Enterprises have stepped into a new dimension where business happens digitally, and the mantra for success is multi-cloud. Already a slew of companies has migrated their workloads to several different cloud providers to leverage the best-of-class cloud amenities, and others are en route to tap into the magical multi-cloud efficiency.
But as companies distribute data and assets across multi-cloud, a rare and unforeseen problem has emerged. A fog has descended, making observability one of IT’s biggest pains.
An Unwelcome Side-Effect
Reduced level of visibility has engendered some very real issues for organizations. It encumbers security, and teams are seeing more and more recovery latencies that are hurting business resilience and bottom lines.
In most cases, the root cause of reduced visibility is distributed assets. Applications are no longer in a central location – which formerly used to be the datacenter – but in multiple addresses that span regions. While this has unlocked new levels of availability and accessibility, it has made control of estates another worry. The harsh truth this, both the fog and the ensuing chaos are here to stay because multi-cloud is now a de-facto approach.
As an A-lister company dedicated to solving the biggest problems in tech, Cisco has been on this a while now. At the recent Security Field Day event in Silicon Valley, Anubhav Swami, Principal Architect, Cloud and Networking Security, spelled out the ills of not having ample visibility to track down threats and dispatch an accelerated response.
Surveys show that even the biggest enterprises in multi-cloud struggle to gain clarity of sight, and navigate the landscape. “We talked to our customers, and their biggest pain points are single-pane-of-glass view, unified policy and complete control,” says Swami.
Companies reporting this problem worry that the observability and control slack will erode the merits of multi-cloud. No doubt cloud providers offer security capabilities on their platforms, but Swami warns that availing individual security solutions does not make navigating the complexity of multi-cloud any easier, nor does it solve the bigger observability crisis.
“You can obviously go ahead and use cloud provided security solutions, but sooner or later, in your multi-cloud journey, you will end up in a situation where you will have siloed security solutions for each cloud provider,” he said.
Boosting Observability with Cisco
Cisco’s legacy is in simplifying intricate technologies for users, and in solving this, Cisco didn’t stray from its playbook. The Cisco Multicloud Defense untangles cloud security, making it easy to secure data and assets spread across multiple cloud platforms.
Multicloud Defense is a security platform designed exclusively for hybrid multi-cloud networks. Its chief capabilities are unobstructed visibility and unified security. The platform delivers consistent protection across platforms, blocking all inbound threats and attempts of data exfiltration.
The platform architecture constitutes two components – a controller and a gateway. The Multicloud Defense Controller provides control and management capabilities, and access to a SaaS (Software-as-a-Service) portal which is the control plane. The Multicloud Defense Gateway is a PaaS (Platform-as-a-Service) solution that offers advanced, inline security protection against external threats.
The solution’s distinguishability comes from the fact that it intelligently separates the data plane from the control plane allowing enterprises to hone in on critical systems.
The gateways exist in the data plane. Instead of being deployed in the Cisco infrastructure, they are used in customers’ environments, in their public cloud accounts where they are inserted using automated workflows. Users just need to specify the cloud provider, and the controller connects to the chosen infrastructure and injects the gateways in.
All gateways are controlled centrally from the SaaS portal, and managed by the controller – customers need not worry about their life cycle management. Cisco Multicloud Defense Gateways are supported in AWS, Azure and OCI.
Cloud infrastructures can be added in a just a few steps. To start, the supported cloud provider needs to be onboarded on the SaaS portal. As soon as the two integrate, the platform starts pulling information about private cloud resources, gateway load balancers, traffic flows, network security groups and so on, into the system. This is done securely using an IAM policy.
Cisco Multicloud Defense aggregates and organizes this data, pushing it out via the dashboard. The dashboard offers a unified and accurate view of all cloud resources in the chosen platforms. A single pane view makes it easier for security teams to zero in on threats and take actions swiftly.
“Defining a policy based on IP addresses is not the correct way to define security in the cloud,” says Swami. Cisco follows a different approach. When ingesting information through the controller, it activates a Pub-Sub model through which it learns about security tags in real time. Users can define their policies based on these tags. Diverse security tags from different infrastructure can be combined into a single policy and applied uniformly across gateways. With Cisco gathering and streaming information in real-time, policies are updated synchronically with any changes in the infrastructure.
MultiCloud Defense also does traffic steering to direct application traffic across the network in the best possible way. “The biggest pain point for any administrator in the cloud when they insert security appliances is traffic steering because sometimes routing can be pretty complex. Multicloud Defense Controller will take care of that as well,” informed Swami.
Everything on the Multicloud Defense console can be automated through Terraform using prebuilt templates.
Swami informs that Cisco is soon to add a networking element to the architecture that will enable users to connect multiple cloud infrastructures using a secure connection, thus completing the multi-cloud security picture.
Cloud observability has the power to transform businesses with real-time threat detection, accurate predictions and expedited recovery. In the multi-cloud, these quantify to reduced risk, greater control, and a safer environment. To achieve these, companies must invest in a solution like Cisco Multicloud Defense that affords users clear visibility and maximum control, no matter where their applications are. There is no need to drive blind, or settle for siloed solutions that only protect assets in one place. Cisco Multicloud Defense makes the multi-cloud black box transparent and tenable.