Maintaining Network Performance And Security In Hybrid Cloud Environments

Hybrid Cloud Environments

After several years of steady cloud adoption in the enterprise, an interesting trend has emerged: More companies are retaining their existing, on-premise IT infrastructures while also embracing the latest cloud technologies. In fact, IDC predicts markets for such hybrid cloud environments will grow from the over $25 billion global market we saw in 2014 to a whopping $84 billion global market by 2019.

Hybrid cloud environments offer companies the resilience and scalability of the cloud, while also providing the compliance, availability and security typically found in on-premise infrastructures. For IT teams, hybrid infrastructures offer a variety of benefits. The on-premise infrastructure component offers secure, worry-free storage for confidential company information, for instance, and the cloud component offers the ability to easily build new networks and applications without having to worry about scalability, deployment or maintenance.


(Image Source: Shutterstock)

Perhaps the biggest benefit of hybrid cloud environments, however, is the cost savings. Instead of needing to devote entire IT teams and significant capital to build infrastructure that can withstand occasional bursts in network usage that may occur only very rarely, companies can leverage cloud technology to offload some of their heavy network traffic and only pay for it as needed.

Given the plethora of benefits hybrid cloud infrastructures can offer, it’s no wonder so many companies are embracing such environments. However, maintaining the performance and security of hybrid cloud environments can prove difficult. Cloud technology introduces critical security risks that can seriously harm a company’s financial state, not to mention their reputation and customer satisfaction levels. Additionally, the very nature of hybrid cloud environments can put pressure on network performance, which can lead to compromised service levels or even network downtime.

To maintain high performance levels in hybrid cloud environments while also protecting your company against cyber security risks, IT departments should adhere to the following four practices:

1. Prioritize network monitoring

To successfully manage hybrid cloud environments, IT teams need to embrace monitoring solutions that can provide actionable intelligence into the state of their networks, servers and applications. Consider implementing an automatic monitoring tool that can analyze network traffic patterns and offer end-to-end visibility into your applications (e.g. remote desktops or secure file services), your availability (e.g. windows servers, virtual machines, firewalls or load balancers) and your connectivity (e.g. internet-facing links, VPN tunnels to remote offices or interface status/statistics). To ensure critical infrastructure availability and security at all times, IT teams should continually monitor the following basic network components:

  • Routers, switches, firewalls, load balancers, intrusion prevention systemsInternet connectivity, VPN sessions, network traffic and flow records
  • Servers, remote desktops, virtual machines, applications

2. Collect network flow records


By collecting and analyzing network flow records (such as NetFlow, sFlow, J-Flow, and IPFIX), IT teams can view the overall usage of the LAN, WAN and internet, and also determine which users, applications and protocols are consuming the most bandwidth. To simplify network management, improve visibility into traffic and bandwidth usage, and drive performance, IT teams should collect network traffic information on the following:

  • Senders, receivers and conversations
  • Sender and receiver domains
  • Sender and receiver countries
  • Applications and protocols
  • Incoming and outgoing interface traffic
  • Incoming and outgoing interface utilization
  • Bandwidth usage by host and group

Additionally, IT teams should analyze network traffic based on flow data, and pinpoint any network users of non-business applications. Aligning this data with in-depth packet analysis is crucial for obtaining cohesive insights into overall network performance, which can also help reduce ISP costs.

3. Implement log management

IT teams can more effectively detect and alert on any unauthorized activity or security threats to their network by automating the collection, storage and back-up of logs. Some examples of log collection include server and application logs, security logs from firewalls, DDoS and intrusion prevention systems, Syslogs from any source, IIS web server logs, or secure file server logs. Be sure to track, alert and report on events like access and permission changes to Files, Folders and Objects, and always collect the most common log types such as Syslog, Microsoft event or W3C/IIS to help identify potential threats to your network.

With automated log collection and analysis, IT teams can proactively detect any unusual activity on their network and immediately rectify the situation. Additionally, they can leverage log management data to produce monthly reports to provide evidence for audit and compliance purposes at the corporate or executive level.

4. Run penetration tests

In order to discover any network blind spots that hackers could use to gain access to sensitive company information, IT teams should regularly run network penetration tests.

When properly performed, such testing can:

  • Determine the feasibility of certain attack vectors
  • Assess the magnitude of operational impacts by successful attacks
  • Provide evidence that your department needs a larger budget
  • Test the department’s ability to detect and defend against agile attackers
  • Identify vulnerabilities that a simple scan or security assessment might miss
  • Help meet industry compliance specifications such as PCI DSS and/or HIPAA

IT teams should also test their company’s security incidents identification and response capabilities, as well as employee security awareness and security policy compliance. Consider leveraging free, open source penetration testing tools such as Metasploit or BackTrack, as such solutions can help IT teams think like hackers and stay ahead of any potential network threats.

