Orchestrate and Extend Microsoft Azure VTAPs with Prisms

    by Erik Freeland 15 November 2018


    TL;DR: Microsoft announced the preview availability of Azure Virtual Network Taps at their recent Ignite conference. VTAPs replicate all traffic, without agents, from Azure VMs to destinations in the same or peered VNETs. Nubeva Prisms extends VTAPs capability for agentless packet access in Azure and provides critical scaling, filtering, processing and distribution capabilities that complement VTAPs. This is how they work together. If you would like early access to the Microsoft VTAPs preview, contact Nubeva.


    Do you want to see how Nubeva Prisms and VTAPs for Microsoft Azure instance? Talk to a Nubeva solutions expert today. No sales, just solutions.

     

    Let’s look deeper into some the specifications around VTAPs. VTAPs replicate 100% of the data sent and received by the VM. All of this data is then sent to just one destination inside the same Virtual network (VNET) or one location in a peered VNET only. This is a good start, but when you examine these specs a little closer, you start to see that VTAPs are only the start of the solution.

     

    Most IT groups out there have a lot of tools in their SOC and NOC. The networking team has their specific tools for analysis. Application development teams use very sophisticated tooling to ensure the health and availability of their apps. The security team has their own requirements and tools as well. It is not possible to use a single tool for all these teams and their myriad of requirements. This means that multiple teams have their own needs for examining the same resource running in the public cloud.

    Multiple data feeds to multiple tools without additional replication overhead is a key feature that Nubeva Prisms adds to Azure VTAPs. With the Nubeva Prisms Services Processor (PSP), Prisms will replicate incoming VTAPs to any number tools different teams require. In addition, Nubeva Prisms can even filter and process that traffic as well. If a special application performance tool only needs port 443, then the PSP can ensure no additional traffic is sent to the tool by mistake. This cuts down on CPU and memory usage at the destination as well as any data transit charges that might be incurred.

    Nubeva Prisms also enhances VTAPs by allowing you to send data to any destination. The destination could be simply in the same VNET. Or data could be sent across the globe to a SaaS service. You can send packet capture data across an ExpressRoute back to your on-premises Network Packet Broker (NPB) so it can be delivered to your expensive tool you haven’t migrated to the cloud yet.

    Nubeva Prisms also provides the simplest and easiest way to manage VTAPs, especially when you take the dynamic nature of the cloud. As new resources are added to your cloud, it is critical that your existing monitoring policies are followed. If you monitor all servers with the “finance” tag and a scaling event happens, those new finance servers must be monitored. Nubeva Prisms ensures that whatever your scaling policies, new resources will be automatically monitored as your policies dictate. As new VMs spin up that meet the monitoring policy, Prisms will trigger the creation of a VTAP and ensure that it is pre-configured with the relevant monitoring policy. Then the VTAP is attached to the network interface of the new VM. Now your tools receive the data required without any user intervention. Nubeva Prisms automates and orchestrates Microsoft Azure VTAPs. This makes it easy for Azure teams to take advantage of the new Virtual Network TAPs feature without spending a lot of time in front of the API. Because VTAPs are still in preview with only limited availability, Nubeva Prisms sensors can be used to tap Azure VMs and even AKS resources until VTAPs are available. Then the Prisms sensors can be set to automatically dissolve so that management is easy and switch-over is a painless experience.

     

    VTAPs are a fantastic new feature for Microsoft Azure. It provides a simple way to replicate data from a source. And when complemented with Nubeva prisms, you can easily see how we transform VTAPs from a straightforward feature, to a dynamic, auto-scaling solution to cloud visibility.

     

    Do you want to see how Nubeva Prisms and VTAPs work together in your Azure instance? Talk to a Nubeva solutions expert today. No sales, just solutions.

    Tags: vtaps Azure network security cloud taps cloud security Packet Visibility traffic visibility Cloud Packet Broker packet broker

    Want to learn more?

    Request a Demo

    Sign Up for FREE Trial

    Sign Up
    View video