Gaining Visibility and Optimizing the Traffic Between Containerized Workloads for Seamless Monitoring (5.13)

Introduction

The onset of digital transformation has transformed the roll out of applications especially when the implementation has to be on Cloud. In a Cloud, the application services can be broken down as micro services and managed from different Containers. However, the communication between the containers on the same host introduces a new blind spot that can be exploited by the threat actors. This visibility gap can be addressed by Gigamon Cloud Suite by aggregating the traffic for further processing and monitoring. This GVD walks through one such scenario in an OpenStack based environment. 

Design Topology

Design Overview

This design topology illustrates the Gigamon Cloud Suite deployed in an OpenStack environment comprising of Kubernetes cluster. The Gigamon Cloud Suite in this solution consists of the following components:

  • GigaVUE-FM for orchestration
  • G-vTAP POD for acquiring both east-west and north-south traffic from each of the worker nodes and forwarding it to a V Series node
  • GigaVUE V Series node for aggregating all the traffic, optimizing the traffic by removing the duplicate packets, and forwarding the traffic to either new or existing tool probe.

This design consists of fewer worker nodes for ease of illustration. However, the V Series node can aggregate the traffic from many such sources. As a rule of thumb, each V Series node can aggregate traffic from up to 10 G-vTAP PODs. Please note that the processing capability of the V Series node would depend on the underlying platform's ability to handle the volume of traffic (in packets per second i.e., pps).

The V Series node used in this design belongs to the small form factor, but the same deployment steps apply for deploying the medium or large form factors.

A single tool probe is used in this illustration. However, V Series node can be configured to load-balance traffic among multiple tool probes.

To learn more about this solution, read complete details on the Gigamon Community: Gaining Visibility and Optimizin the Traffic between Containerized Workloads for Seamless Monitoring 5.13.