Cloud Monitoring for Microsoft Azure

Comprehensive Visibility in Azure Cloud Environments

Microsoft Azure leads cloud migration with unmatched flexibility, scalability, and robust services. But maintaining observability and service availability is crucial to protecting customer satisfaction and brand reputation during this transition.

Azure Network Security Group (NSG) flow logs are essential for cloud visibility, offering insights into IPs, ports, protocols, and time-stamped traffic. Like traditional flow analysis, NSG flow logs empower cloud architects, NetOps, SecOps, and DevOps teams to mitigate risks and understand cloud activity.

The VIAVI Observer Platform simplifies hybrid visibility by seamlessly analyzing Azure NSG flow logs, ensuring secure, reliable communication from data center to cloud for a smooth migration experience.

Rising to the Cloud Visibility Challenges in Azure

As services migrate from on-premises data centers to the cloud, maintaining consistent visibility across the hybrid architecture becomes more challenging. While public cloud providers offer helpful tools and reports, the services and additional cost can vary significantly from one provider to the next. Flow data has been recognized as a reliable source of network truth by cloud architects, engineers, and IT teams for many years, providing consistent insight into traffic volumes, conversation details, and potentially harmful intrusions.

Comprehensive traffic visibility in Azure is essential when validating security parameters or determining whether the actual implementation matches the design intent of the environment. IT teams, including Cloud Architects, NetOps, SecOps, and DevOps specialists rely on this heightened visibility as they navigate the complexities of Azure cloud environments. Reliable service availability and enhanced security are among the many benefits of NSG flow log integration through Observer that also include:

• Compliance Insights: Flow logs provide detailed conversation data, which aids in the identification of traffic patterns that violate company policies and standards. Observer leverages NSG flow logs to validate the service architecture configuration and identify overly permissive settings. 
• Forensic Analysis: In the event of a security breach, stored flow log data becomes important forensic evidence, aiding in the understanding and investigation of malicious activities by providing a record of who was connected and where they were connected from.

By Leveraging this comprehensive visibility, IT professionals can effectively address the challenges of hybrid deployments that include Azure, ensuring consistent and secure service delivery in these evolving environments.

Bridging the Azure Visibility Gap

The Observer Platform brings enhanced, multi-faceted visibility to on-premises, cloud, and hybrid IT environments. Efficient workflows and intuitive dashboards fueled by three-dimensional data sources help to satisfy business goals while effectively overcoming IT challenges. Although Microsoft Azure does not provide native support for packet capture, Observer effectively utilizes NSG flow logs and enriched flow records to prevent Azure cloud environments from becoming network blind spots.

Observer collects detailed information about Virtual Machines and their associated accounts in Azure and efficiently ingests NSG flow logs from Azure Storage Containers. These logs, a key feature of Azure Network Watcher, track IP traffic through network security groups to provide real-time information and insight into network traffic and connectivity, including open internet ports, unusual network behaviors, and traffic spikes.

• Observer APEX: The centerpiece of the Observer platform is also the industry’s first performance monitoring solution to generate an End-User Experience score for every client/server transaction. Flexible dashboards support problem identification and root cause analysis based on all available data sources including flow, packets, and packet-derived metadata.
  
  APEX serves as an integrated platform for monitoring infrastructure and security. It also offers real-time visibility into critical cloud-based and on-premises applications. The platform excels in analyzing and troubleshooting performance issues through its patented End-User Experience scoring, while providing access to high-fidelity forensic data to support threat analysis and incident response.
• Observer GigaFlow: Enriched flow records integrate network, infrastructure, and user data into a single record carrying in-depth information that goes well beyond traditional traffic descriptions. GigaFlow ingests NSG flow logs to characterize Azure cloud environments and provide user-focused insights and connectivity data. 

Observer Apex and GigaFlow can be deployed in the cloud or on-premises. This flexibility empowers users to optimize their visibility while reducing their costs.