The benefits of hybrid cloud infrastructures are undeniable. Such environments can provide companies with impressive scalability, availability and efficiency, while also offering significant cost savings. However the security risks hybrid environments can introduce need to be taken seriously, as even the smallest network vulnerability can lead to dire consequences. Case in point: The Ponemon Institute recently calculated that the average cost to respond and remediate a network data breach averages companies over $3 million.


Don’t jeopardize the health of your hybrid cloud environment and the future of your company. Implement flexible and comprehensive monitoring solutions to analyze your network and keep tabs on your applications, availability and connectivity. Analyze network flow records and automate the collection of logs. Lastly, run network penetration tests in order to find any infrastructure vulnerabilities and determine their specific risk. In doing so, your company can realize the benefits of hybrid cloud environments while also maintaining optimal performance and security.

By Nirav Shah,

Business Line Director, Network Management Products at Ipswitch


Established in 2009, CloudTweaks is recognized as one of the leading authorities in cloud connected technology information and consultancy services.

Are you a cloud services expert in a world of digital transformation? If so, contact us for information on how to become part of our growing cloud consultancy ecosystem.


Salesforce Gets Serious About Its Security Ecosystem

Salesforce Gets Serious About Its Security Ecosystem

Security Ecosystem Salesforce is one of the fastest growing enterprise software companies in history and while security is a major ...
The Security Gap: What Is Your Core Strength?

The Security Gap: What Is Your Core Strength?

The Security Gap You’re out of your mind if you think blocking access to file sharing services is filling a ...
Key Cloud Office Trends For 2016

Key Cloud Office Trends For 2016

Cloud Office Trends The mass migration to the cloud is well under way and will only accelerate. Two giants continue ...
Cloud Services Are Vulnerable Without End-To-End Encryption

Cloud Services Are Vulnerable Without End-To-End Encryption

End-To-End Encryption The growth of cloud services has been one of the most disruptive phenomena of the Internet era.  However, ...
Cloud Proofing Future Business Challenges

Cloud Proofing Future Business Challenges

Coping with Cloud Challenges Hardly a week goes by without coming across news around the increase in the number of ...
The Paradigm Shift In Enterprise IT Operations Management

The Paradigm Shift In Enterprise IT Operations Management

IT Operations Management Rapid change is the new constant with today’s Enterprises. There is a continuous shift in the technology ...


Dropbox heads for trading debut after upsized IPO pricing

Dropbox heads for trading debut after upsized IPO pricing

(Reuters) - Having topped expectations with the upsized price of its initial public offering, Dropbox Inc on Friday faces its next big challenge: a successful launch of trading when global stock markets are the defensive ...
IDC Report: Smart Cities Initiatives to Reach $28.3 Billion in 2018

IDC Report: Smart Cities Initiatives to Reach $28.3 Billion in 2018

First-ever IDC Smart Cities Spending Guide Expects Technologies Enabling Smart Cities Initiatives to Reach $28.3 Billion in 2018 SINGAPORE, March 23rd, 2018 – Asia/Pacific (excluding Japan) on the technologies that enable Smart Cities initiatives is expected ...
BMW delays electric car mass production until 2020 for cost reasons

BMW delays electric car mass production until 2020 for cost reasons

FRANKFURT (Reuters) - BMW has held back the mass rollout of electric cars until 2020 because current fourth generation electric car technology is not profitable enough for volume production, Chief Executive Harald Krueger said. “We ...
Rackspace Extends Managed Security to Google Cloud Platform

Rackspace Extends Managed Security to Google Cloud Platform

SAN ANTONIO, March 21, 2018 (GLOBE NEWSWIRE) -- Rackspace® announced today that Managed Security and Compliance Assistance for Google Cloud Platform (GCP) is now available for preview to new and existing customers that use Rackspace Managed Services for GCP ...
Google classroom

Helping G Suite customers stay secure with new proactive phishing protections and management controls

Security tools are only effective at stopping threats if they are deployed and managed at scale, but getting everyone in your organization to adopt these tools ultimately hinges on how easy they are to use ...
Gartner Says Worldwide IoT Security Spending Will Reach $1.5 Billion in 2018

Gartner Says Worldwide IoT Security Spending Will Reach $1.5 Billion in 2018

By 2021, Regulatory Compliance Will Become the Prime Influencer for IoT Security Uptake Internet of Things (IoT)-based attacks are already a reality. A recent CEB, now Gartner, survey found that nearly 20 percent of organizations ...