Network Troubleshooting in the Multicloud World

Modern applications have transformed how the world conducts business — driving unprecedented agility and innovation that push the boundaries of what’s possible. However, as applications continue to extend beyond private data centers and spread across multiple cloud service providers and in edge devices, organizations have lost critical visibility into these distributed environments. This observability gap has made it increasingly difficult — if not impossible — for network teams to diagnose application availability issues across multicloud, hybrid environments. In words familiar to the CCIE, “How does one plug a packet sniffer into the cloud?”.

At Cisco, we believe that innovation doesn’t have to come at the expense of a resilient network, and we’re teaming up with like-minded technology partners who share this core value. I’m excited to announce new integrations between Cisco and Amazon Web Services (AWS) that give network teams the visibility they need to quickly and accurately troubleshoot application availability issues across today’s dynamic multicloud networks.

Kernel-level visibility delivers true network observability

Multicloud visibility starts with deep workload observability applied at the kernel level. Isovalent (recently acquired by Cisco) are the co-creators of eBPF, Cilium and Tetragon — technologies that are already the de facto standard for cloud-native networking and security. For Kubernetes users, including those running on AWS Elastic Kubernetes Service (Amazon EKS), eBPF-based Cilium delivers networking, security and observability natively within Kubernetes environments. Every time a process reads a file, spawns another process or opens a network connection, eBPF code embedded in Cilium executes in the kernel, allowing it to gather detailed telemetries — such as TCP and UDP protocol data, packet loss and latency. Cilium is an open-source community project supported by Cisco. In addition, Isovalent Enterprise is offered as a step-up with additional capabilities in networking, observability and security.

The new integration between Isovalent Enterprise and AWS pushes networking telemetry directly to Amazon CloudWatch Network Monitoring where workload data can be correlated to actual network performance metrics in AWS environments. These insights can also flow into Splunk, where network teams can create unified dashboards that combine metrics from on-premises networks, cloud networks and application performance, and security teams can leverage this data for threat detection and policy enforcement.  Enriching workload visibility data with AWS network performance and making it available to Splunk enables real-time visibility into the entire AWS network fabric, giving network teams the level of observability and control they need to build and optimize truly agile environments that run today’s modern applications. 

The deep integration in practice

Let’s see how the Cisco and AWS integration would work in the real world. One of our financial services customers recently migrated a critical trading application to AWS. The application was written so that certain workloads run in the cloud for scalability while keeping sensitive data on-premises for compliance. Their network team had sophisticated tools for monitoring on-premises performance but found that they had gaps in their network visibility when traffic moved to the cloud. It became difficult to distinguish between application issues and underlying network problems. When users complained about performance, the network team couldn’t tell if the problem was their application, the AWS network or somewhere in between.  The new, deep integrations between Cisco and AWS give our customer’s networking team detailed insights into process-level activity within all workloads. This allows them to monitor network performance metrics, visualize the entire application path and correlate all the data for rapid troubleshooting — all in one central management plane. What used to take days of finger-pointing between teams now takes minutes to resolve.

Providing a breadth of assurance and security capabilities

In addition to the integration covered above, Cisco ThousandEyes is also announcing general availability of Cloud Insights later this month, a new multicloud product aimed at extending cloud infrastructure discovery and configuration changes to application performance. This new solution extends ThousandEyes’ well known path visualization capabilities into the AWS network and also correlates how traffic flow impacts application performance. By combining this with ThousandEyes’ existing network and application synthetics, you get true end-to-end assurance — from your data center, across the internet or Direct Connect and deep into the AWS infrastructure. 

Finally, Cisco Hypershield builds on top of Isovalent technology, delivers the visibility above, and provides security controls at the workload and network level across multi-cloud and hybrid environments. Hypershield uses enhanced telemetry, AI analysis and recommendations to simplify security via its first use cases: Autonomous Segmentation and Distributed Exploit Protection.

Our new approach

The Cisco and AWS integration is a radically new approach to ensuring the availability of modern applications in today’s multicloud, hybrid environments. Today’s announcement brings together deep workload visibility, network performance monitoring, and security in a way that’s never been possible before.

Are you at AWS re:Invent Dec 2–6,2024, Las Vegas, NV?  Please visit us at Cisco booth #1332 and Splunk booth #1342.

For more information:

We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!

Cisco Security Social Channels

Instagram
Facebook
Twitter
LinkedIn

Share: