VISIBILITY ACROSS MULTIPLE CLOUDS AND COLOCATIONS Home Office Log storage in private data center Colocation Datacenter Corporate data center Security, Application and Network Performance Monitoring Tools in the private data center Colocation Datacenter Remote Site 14 NOC, user and usage Analytics center
ACHIEVING VISIBILITY & SECURITY IN THE CLOUD THE BENEFITS OF CLOUDLENS PUBLIC ELASTIC SCALE ON DEMAND CLOUD-NATIVE Scales with the source and tool Automatically load balances EASY TO USE Drag & Drop Interface (GUI) Dynamic no dependency on physical location Quick setup process - Installs as Docker container REDUCE ERRORS Minimal management and configuration Saves time and money Tools listen to the virtual interface Enhanced, intelligent filtering based on instance metadata All within Ixia s visibility ecosystem So customers can achieve their security and compliance objectives in the cloud 15
IXIA PROVIDES END-TO-END INSIGHT THE SECURITY & MONITORING FABRIC Monitor virtual traffic at the branch office, data center or cloud Capture and send packets and flows of interest to monitoring tools Support both physical and virtual environments Limit amount, type of data sent to monitoring tools, adjust dynamically Visibility with tenant awareness Branch Office Virtual Data Center Virtual Security Fabric Data Access Anywhere Context Aware Data Processing Intelligent Adaptive Monitoring Public Cloud Private Cloud Cloud SP Network 16
THANK YOU 17