With organizations expanding further into the public cloud, network architects are challenged with this question: How should I plan to monitor network devices and interconnects? The answer can vary widely, depending on how your cloud infrastructure is designed. In some cases, one may opt to simply use built-in monitoring/alerting tools offered by the cloud service provider. In others, traditional monitoring tools may be a better option. And for the utmost in visibility and alerting capabilities, there are cloud-focused network performance monitoring tools. Let's look at use-case scenarios for all three options to understand their capabilities and limitations.
CSP-provided network monitoring tools
By far the cheapest and fastest way to get network monitoring up in running in the cloud is to leverage tools provided by your cloud provider. For example, AWS allows customers to leverage CloudWatch to monitor traffic inbound and outbound from EC2 instances. Additionally, AWS allows access to customer flow data within a Virtual Private Cloud (VPC). Once enabled and configured, administrators can create basic alerts based on various log and flow triggers.
The primary drawback to using CSP-provided tools is that they only work within a single cloud. Thus, if you operate in a hybrid or multi-cloud environment, you end up managing multiple monitoring/alerting platforms. You also lose end-to-end visibility that can hamper identification and troubleshooting of network-specific issues between cloud networks. That's why enterprise IT departments that are serious about network monitoring typically only use these types of tools when monitoring DevOps environments or if the applications and data within a specific cloud provider are low priority in terms of business criticality.
Traditional network monitoring tools
Most enterprise organizations opt to deploy traditional network monitoring tools such as ping, SNMP polling, and NetFlow within a public cloud network -- when possible. The benefit here is that it allows network administrator to utilize the same tools within their cloud instances as they use to monitor network components on the private corporate LAN and WAN.
The main drawback, of course, is that it isn't always possible to deploy legacy network monitoring tools within the cloud environment. For IaaS clouds, it's easily accomplished, but for PaaS and SaaS deployments, many of the traditional network management tools won't work. Consequently, you're often stuck with very rudimentary monitoring with tools like ping and traceroute as opposed to more robust tools like SNMP polling and flow collection.
The ideal use case scenario for using traditional network monitoring tools would be a hybrid-cloud architecture with a private cloud connected to a public IaaS. In this situation, administrators can simply extend their already-deployed corporate LAN network monitoring tools to the IaaS instance for. end-to-end visibility. As a bonus, it's fairly easy to deploy and manage, and costs very little.
Cloud-focused network performance monitoring
Many IT departments require even more visibility into the network than has traditionally been provided across the enterprise LAN. Because a certain level of trust has been handed over to CSPs, IT teams need added visibility to keep closer tabs on the network performance inside and between clouds. Recently, the network monitoring market has been deluged with cloud-focused network performance monitoring platforms from companies such as Cisco, ExtraHop and ThousandEyes. Many of these platforms include network probes, cloud agents, and in-depth routing and policy change notifications. These tools can be used to provide granular detail to the health of the network, down to the end-user perspective.
The drawbacks of these types of tools include the added cost and management complexity. Yet, if your organization operates mission critical apps and data -- and you operate within a complex, multi-cloud architecture, the benefits usually outweigh the additional cost and complexity.