SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Good or bad - answer these questions to check application visibility
Tue, 2nd Aug 2022
FYI, this story is more than a year old

Article by Radware's Yaron Azerual.

Managing applications as well as the network and compute infrastructure around them used to be easy. Everything sat in a private data centre and there weren't that many applications to begin with.

But with the adoption of the hybrid cloud, applications now run in multiple private and public cloud environments managed by different teams and tools.

Managing applications while maintaining visibility in this era has become a challenge. Here are three questions infrastructure managers can ask themselves to determine whether they have good application visibility:

  1. How many applications has the organisation deployed to the cloud?
  2. What is the health status of the applications?
  3. If something goes wrong with an application – a cyber attack, a performance issue, or simply too many errors – how will IT know before the application user complains?

In most cases, answering these questions in real time with any certainty will require a lot of effort even though the data to do this already exists somewhere.

Research in 2021 by Enterprise Strategy Group found that only 5% of organisations had consolidated cloud management tools to three tools or fewer for managing their private/virtual clouds and public cloud environments. Astonishingly, the remaining 95% still lacked a way to monitor the performance and user experience of their cloud applications.

The multi-cloud paradigm has led us to think that we can work seamlessly in any environment we choose. While this assumption is true to some extent, the issue of application performance and security analytics is easy to downplay.

My company believes that sticking to the following three principles enables organisations to easily answer all the above questions regardless of how many applications and cloud environments they are using.

1. Standardisation

Organisations should use the same tools to monitor applications across all the clouds they have deployed. Every organisation uses load balancers to ensure high availability and scalability.

But what if that load balancer could also collect information about the applications' health, usage level, and security status by delivering monitoring data to a centralised analytics engine?

To achieve that, this would require the load balancing and application protection systems to collect the same information using the same metrics from all application environments. For example, most traditional application delivery controllers (ADC) vendors provide the ability to run their ADC in all leading public and private cloud environments and collect information about the application health.

In so doing, they make it possible to standardise both on the ADC technology and the collection of performance metrics across multi-cloud applications. This standardisation cannot be provided by native cloud load balancing services.

2. Simplicity

One way some DevOps teams bypass the standardisation requirement is by building their own solutions for collecting application information. While this bespoke approach has advantages, usually it requires integration with the application and environment, which complicates the solution and often results in less than desired application monitoring coverage.

In contrast, the monitoring capabilities included in most leading ADCs are extremely simple to deploy and use and easily enable 100% application coverage.

3. Insightful and actionable analytics

It's not impossible to collect important information about application status, health, and security. The challenge is translating this information into meaningful insights and corrective actions.

To manage application health and security proactively, the following is needed:

  • A simple standardised solution that collects relevant application information across all applications.

A reporting tool that:

  • Alerts about possible SLA breaches while drilling down to find the root cause of a service issue.
  • Provides insights into more general issues with clear recommendations for addressing them.

To ensure the healthy performance of the application, these combined technologies should monitor and report on as much of the infrastructure that services the application as possible. The infrastructure includes, for example, the network, the application delivery controller (ADC), and any application security solutions that are deployed.

A slow network, an overloaded ADC, or an attack vector under siege can all degrade performance and impact the application's ability to meet its SLAs.

Building a monitoring solution with advanced analytics, which adheres to the above guidelines, will enable IT professionals to easily answer the three questions outlined at the start of this article. It will also enable them to maintain visibility and proactively manage all application SLAs regardless of the environment they have been deployed in.

ADC systems are good candidates to address all the challenges mentioned here. They already front-end applications and provide a key resource to deliver metrics that can be used to measure and monitor end-to-end application performance.