In order to keep a network healthy and running properly, the components that make up the network must be regularly monitored and analyzed. Keeping track of the nitty gritty details of what is happening on your network can help you prevent downtime and ward off any issues before they start becoming a huge problem. Also, regular monitoring and maintenance can notify you of problems as soon as they occur so you can fix them before they start to really affect productivity for the business.
Proper network monitoring is a key requirement both on premises -- and in the cloud. With the latter in mind, Google Cloud Platform recently announced VPC (Virtual Private Cloud) Flow Logs to provide responsive flow-level network telemetry for GCP environments, creating logs in five-second intervals. The new logs will also allow you to collect network telemetry at various levels. You can choose to collect telemetry for a particular VPC network or subnet or drill down further to monitor a specific VM Instance or virtual interface, the company claims.
VPC Flow Logs can track:
- Internal VPC Traffic
- Flows between your VPC and on-premises deployments over both VPNs and Google Cloud Interconnects
- Flows between your servers and any internet endpoint
- Flows between your servers and any Google services
According to Google, VPC Flow Logs natively lets you export this data in a highly secure manner to Stackdriver Logging or BigQuery. Or using Cloud Pub/Sub, you can export these logs to any number of real-time analytics or SIEM platforms.
A few of the operational tasks you can perform with VPC Flow Logs:
- Network monitoring - VPC Flow Logs allows you to monitor your applications from the perspective of your network. From performance to debugging and troubleshooting, VPC Flow Logs can tell you how your applications are performing, to help you keep them up and running, and identify what changed should an issue arise.
- Optimizing network usage and egress - By providing visibility into both your application’s inter-region traffic and your traffic usage globally, VPC Flow Logs lets you optimize your network costs by optimizing your bandwidth utilization, load balancing and content distribution.
- Network forensics and security analytics - VPC Flow Logs also helps you perform network forensics when investigating suspicious behavior such as traffic from access from abnormal sources or unexpected volumes of data migration. The logs also help you ensure compliance.
- Real-time security analysis - With the Cloud Pub/Sub API, you can easily export your logs into any SIEM ecosystem that you may already be using.
Google states that one of their key goals in creating VPC Flow Logs was to allow you to export your flow logs to partner systems for real-time analysis and notifications. At launch, the logs will integrate with two leading logging and analytics platforms: Cisco Stealthwatch and Sumo Logic. Through these integrations, network administrators can attempt to maintain the high operating level that is required of today's business IT environments.
