For the first time in history, scientists recently captured an image of a black hole. Proving – that it’s amazing what you can see when you apply the right technology.
Back here on Earth, enterprises struggle with seeing what’s going on with their applications while they’re moving them or after they’ve moved them to the cloud.
The main problem is that older technologies for examining application performance in the cloud don’t work well and are incredibly expensive to implement. It’s like trying to see a black hole in deep space with a telescope developed by Galileo. The other part of the equation here is knowing that a better approach has been developed and what it is.
Traffic between users and the cloud or SaaS applications falls into two categories. One is the path between the user and the cloud access tier, which is known as North-South traffic. And the second is server to server, or backend, traffic – known as East-West traffic.
Traditional performance monitoring tools such as Real User Monitoring (RUM) and synthetic performance monitoring have been traditionally used to monitor North-South traffic performance and detect performance problems. These tools still work fine for cloud North-South traffic monitoring, but where visibility gets lost in the cloud is for East-West or server to server cloud traffic.
On premise, you can monitor server to server traffic with a combination of traditional NPM and APM tools to obtain solid, but uncorrelated East-West traffic visibility. When you shift to the cloud, you lose the unrestricted access to the network traffic between those systems. That means it’s hard to add network TAPS or mirror ports to capture server to server traffic – at least not without extensive and costly modifications.
What’s needed is a new performance monitoring paradigm. One that’s specifically designed for the cloud and not an on premise tool that has been somewhat retrofitted for the cloud. It needs to take advantage of all of the benefits provided by the cloud, such as elasticity, while completely monitoring all aspects of East-West and North-South traffic
Capturing East-West traffic
There are two ways to capture network and application traffic in virtualized and cloud environments. They are 1) forwarding traffic from the VM using a packet broker and a dedicated capture appliance and 2) deploying Accedian’s agentless Skylight network and application performance management (NAPM) solution.
Forwarding traffic from the VM
With traditional packet capture tools, traffic is forwarded from each virtual machine through the virtual switch to a dedicated network interface card (NIC). From there, data is sent to a packet broker and then to a capture appliance, where the data is aggregated and analyzed.
The problem with this approach is that it requires each VM to have physical interface (NIC). If you’re trying to capture traffic from a couple of dozen virtual hosts with 10 Gbps connections, then you will need the same number of 10 Gbps interfaces. These are expensive devices.
Add in the cost of a packet broker and a high capacity capture appliance, which are also expensive. This method assumes that you are even granted the right to install NICs in the cloud servers – essentially impossible. And, what do you do when you have to add more server capacity to handle a surge in application demand? How do you scale it back when the demand drops? Installing NICs in cloud servers isn’t really a viable solution. It totally subverts the entire ‘elastic’ computing model that cloud infrastructure provides.
Also, unfiltered 10 Gbps network traffic for that many NICs is a lot of traffic. Sending that amount of information over the cloud backend network will likely degrade your applications performance, but could also degrade the performance of other cloud tenants – a set of circumstances the cloud provider would not be happy with and would frankly not allow.
Obviously, adding NICs to cloud infrastructure isn’t the answer.
A new performance monitoring solution for East-West traffic monitoring in the cloud has to be designed to fit in with the advantages and constraints of the cloud. Retrofitting hardware-intensive monitoring tools doesn’t meet that need.
Accedian approach with Skylight
Skylight NAPM is specifically designed for the cloud. It enables IT operations to capture all North-South and East-West network and application traffic for a wide range of topologies – virtualized, cloud environments, and software-defined networks (SDN/SD-WAN).
Skylight is a software app that runs inside a VM with your applications. It passively captures network traffic for the applications it monitors, ensuring that it doesn’t interfere with application performance. It turns captured traffic into highly condensed metadata which is about .2% – 0.5% of the observed traffic. For a 10Gbps link, that’s about 2 to 5 Mbps, a fraction compared to unrefined network traffic.
What are the challenges around SaaS Traffic Analysis?
Captured traffic compression is what truly makes Skylight unique and extremely compatible with cloud environments. A new virtual appliance (VA) can also be instantiated within seconds to monitor any new deployment, ensuring that Skylight scales with the same elasticity that cloud infrastructure provides.
Skylight provides 100% visibility for all East-West network traffic flows and application performance metrics.
By using the right technology for the cloud, you’ll be amazed by what you can see.