Today, cloud-based firewalls are commonly deployed to protect cloud subnet boundaries. They are also going to be called upon to operate as secure networking gateways. In this incarnation, they must provide copies of traffic passing across a public / private boundary to 3rd party network sensors. These sensors will subsequently perform functions like out-of-band traffic inspection (IDS), network metadata collection, real-time and/or forensic analyses for security threat responses, machine learning, anomaly detection and more. In order for these sensors to do their job effectively, the secure networking gateway must support high-throughput traffic mirroring under stringent packet size and encapsulation requirements. This type of use case is in TNSR’s wheelhouse.
Cloud Port Mirroring Pushes The Performance Envelope
Traffic collection, inspection and analysis has long been used in premises-based IT environments. But, as modern organizations increasingly move workloads into the cloud, those same 3rd party sensors will be expected to be just as effective in the cloud as they have been on customer premises. And the exodus from premises to cloud will only increase. In fact, 19% of business workloads are expected to be in the public cloud by the end of 2019, increasing to 50% by 2025.
So, are legacy port mirroring approaches ready to take on the cloud? If so, they must be capable of consuming and analyzing high volume network traffic - on the order of 10 Gbps to 120 Gbps per customer. What will supply that traffic to them?
Legacy Port Mirror Approaches Are Clunky
Port mirroring is not a new concept. There are a number of solutions on the market. But, these solutions typically require the deployment of an agent on each monitored VM. Customers would far prefer a solution that can transparently monitor at subnet boundaries - where the complexity and expense of agent deployment and management is avoided.
TNSR Provides a Modern Approach to Cloud Port Mirroring
Netgate’s TNSR enables an instant cloud gateway with built-in traffic monitoring. Fully 100% transparent, no agents are required, and no modifications to user-defined routes ends are required.
TNSR can transparently deliver pass-through traffic to 3rd party traffic analysis / inspection tools at rates up to 100 Gbps and beyond - either over GRE (ERSPAN) or VXLAN - depending on the public cloud service provider’s preference.
TNSR’s performance ensures both sides of a TCP conversation are visible for deep session inspection. Further, the solution can mirror north/south network ingress/egress traffic or application level east/west traffic.
Netgate’s TNSR is the high performance, low cost, operationally efficient alternative to legacy port mirror solutions - supporting virtually any out-of-band traffic capture and analysis use case required by customers or service providers.
- Cloud gateway with built-in traffic monitoring
- Pass-through traffic delivered to 3rd party traffic analysis / inspection tools at rates up to 100 Gbps and beyond
- No agents required
- No modifications to user-defined routes are required
- Delivery over GRE (ERSPAN) or VXLAN