Amazon VPC Routing Enhancements Allow NETSCOUT to Inspect Traffic Between Subnets in a VPC

Amazon VPC Routing Enhancements Allow NETSCOUT to Inspect Traffic Between Subnets in a VPC
Ray Krug

As an Amazon Web Services (AWS) Advanced Technology Partner, NETSCOUT helps organizations gain the visibility they need to deliver advanced application troubleshooting based on a unique set of user experience metrics not typically available with existing tools.

These metrics, combined with the NETSCOUT nGeniusONE platform, provide visibility across complex interconnected hybrid AWS deployments and deliver common troubleshooting and performance analysis workflows to help companies streamline cloud migration initiatives with AWS “certified” success as part of the AWS Networking and Migration Competency programs. Our Smart Data technology, which is used by many Global 2000 enterprises and Tier 1 communications service providers (CSPs), helps network operations and security operations professionals deliver high-quality application performance and improve enterprise security across on-premises data centers and AWS cloud infrastructure.

By monitoring and capturing packet data traversing cloud environments and performing simultaneous deep-packet inspection and real-time analysis, NETSCOUT’s vSTREAM virtual appliance generates Smart Data at its point of collection. This Smart Data delivers a comprehensive view into the performance characteristics of all infrastructure and application components and their dependencies.

Since Smart Data is generated by processing and analyzing packet data, it is important to develop a packet acquisition strategy across hybrid cloud environments, particularly considering several factors driving increased traffic volumes in AWS virtual private clouds (VPCs).

The adoption of new microservices architectures increases traffic volumes in server farms or clusters of compute and application workloads in AWS VPCs. As enterprises and CSPs scale their deployments in AWS and across hybrid cloud environments, an increasing volume of traffic traverses VPC boundaries as well as traversing within VPCs. This trend is driven by accelerated workload migration to the cloud, which leads to frequent changes in service architectures.

Amazon VPC RoutingEnhancements

AWS’s recently announced VPC routing enhancements make it easy for customers to route traffic between two subnets in a VPC via virtual functions. This enhancement combined with Amazon VPC Traffic Mirroring allows NETSCOUT to effectively acquire traffic that traverses VPC boundaries and subnets within VPCs and route it to vSTREAM appliances for real-time analysis for service and security assurance.

With capabilities such as service chaining for inserting security devices between VPC subnets, these routing enhancements help customers broaden the deployment options for integrating network and security appliances within their network topology.

This provides customers more flexibility, making it easier for them to deploy production-grade applications with the networking and security services they require within their Amazon VPC.

Of course, with this flexibility and improved security posture comes even deeper and more pervasive monitoring. In conjunction with VPC Traffic Mirroring, NETSCOUT vSTREAM delivers advanced service performance and security assurance. This approach complements NETSCOUT’s embedded virtual appliances, which offer software-based instrumentation of application workloads.

NETSCOUT harnesses the new acquisition capabilities of both intra- and inter-VPC traffic in AWS to effectively deliver visibility without borders across on-premises data centers, cloud, and hybrid cloud. This includes visibility into applications and their dependencies and actionable intelligence necessary to assure end-to-end service performance and cybersecurity. With this visibility, enterprises and CSPs can effectively migrate their business applications to AWS and create connections to AWS Direct Connect.

Read more about Amazon VPC routing enhancements in this AWS blog.