How to integrate essential cloud visibility into your security strategy

July 10, 2019
Surveys show that organizations must understand potential risks as they migrate to the cloud

Cloud adoption has skyrocketed as organizations have prioritized cloud strategies and moved key applications to shared resources. The 2019 RightScale State of the Cloud survey found that 94 percent of IT professionals surveyed use clouds to run their business. Public cloud usage was reported at 91 percent, and private cloud usage at 72 percent. The survey also found that companies run most of their workloads in the cloud, with 38 percent in public cloud and 41 percent in private cloud or virtual environments.

Once you begin using the cloud, you lose some of the control you once had over enterprise security. A recent survey sponsored by Ixia, a Keysight Business, found less than 20 percent of cloud users have the data they need to adequately monitor their public cloud environments. A majority (87 percent) are concerned their lack of visibility is masking security threats. With critical applications running on public cloud infrastructure, organizations must improve their monitoring ability to ensure the security of data and applications in the cloud.

As organizations use clouds to move faster and reduce infrastructure costs, they must also consider the additional risks and challenges of using public cloud infrastructure. The following are four top concerns regarding security in the cloud:

1.   Loss of direct packet access

Once you give up ownership and control of the infrastructure hosting your applications, you lose direct access to the network traffic moving through your enterprise. Without access to network packets, your advanced security solutions do not have the data they need to work effectively. Cloud providers may supply summarized network data or policy violations, but this information is insufficient against sophisticated attacks. Security solutions need granular, packet data to identify threats and perform forensic analysis.

2.    Blind spots in your enterprise network

Areas where you are not consistently and thoroughly monitoring network traffic are blind spots in your enterprise. These are areas where hackers can enter and lurk in the network without being discovered. Cloud resources that are not monitored increase the risk of security breach or data loss.

3.    The expanded attack surface

Experts advise security professionals to pay attention to the expanded attack surface resulting from cloud adoption. Shared infrastructure and cloud-based applications that are not managed carefully can provide an entry point for hackers. Out-of-date access control lists, unpatched software, and incorrectly configured cloud resources have resulted in widely-publicized data breaches. The cloud expands the potential for poor cyber hygiene to cause serious harm.

4.    Accessing data center security solutions

As organizations migrate to the cloud, they may want to use security solutions deployed in their data center to inspect and analyze cloud traffic as well. Continuing to use these solutions eliminates the need to purchase and deploy all new cloud-based security solutions. The challenge is to find a way to cost-effectively and securely transfer data from the cloud to the data center for monitoring.

Effective and Efficient Cloud Security

The key to overcoming security challenges is to establish complete visibility to what is happening in your clouds. A cloud visibility platform provides access to network packets from any cloud, prepares and filters the packets to help your tools work efficiently, and automatically delivers relevant data to each monitoring solution. Strengthen security in your clouds by integrating a visibility solution that will:

  • Access packets from any platform

Traditional network taps intercept traffic as it moves between actual physical network devices. This approach doesn’t work in the cloud. Instead, a cloud visibility platform gives you access to network packets from every cloud platform. That includes packets from private clouds running on your choice of hypervisor. It also includes traffic from every one of your public cloud environments. A cloud visibility platform can aggregate packets from multiple clouds with packets from on-premises infrastructure, for total network visibility.

  • Make scalability non-negotiable

You need a visibility platform that can keep up with your expanding enterprise. Cloud-native visibility solutions use sensors and container technology to automatically activate visibility inside every cloud instance you create, with no additional infrastructure required. That means visibility scales without limit and ensures no clouds are overlooked.

  • Groom and filter data before monitoring

A high-performance visibility platform will not only aggregate packet data from multiple data sources but manipulate and filter the data to make it easier for security solutions to process. Today’s visibility solutions can remove redundant packets, decrypt secure packets, strip away unnecessary headers, and filter packets based on characteristics, such as origin location, user type, user device, or application. Offloading functions like these from expensive security solutions, preserves their capacity for deeper packet analysis. With fewer packets to process, monitoring solutions are more efficient, cost less to operate, and are less likely to suffer congestion or failure.

  • Deliver data securely to the data center

You may have a critical security solution in your data center that is not available as a cloud-based solution. A cloud visibility platform lets you deliver filtered data from the cloud back to the data center with complete security.

  • Increase monitoring efficiency

Organizations use many security solutions, and many of them process the same traffic. Rather than passing traffic from tool to tool, you can increase efficiency by delivering filtered data to all tools simultaneously using a cloud visibility platform. Pre-set policies determine the data that each tool receives. More efficient processing accelerates the identification and resolution of security issues.

Clouds are an integral part of enterprise IT and a target for hackers. Enterprises that ensure cloud visibility is integrated into their security architecture will be in a much better position to identify potential threats and prevent data loss.

About the Author: Lora O’Haver is a senior solutions marketing manager at Keysight, with over twenty-five years of experience in enterprise computing, networking, and cloud technologies.O'Haver is responsible for marketing Keysight’s network visibility and security solutions and is passionate about translating product capabilities into solutions that solve business and technology challenges.  

She regularly produces articles, blogs, white papers, and presentations on topics related to network security and management, particularly in hybrid IT environments. O'Haver joined Keysight through the acquisition of Ixia in 2017 and previously held a variety of senior marketing positions at Cisco and HP.