Multi-Cloud – Rise of Hybrid Networks and the Need to Monitor & Secure Them

Many organizations find themselves managing a hybrid infrastructure spread over on-premise and multiple public cloud provider platforms such as AWS, Azure, and Google for specific business applications. If you are lucky, all your cloud resources will be from a single provider, but in reality, it’s likely that multiple cloud services will be used. Alternatively, your CIO and IT team might want to spread services across multiple cloud platforms to provide resilience and guard against vendor lock-in. Whatever the reasons behind it, many industry analysts and experts expect hybrid infrastructure spread over multiple data centers and cloud platforms to be the norm even for small enterprise businesses.

Posted on

This model has benefits, but at the same time, it introduces complexity for the IT teams tasked with monitoring and securing IT systems. Existing network monitoring technologies that system admins use with on-premise infrastructure are typically not expandable to include infrastructure and services running on public cloud platforms. This is a problem as you cannot manage and secure what you cannot see. 

The lack of unified tools across a hybrid deployment is a real obstacle to rapid and effective monitoring and security. As one security analyst in a client meeting recently said, “I don’t want to query three different network monitoring tools and manually correlate the results when investigating an incident.” 

There are scenarios in which using the native monitoring capabilities provided by each separate cloud platform will make sense. The built-in cloud platform monitoring solutions  offer visibility specific for the cloud platform but on the downside, they are often complex to configure and use, and the costs can spiral very quickly depending on the monitoring traffic that is captured and stored. Not to forget the hassle of multiple tools if you use various cloud providers, as the security analyst quoted above lamented. Using these native tools is best reserved for mission-critical services where you need instant notifications when something goes wrong. Or possibly for use on cloud data ingestion points to monitor traffic entering your services from the Internet. 

Flowmon Simplifies Hybrid Infrastructure Monitoring 

Fortunately, there is a middle way between the separate cloud platform monitoring solutions but complex and expensive tools and the complete loss of visibility into hybrid cloud infrastructure.  

In addition to their built-in monitoring tools, the cloud platforms also generate and make available flow logs. These contain information similar to NetFlow data, and using these makes Flowmon the perfect tool to return this control back to you so you can keep your cloud/hybrid infrastructure functioning securely and problem-free.   

Flow logs in cloud platforms provide network telemetry that Flowmon can ingest, normalize, store, analyze, and report on for organizations. Once configured and combined with Flowmon Probes, if appropriate, system administrators can use Flowmon to analyze flow data to provide visibility into their cloud traffic across platforms. This can also incorporate on-premise infrastructure to support hybrid multi-cloud monitoring for a much lower cost than using separate native monitoring options. While also providing a single source of truth for the state of the hybrid network. 

Figure 1 below shows the overall concept of a hybrid deployment with a Flowmon Collector as a central aggregator gathering metadata from Probes at various locations in the hybrid network combined with native flow logs from cloud platforms. 

A deployment should include Flowmon Probes if you need: 

  • Highly reliable and accurate data for advanced network analytics and network performance metrics. 
  • In-depth visibility into network traffic, including application-layer visibility (L7 protocols). 
  • The advanced functionalities provided by Flowmon Application Performance Monitoring (APM) and Flowmon Packet Investigator (FPI). 

Our blog from March 2022, titled How to Optimize Cloud Monitoring Costs Using Flow Logs in Progress Flowmon, dives into this topic in more depth and does a cost comparison based on using Probes and Flow Logs on Google Cloud. Making use of flow logs where appropriate can reduce the costs by 89%.  

Final Thoughts 

Using multiple cloud providers is the new normal for many organizations. The present and the future is hybrid! It is vital to ensure your IT team has visibility into all the public providers and on-premise infrastructure via a combined and easy-to-use monitoring solution. Flowmon’s network monitoring solutions deliver this at a cost level that is significantly lower than native monitoring tools on each platform.  

Flowmon 12 is an industry-first solution that is capable of leveraging all the existing network telemetry sources (VPC flow logs) provided by AWS, Azure, and Google Cloud together will all standard on-premise flow sources such as routers, switches, packet brokers, firewalls, etc. Flowmon provides superior visibility into cloud and on-prem environments by leveraging existing network telemetry sources or using its purpose-built lightweight  Flowmon Probes. It is the go-to tool to achieve a consistent level of network visibility into hybrid environments via a single pane of glass. 

Visit the Progress Flowmon website to find out more details about the solution, or contact us to set up a Trial of Flowmon in your environment. 

Explore the Flowmon interactive demo

Experience a fully interactive product demo to see what issues Flowmon can tackle for you.

Launch Demo

Flowmon ADS

Detect and Stop ransomware!

Launch more

Request free trial

Get no-obligation 30-day trial of Flowmon in your network.

Get your trial today