Flowmon

Enhancing Network Visibility & Security in Google Cloud

10/12/19

As networks grow in complexity, a proactive approach, prevention and early detection of anomalies are the only way forward toward delivering reliable, secure, and scalable services to users and customers.

Nowhere is this more relevant than in the cloud where on-demand resource provisioning and the dynamic nature of a software-defined infrastructure introduce additional challenges which are often seen as major roadblocks for cloud migration. However, the right tools and practices for in-depth network visibility can help you remove some of them.

Flowmon utilizes Google Cloud’s native VPC Packet Mirroring feature to gain access to raw network packet traffic and perform advanced performance, behavior, and security analysis. Packet Mirroring allows you to mirror packets according to a fully configurable mirroring policy combining one or more of:

  • compute instances in selected network VPC subnets,
  • compute instances with specific network tags,
  • compute instances selected by name.

Further refinement, one applied optionally at the level of mirrored packets, can be accomplished by defining filters. From each compute instance selected by the mirroring policy, only packets allowed by defined filters will be mirrored. This provides a fine-grained mechanism for selecting the most relevant data sources for analysis whilst saving on transit and processing costs. If no filters are defined, all packets will be mirrored.

Mirrored packets are sent to an Internal Load Balancer and from there to an Instance Group of one or more Flowmon Collector instances with an in-built Flowmon Probe. From that point on, you have the full power of Flowmon at your disposal with the level of visibility you are accustomed to from on-premise or private cloud deployments.

GCP Packet Mirroring Flowmon

Key Features

With Flowmon and Packet Mirroring, you can:

  • facilitate early threat response and reduce mean-time-to-resolve for ongoing incidents impacting application availability and data security with automated traffic analysis and threat detection,
  • get actionable insights into outages and service degradations and their impact on your infrastructure, 
  • optimize application performance with end-user experience monitoring.
  • dynamically select packet mirroring sources with filters and/or tags to achieve the right balance of monitoring costs and visibility

Benefits

  • A single solution providing tools for NetOps and SecOps alike.
  • Streamlined deployment and support for data sources native to Google Cloud.
  • Ease of use of Flowmon combined with the flexibility of Google Cloud.

Getting Started

For a trial of Flowmon in Google Cloud.
Contact Us

For detailed information on pricing and Google Cloud configuration, please refer to the following materials: