Have you tried to gain visibility into your cloud environment? What do you use? How effective is it? Do you feel as if you have end-through-end, enterprisewide observability that covers your cloud environment as well as your on-premises data center, headquarters, and remote offices? Are there gaps in the observability strategy that should be addressed? How effective are your current tools in identifying and resolving performance problems fast?

These are exactly the kinds of questions any IT organization should be asking in an audit of its observability strategy. Research and surveys show that many organizations still lack cloud visibility, so we wanted to take a closer look at that issue.

Research Shows Importance of Cloud Observability to IT

Research from Enterprise Management Association (EMA) in its recent study “Enterprise Strategies for Hybrid, Multi-Cloud Networks” revealed that 49 percent of IT professionals in hybrid, multicloud environments view network flow data as critical for monitoring, troubleshooting, and optimizing their cloud networks. And another 38 percent identified packet data as equally important.

A noteworthy revelation in this study was that only 29 percent of the respondents reported being fully satisfied with their current monitoring tools. These findings highlighted the need for enterprises to reconsider their observability strategy and how they collect and analyze network traffic across their cloud environments. Network observability depends on good traffic data.

Subsequent to this April 2025 report, EMA published “Cloud Network Traffic Data: Empowering Network and Security Operations in the Hybrid, Multi-Cloud Era,” which provided in-depth analysis on methods used by enterprises to collect, store, and analyze real-time traffic data from their public cloud environments for enabling security and network operations teams.

Based on a survey of 250 enterprise IT and cybersecurity professionals, this EMA study revealed some very interesting findings:

• First, 92 percent of enterprises expect packet data to become more important to cloud net­work operations over the next two years.
• Second, 93 percent of enterprises expect packet data to become more important to cloud secu­rity operations over the next two years.

The Rise in Kubernetes Use

Infrastructure transformations and modernizations continue to be a priority for IT organizations. When it comes to orchestrating containers, many are implementing Kubernetes. This open-source system has seen its adoption grow significantly since its introduction and is projected to continue to increase at a compound annual growth rate (CAGR) of 23.4 percent by 2031, according to a recent report by Edge Delta.

The numbers of users are staggering, with more than 60 percent of organizations already adopting Kubernetes and 5.6 million developers using Kubernetes globally. At this point, Kubernetes has become the cluster manager of choice for more than 50,000 companies worldwide.

Kubernetes offers flexibility and scalability for deployment in private data centers, public cloud, or hybrid environments for both enterprises and service provider operations. However, the network complexity that comes with it can be challenging.

Why Is Observability Important in Kubernetes Environments?

Legacy monitoring tools lack the ability to provide visibility into dynamic Kubernetes environments where short-lived services, microservices-based architecture, and multicloud connectivity are the rule. This is why more modern approaches to observability have become so critical. Observability is proactive and context-aware, empowering operations teams to quickly identify issues and understand their causes.

Performance Use Cases for Kubernetes

It is worth exploring the different performance and availability use cases in enterprise and service provider environments.

Enterprises may have private data center networks, supporting both legacy systems and cloud deployments. Hybrid workloads are in private cloud environments where Kubernetes may coexist with virtual machines (VMs) and/or bare-metal servers. Observability needs to provide the same rich insights into legacy and private cloud data center technologies, regardless of the technology deployed—Red Hat OpenShift Container Platform, OKD (the community edition of OpenShift), or OSS Kubernetes/vanilla Kubernetes (the upstream version of Kubernetes).

Enterprises with public cloud deployments must contend with multiregion clusters and different managed services, such as AWS Elastic Kubernetes Service (EKS), Microsoft Azure Kubernetes Service (AKS), and Google Kubernetes Engine (GKE). And observability solutions must adapt to cloud-native APIs and services.

In both private and public cloud environments, observability solutions should:

• Correlate Kubernetes events with network events
• Map service dependencies
• Detect security threats, such as lateral movement or data exfiltration
• Enable automated troubleshooting and alerting

Enterprises often find observability in their Kubernetes environment particularly useful for visibility and control in networking, service discovery, and workload management. It helps:

• Developers deploying new services for alerting on regressions or misconfigurations of applications early in the lifecycle
• Development and operations (DevOps) for application performance tuning and service-level agreement (SLA) delivery
• Network operations (NetOps) for visibility to quickly identify, pinpoint, and resolve issues such as slow services, failed requests, or misconfigurations

In the case of service providers, whose scale and multitenancy environments differ from enterprises, Kubernetes observability is essential and helps:

• Monitor per-tenant traffic patterns
• Isolate faults quickly
• Enforce security and quality-of-service (QoS) policies dynamically

Does the Data Source Matter When It Comes to Observability?

EMA’s most recent “Cloud Network Traffic Data” report revealed that packet data will play a critical role in both network and security operations over the next several years. EMA also posited that there are challenges to collecting and analyzing packet data in the public cloud, including security risk, traffic encryption, and data quality.

Kubernetes networking is by nature dynamic. Pods are short-lived; IPs change constantly; and service-to-service communication can involve overlay networks, service meshes, and east-west traffic across clusters. Legacy tools are unlikely to be effective in this environment.

However, packet-based observability overcomes these characteristics with its ability to look at every packet sent across the environment. Every Domain Name System (DNS) lookup, Transport Layer Security (TLS) handshake, dropped packet, or application microburst is visible—because it’s in the packets. With full-packet monitoring and analysis—that is, deep packet inspection (DPI)—operations teams gain:

• Protocol-level visibility (not just L3/L4, but deep into HTTP, gRPC, DNS, and so forth
• Application performance insights, including retries, time-outs, and slow responses
• Real-time security detection, such as lateral movement, exfiltration, policy violations, or distributed denial-of-service (DDoS) activity
• Troubleshooting analysis including alerting, key performance indicators, error details, latency/jitter, and misconfigurations
  Recommendations

In private or public cloud environments, where observability has been a challenge, packets offer unmatched fidelity, accuracy, and context. Regardless of whether the requirement is for visibility in a single enterprise cluster or a multitenant platform serving thousands of customers, DPI-based observability delivers the real-time insight essential to optimize performance, reduce mean time to repair (MTTR), and enforce zero-trust policies.

Learn how NETSCOUT is overcoming this cloud visibility gap with the Omnis KlearSight Sensor for Kubernetes.