Hybrid Cloud Environments
After several years of steady cloud adoption in the enterprise, an interesting trend has emerged: More companies are retaining their existing, on-premise IT infrastructures while also embracing the latest cloud technologies. In fact, IDC predicts markets for such hybrid cloud environments will grow from the over $25 billion global market we saw in 2014 to a whopping $84 billion global market by 2019.
Hybrid cloud environments offer companies the resilience and scalability of the cloud, while also providing the compliance, availability and security typically found in on-premise infrastructures. For IT teams, hybrid infrastructures offer a variety of benefits. The on-premise infrastructure component offers secure, worry-free storage for confidential company information, for instance, and the cloud component offers the ability to easily build new networks and applications without having to worry about scalability, deployment or maintenance.
Perhaps the biggest benefit of hybrid cloud environments, however, is the cost savings. Instead of needing to devote entire IT teams and significant capital to build infrastructure that can withstand occasional bursts in network usage that may occur only very rarely, companies can leverage cloud technology to offload some of their heavy network traffic and only pay for it as needed.
Given the plethora of benefits hybrid cloud infrastructures can offer, it’s no wonder so many companies are embracing such environments. However, maintaining the performance and security of hybrid cloud environments can prove difficult. Cloud technology introduces critical security risks that can seriously harm a company’s financial state, not to mention their reputation and customer satisfaction levels. Additionally, the very nature of hybrid cloud environments can put pressure on network performance, which can lead to compromised service levels or even network downtime.
To maintain high performance levels in hybrid cloud environments while also protecting your company against cyber security risks, IT departments should adhere to the following four practices:
1. Prioritize network monitoring
To successfully manage hybrid cloud environments, IT teams need to embrace monitoring solutions that can provide actionable intelligence into the state of their networks, servers and applications. Consider implementing an automatic monitoring tool that can analyze network traffic patterns and offer end-to-end visibility into your applications (e.g. remote desktops or secure file services), your availability (e.g. windows servers, virtual machines, firewalls or load balancers) and your connectivity (e.g. internet-facing links, VPN tunnels to remote offices or interface status/statistics). To ensure critical infrastructure availability and security at all times, IT teams should continually monitor the following basic network components:
- Routers, switches, firewalls, load balancers, intrusion prevention systems Internet connectivity, VPN sessions, network traffic and flow records
- Servers, remote desktops, virtual machines, applications
2. Collect network flow records
By collecting and analyzing network flow records (such as NetFlow, sFlow, J-Flow, and IPFIX), IT teams can view the overall usage of the LAN, WAN and internet, and also determine which users, applications and protocols are consuming the most bandwidth. To simplify network management, improve visibility into traffic and bandwidth usage, and drive performance, IT teams should collect network traffic information on the following:
- Senders, receivers and conversations
- Sender and receiver domains
- Sender and receiver countries
- Applications and protocols
- Incoming and outgoing interface traffic
- Incoming and outgoing interface utilization
- Bandwidth usage by host and group
Additionally, IT teams should analyze network traffic based on flow data, and pinpoint any network users of non-business applications. Aligning this data with in-depth packet analysis is crucial for obtaining cohesive insights into overall network performance, which can also help reduce ISP costs.
3. Implement log management
IT teams can more effectively detect and alert on any unauthorized activity or security threats to their network by automating the collection, storage and back-up of logs. Some examples of log collection include server and application logs, security logs from firewalls, DDoS and intrusion prevention systems, Syslogs from any source, IIS web server logs, or secure file server logs. Be sure to track, alert and report on events like access and permission changes to Files, Folders and Objects, and always collect the most common log types such as Syslog, Microsoft event or W3C/IIS to help identify potential threats to your network.
With automated log collection and analysis, IT teams can proactively detect any unusual activity on their network and immediately rectify the situation. Additionally, they can leverage log management data to produce monthly reports to provide evidence for audit and compliance purposes at the corporate or Executive level.
4. Run penetration tests
In order to discover any network blind spots that hackers could use to gain access to sensitive company information, IT teams should regularly run network penetration tests.
When properly performed, such testing can:
- Determine the feasibility of certain attack vectors
- Assess the magnitude of operational impacts by successful attacks
- Provide evidence that your department needs a larger budget
- Test the department’s ability to detect and defend against agile attackers
- Identify Vulnerabilities that a simple scan or security assessment might miss
- Help meet industry compliance specifications such as PCI DSS and/or HIPAA
IT teams should also test their company’s security incidents identification and response capabilities, as well as employee security awareness and security policy compliance. Consider leveraging free, open source penetration testing tools such as Metasploit or BackTrack, as such solutions can help IT teams think like hackers and stay ahead of any potential network threats.
The benefits of hybrid cloud infrastructures are undeniable. Such environments can provide companies with impressive scalability, availability and efficiency, while also offering significant cost savings. However the security risks hybrid environments can introduce need to be taken seriously, as even the smallest network vulnerability can lead to dire consequences. Case in point: The Ponemon Institute recently calculated that the average cost to respond and remediate a network data breach averages companies over $3 million.
Don’t jeopardize the health of your hybrid cloud environment and the future of your company. Implement flexible and comprehensive monitoring solutions to analyze your network and keep tabs on your applications, availability and connectivity. Analyze network flow records and automate the collection of logs. Lastly, run network penetration tests in order to find any infrastructure vulnerabilities and determine their specific risk. In doing so, your company can realize the benefits of hybrid cloud environments while also maintaining optimal performance and security.
By Nirav Shah,
Business Line Director, Network Management Products at Ipswitch