Sneha Mirajkar, Cisco Systems India
As business workloads move to a public cloud, organizations must continue to maintain data and application security, optimize performance, and resolve issues as quickly as possible. However, getting access to large incoming traffic data in the public cloud can be a challenge and so is building strategies to access or tap traffic that is moving between cloud instances and then decide on a strategy for packet filtering and grooming to help the security and performance monitoring layer to work efficiently and cost-effectively.
This paper, in addition to exploring the pros and cons of different approaches to security and performance monitoring in the public cloud, also provides an insight into how a filter-scanner sitting in the cloud instance and a security layer between cloud instances can provide the required security not only to the tapped incoming traffic but also to the resting data, without compromising on the performance, mimicking the private cloud capabilities.
In a public cloud, traffic moving between different application and databases, referred to as east-west traffic is more difficult to intercept. When an organization uses a public cloud, the underlying infrastructure is completely transparent and seeing data is even more challenging. By embedding a network filter-scanner inside each cloud instance that is spun up, the filter-scanner can access all the data generated, eliminate all unnecessary info like duplications, erroneous data and more, in that instance and deliver it to security and performance layer, which then analyzes data packets/payload for anomalies and patterns in the data to enforces the business logic, i.e. ACLs to allow the request further or deny the same, creating incidents and reports to postmortem later, achieving security and performance at full strength in public cloud, preserving the benefits of cloud computing. Along with on-demand scalability, reduced time to resolution and easy operation on public cloud, which till now was limited to private cloud.
Key takeaways include:
- Increased Security in the public cloud with fault detection
- Incident Analysis and Reporting. East-west inter-VM traffic is 100 percent accessible and filterable
- Complete utilization of bandwidth and resources by filtering incoming traffic tapped or resting data
Sneha Mirajkar, 2019 Technical Presentation, Paper