Simple, Secure, Scalable Monitoring for Azure Cloud

As adoption of Microsoft Azure cloud accelerates, IT organizations are now seeing the need to monitor workloads running within the public cloud, just as they monitor their on-premises data center workloads. For most organizations this means flow-level and deep-packet monitoring for security, troubleshooting, and application performance of their Azure workloads. Microsoft and Big Switch Networks are collaborating to provide the same level of comprehensive packet and flow-level visibility within Azure as customers have enjoyed for many years within enterprise data centers.

Solution Overview

Big Monitoring Fabric – Public Cloud (BMF-PC) is a cloud-first network packet broker that enables highly simplified and elastically scalable security and performance monitoring of organizations’ workloads hosted on the Azure public cloud and selectively delivers them to multiple cloud security, performance and compliance tools. Powered by a centralized cloud controller, BMF-PC brings comprehensive packet/flow-level visibility to the organizations’ Azure workloads comparable to the visibility of on-premises deployments.

The newly announced Azure Virtual Network (VNet) Terminal Access Point (TAP) feature allows customers to enable mirroring of their virtual machine network traffic to a network packet broker or a packet collector. The BMF-PC is integrated with Microsoft’s VNet (Virtual Network) APIs to offer customers a solution to monitor workloads on Azure cloud. The Big Mon solution offers a single pane of glass to monitor Azure workloads by providing a mechanism to selectively copy and filter packets from any of the virtual machines within Azure and deliver them to third party tools in the cloud. This cloud-first NPB solution is also capable of advanced NPB features such as advanced packet filtering and analytics.

The solution consists of a Big Mon subnet within Azure, which hosts the following entities:

  • Big Mon Controller, an SDN controller, which integrates with Microsoft Azure VNet APIs to configure the monitoring workflows
  • Virtual switches, which receive the tunneled traffic from the Azure production VMs and performs advanced packet filteringg
  • Analytics VM that provides deep analytics capabilities, such as top talkers, anomaly detection, etc.

The integration with Azure VNet APIs makes this a turn-key solution, eliminating the need for custom scripts, agents, workflows, or specialized tools to monitor workloads in Azure.

Figure: Monitoring of Multiple Azure VNets with Big Mon

Solution Benefits

  • Secure and Dedicated Solution Within Azure
    The solution offers local, dedicated, secure VNet-based network packet broker capabilities for centralized monitoring of all VMs in VNets within the user’s Azure account. Keeping traffic local enables reduced costs and security.
  • Single Pane of Glass Management
    The Big Mon-PC controller acts as a centralized and intuitive management pane for creating the entire monitoring workflow—from selecting the Azure workloads to monitor, to the rules for selective filtering and other packet functions, all the way up to the monitoring tools to deliver the packets.
  • Shared Infrastructure to Eliminate Tool Silos
    Multiple organizations (for example, security ops, network ops, and compliance) can leverage the same Big Mon-Azure monitoring infrastructure and can create monitoring policies depending on their access rights and roles to deliver traffic to the respective set of tools of their interest. This eliminates the tool sprawl that often results as individual tools proliferate and as monitoring needs grow across multiple teams.
  • On-Demand Elastic Scaling
    Supports automatic and non-disruptive monitoring of new instances in the Azure network. This is made seamless with the on-demand, customer-defined horizontal scaling of virtual switches in the Azure VNet.
  • Integration with Multi-Cloud Director
    Integrates with the Big Switch Networks Multi-Cloud Director for centralized hybrid cloud management across both Azure and on-premises environments.

Contact Us for more details