Cisco strengthens AWS integration to speed troubleshooting in multicloud environments

Cisco this week said it has bolstered integrations between its own hybrid cloud offerings and Amazon Web Services (AWS) to improve visibility and help enterprise customers more accurately troubleshoot application availability issues across multicloud networks.

The new network troubleshooting capabilities revolve around container security technology that Cisco gained in its acquisition of Isovalent and integrated into its infrastructure offerings. 

Isovalent co-developed the container connectivity technology eBPF (extended Berkeley packet filter), which is an open-source Linux operating-system kernel technology that lets programs run securely in a sandbox within the kernel of the OS. The idea is to let customers incorporate security, observability, segmentation and networking features quickly and easily without requiring them to modify kernel source code or deal with network overlays or other tedious programming tasks. Isovalent is also a co-creator of eBPF-based Cilium, an open-source community project which delivers networking, security and observability natively within Kubernetes environments. 

Now, new integration between Isovalent Enterprise (a Cisco offering with added networking, observability and security capabilities) and AWS pushes networking telemetry directly to Amazon CloudWatch Network Monitoring, which is an AWS service that offers visibility into the hybrid network connections between AWS resources and on-premises infrastructure.

With these integrations, workload data can be correlated to actual network performance metrics in AWS environments, according to a blog about the news by Tom Gillis, senior vice president and general manager of Cisco’s Security Business Group.

“These insights can also flow into Splunk, where network teams can create unified dashboards that combine metrics from on-premises networks, cloud networks and application performance, and security teams can leverage this data for threat detection and policy enforcement,” Gillis wrote. “Enriching workload visibility data with AWS network performance and making it available to Splunk enables real-time visibility into the entire AWS network fabric, giving network teams the level of observability and control they need to build and optimize truly agile environments that run today’s modern applications.”

For Kubernetes users, including those running on AWS Elastic Kubernetes Service, the eBPF-based Cilium delivers kernel-level visibility, according to Gillis. “Every time a process reads a file, spawns another process or opens a network connection, eBPF code embedded in Cilium executes in the kernel, allowing it to gather detailed telemetries — such as TCP and UDP protocol data, packet loss and latency,” Gillis wrote.

Cisco is a supporter of the open-source Cilium project, he added.

The new, deep integrations between Cisco and AWS give networking teams detailed insights into process-level activity within all workloads, Gillis stated. “This allows them to monitor network performance metrics, visualize the entire application path and correlate all the data for rapid troubleshooting — all in one central management plane. What used to take days of finger-pointing between teams now takes minutes to resolve,” he wrote.

Cisco and AWS have worked to integrate their technologies over the past few years to help enterprise customers deploy and manage cloud-based resources. 

Most recently, Cisco ThousandEyes rolled out Cloud Insights, a new multicloud product aimed at extending cloud infrastructure discovery and configuration changes to application performance, Gillis stated. “This new solution extends ThousandEyes’ well known path visualization capabilities into the AWS network and also correlates how traffic flow impacts application performance,” Gillis wrote.

Last year, Cisco integrated its ThousandEyes network intelligence platform with Amazon CloudWatch to help customers better locate and monitor their AWS-powered applications. The integration gives customers access to Internet health events and Internet performance insights that could impact cloud workload performance and behavior, while ThousandEyes integration brings end-to-end cloud and Internet visibility.

Source:: Network World