Scalable Packet Capture for Hybrid Cloud
By Cary Wright, VP Product Management, Endace
The rapid growth of cloud vulnerabilities, hijacked cloud credentials, APTs targeting cloud, and lack of network layer visibility in cloud has made one thing clear: recorded network packet data is just as essential in the cloud as it is in physical networks.
Enterprises know the value of our packet capture solutions, and they have told us they need the power of packets in the cloud as well. In many cases, they have moved – or plan to move – workloads to the cloud but have been hampered by an inability to gain the same visibility into activity in their public cloud infrastructure as they are used to relying on in on-premise environments.
Leveraging our 20-plus years of experience in delivering accurate, reliable packet capture for some of the world’s largest organizations, Endace developed EndaceProbe Cloud as the first truly scalable, enterprise-class solution for providing always-on packet capture in public cloud environments.
Unlike many solutions on the market, we’ve done it in a way that scales easily and delivers truly unified visibility that lets security, network and IT teams analyze packet data from across hybrid cloud and multi-cloud environments quickly and easily from a central console.
EndaceProbe Cloud delivers packet-level visibility for public cloud that is critical for threat hunting, incident response and performance management in those environments. It operates seamlessly with EndaceProbe hardware appliances to deliver always-on packet capture across on-premise, private and public cloud infrastructure, to provide unified visibility across the entire network.
See it in Action
The demo below shows how easy it is to quickly search for packet data across a multi-cloud – AWS and Azure – environment, recreate files from packet data and drill-in to analyze the full packets. All from a single console.
EndaceProbe Cloud is a full-featured EndaceProbe, purpose-built for deployment in AWS and Microsoft Azure environments that provides the following benefits to customers in cloud and hybrid cloud environments:
- Continuous, zero-loss, packet capture in public and hybrid cloud environments that provides weeks or months of visibility
- A unified console for fast global search and analysis across on-premise, private and public cloud environments.
- Full visibility into North-South and East-West traffic
- Secure packet storage within the customers’ own virtual network or virtual private cloud (VPC).
- Powerful traffic analysis and investigation tools including file extraction, log generation, and hosted Wireshark™
- Seamless workflow integration with an open API and strong ecosystem of third-party network and security tools (https://www.endace.com/fusion-partners)
- Subscription-based pricing that offers flexibility and scalability
EndaceProbe Cloud complements Endace’s hardware appliances to provide unified and seamless visibility across the entire network.