Why Every Multi-Cloud Environment Needs an Application Owner Dashboard
By James Pittman
Organizations have moved to multi-cloud environments to achieve the benefits of business resilience, agility, best-of-breed capabilities, compliance, and cost containment, or due to the result of a merger or acquisition. But distributed environments also introduce a lot of complexity that can make it hard to realize these benefits.
Customers tell us they are feeling the pain of having SaaS applications distributed across different clouds with multiple application owners responsible for different parts of the application and limited ability to monitor the services they manage. The network monitoring tools in their stacks tend to be built for security engineers or the compliance team with an audit focus, and not application owners. The application owners have insufficient visibility to perform the role they were given which puts their ability to contribute to the risk management of the environment in jeopardy.
How to monitor applications in multi-clouds
To address the pain, Netography built an application owner dashboard that leverages the flexibility of the Netography Fusion® platform to empower less technical users with the ability to monitor the parts of the application they are responsible for in their environment.
You can use your organization’s security policy to assign a level of access and provide application owners a bespoke view so they can monitor traffic flow to and from the systems they manage and make more informed decisions about updates or changes. Instead of the old way of relying on information from other people or stored in systems that haven’t been updated in years, they can see for themselves what is happening now and retrospectively across multi-cloud deployments.
At login users see:
- A list of IP addresses and ports with context to quickly understand what they can search on
- Simple instructions for how to search
- Graphical representation of the search results for visual thinkers
- A table with the mostly likely output formats for spreadsheets and reporting
Fusion empowers less technical users with the ability to monitor the parts of the application for which they’re responsible
Enabling business resilience
Within a few minutes of being able to monitor an application, application owners can validate how the service is operating now and look back at its entire data retention history. The organization can have an ongoing live view of the traffic hitting their servers, crowd sourced to the broader group of application owners – web front end services, database services, billing services, etc. – who can update their understanding of IP addresses ports, etc. used by their services, which in turn helps inform their roles in review, authorization, and approval.
Application owners now have the observability they need to be active participants in securing their environment and enabling business resilience.
Security teams also benefit by being able to secure multi-cloud environments. By having access to data validated by the application owners, security engineers and SOC operators can check against baseline reports when they receive an alert to see what’s normal and what isn’t, and more quickly trace when a change happened and why or remediate it.
Bridging cloud silos for additional value
It’s increasingly common for different pieces of applications to be siloed on different clouds. In fact, more than half (57%) of SaaS apps are developed and deployed this way. Additionally, multiple owners of different pieces of the application are each on the hook for their SLAs. So, every owner needs to make sure their portion is working as it should be. But processes start to fail when there are siloed tools and limited ability to monitor applications.
In addition to business resilience, there are other areas where our application owner dashboard helps organizations realize the objectives of their multi-cloud strategy:
Agility: The dynamic nature of the cloud makes it easy to auto scale and spin up or spin down services. Application owners have to ensure that changes and new services adhere to a list of approved ports and protocols. This is often challenging because the person who created the initial list is gone and no one can find it, or things have changed and the list can’t be trusted.
Best-of-breed capabilities: The web services team may know they have front end servers in Amazon Web Services (AWS), Google Cloud, and Microsoft Azure. However, the database team that is using Oracle Cloud can only observe that the database service is getting calls from a variety of locations that might be tunneling from cloud to cloud, which creates concern. With more layers of complexity – a different cloud for a different type of service – it becomes incredibly difficult to get a complete picture of what is happening.
Compliance: The tendency is to deliver services to your users and customers from the closest possible server. But you also need to uphold policies for compliance. For example, databases being used may need to be limited to certain regions for data privacy laws, so you need visibility application traffic to ensure compliance with regulatory and operational requirements.
M&A: In the wake of a merger or acquisition, when teams from two different organizations come together and try to do a handoff, it’s easy for things to fall through the cracks. You need a view across the estate, not just how traffic is flowing between applications and clouds but also if that flow is compliant or non-compliant with your policies.
Cost containment. When discussions turn to autoscaling and the associated expenses, application owners may think they need to scale up to meet SLAs, but it’s hard to know with certainty. If you’re working with hypotheticals and not looking at data, it’s difficult to determine if the volumetric increase in traffic is legitimate activity and if the added expense is justifiable, or if there is another reason why service levels are declining.
Empowering application owners to monitor applications in real-time and retrospectively is the antidote to the cloud’s ephemeral nature and the inherent risk it presents. Netography Fusion leverages metadata in real-time from your multi-cloud VPCs and VNets, not logs, so you always have a record of application activity at your fingertips.
Our application owner dashboard shows you traffic flows from all the major cloud providers — Amazon Web Services, Google Cloud, IBM Cloud, Microsoft Azure, and Oracle Cloud — and specifically where flows came from. Organizations can have greater confidence in the upside of their multi-cloud strategy, and application owners can become active participants in reducing cloud risk and optimizing service delivery.
To see the application monitoring dashboard in action or to learn more about how Netography delivers multi-cloud security observability, sign up for our weekly SE-led demo. Or take the self-guided tour (no registration required).