Is There a Bandit in My Virtual Data Center? - How the Virtual Environment Affects Your Network
There must be a bandit, because someone has stolen my ability to monitor the network traffic between my CRM application and the database. Well, let’s think about this for a minute. The traffic itself hasn’t been stolen because no one is complaining about performance of the CRM application. So maybe it isn’t a bandit, but a hijacker? We did recently replace a number of aging servers with a virtual machine (VM), and wasn’t the CRM application one of the affected applications? Could the VM be my hijacker?
Hijacked indeed. As more companies transfer key data and applications to virtual environments, they are experiencing a loss of visibility. As streams of data begin to pass through the virtual machines in the same blade chassis, traditional network analysis solutions do not have the ability to capture this data. In essence, this creates a blind spot in the traffic flow between virtual servers because this ‘invisible traffic’ never crosses a physical NIC. Your virtual switches hijack your data. As a result, network engineers have little or no visibility into traffic among virtual servers and cannot troubleshoot, optimize or secure virtual server operations. The size of this blind spot is only destined to grow as enterprises continue to virtualize more and more of their data center operations.
Let us first take a step back. If you are unfamiliar with typical modes of capturing and analyzing network traffic, here is a quick explanation of how traffic is usually captured in your physical system.
Most often with network management (capturing the traffic that’s traversing your network), companies have a network management probe that hooks into an internet card, a physical switch or a network tap on a key network link. The probe then receives a stream of data that is monitored, allowing for detailed analysis and troubleshooting of issues. Since each server has its own physical link, network traffic is readily available to the network management probes.
But virtualization is all about consolidation, and data that once flowed freely between physical NICs, switches and routers are now passing through virtual switches, limiting the ability of traditional network management probes to see the data. This has many consequences - one major consequence is the lack of visibility into application performance issues. In the current virtual architecture there is no way to troubleshoot these issues.
So who is affected on the IT side? Network management is mainly controlled and conducted by network engineers, whose purpose is keeping the network stable and constantly monitoring for trouble. That means ensuring that minute issues like user frustration with slow networks to catastrophic issues like complete network outages don’t happen.
