Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

AppDynamics In Security Cloud Operations

Next Generation Monitoring in Cisco
Security Cloud
Leon De Jager and Nitin Thakur
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
1
• What is Cisco Security Cloud Operations?
• Challenges faced
• Scale of the Solution
• How AppDynamics was selected
• Speed & Ease of deployment
• Issues identified so far
• What next?
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
2
Many organizations want the savings and efficiency benefits of cloud computing, but don’t want to sacrifice
traditional levels of control and security. Security is traditionally applied at the network perimeter; this disappears in
cloud-based computing, in which borderless networks connect many types of users with enterprise private data
centers and cloud-based resources. Some transactions, such as a remote worker accessing Salesforce.com, don’t even
pass through the corporate network or scanning systems
The Cisco Borderless Network architecture addresses this challenge, securing cloud computing by placing intelligent
control points and endpoints throughout the network.
•
Cisco ScanSafe Web Security
•
Cisco IronPort® Cloud Email Security, Hybrid Email Security and Managed Email Security
•
Cisco Registered Envelope Service
•
Cisco AnyConnect Secure Mobility Solution
•
Cisco Security Intelligence Operations
Cisco Cloud Web Security (CWS) provides industry-leading security and control for the distributed enterprise. Users
are protected everywhere, all the time when using CWS through Cisco worldwide threat intelligence, advanced threat
defense capabilities, and roaming user protection.
http://www.cisco.com/c/en/us/products/security/cloud-web-security/index.html
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
3
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
4
Cisco currently uses a limited number of multiple standalone technologies from
homegrown tools and multiple vendors. These separate implementations have created
an expensive, fragmented amalgamation of independent products that:
Limits – visibility into apps & the business
transaction functions performed
Strains – capital and manpower budgets
Dilutes – a clear-cut root-cause of an issue
by the confusion of multiple tools
Delays – time to remediation
Mobile App Monitoring
NO
VENDOR
Diagnostics
End User Experience
Monitoring
DotCom +
EC2
Database Monitoring
Business Transaction
Monitoring
NO
VENDOR
Tier-1 +
Run Book Automation
Application Monitoring
HOMEBREW
Synthetic Monitoring
Server Monitoring
HOMEBREW
Alerting
Network Monitoring
Cacti,
Nagios,
OpenNMS
HOMEBREW
Log Monitoring
Big Data Monitoring
Kibana
HOMEBREW
Cloud Monitoring
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
5
AppDynamics will add missing capabilities and help consolidate and compliment our existing monitoring solution
In a single tool, AppDynamics provides complete end-to-end transactional visibility for rapid troubleshooting of Production and
Development application performance issues. The in-depth features of our product and the power of their integration will allow
your teams to:
Simplify – NO manual configuration when changes
are introduced
Enables – teams to focus on new, more relevant
projects instead of firefighting
Unify – various teams by providing the same
relevant view into apps
Saves – capital and manpower budgets
Current State
Current State
Mobile App
Monitoring
NO VENDOR
Application
Diagnostics
Real User
Monitoring
DotCom +
EC2 ?
Database
Diagnostics
Business
Transaction
Monitoring
NO VENDOR
Tier-1 +
Application
Monitoring
CUSTOM
Server Monitoring
Network Monitoring
Big Data Monitoring
Cacti,
Nagios,
OpenNMS
Kibana
© 2011 Cisco and/or its affiliates. All rights reserved.
ROADMAP
ROADMAP
ROADMAP
Run Book
Automation
HOMEBRE
W
Alerting
HOMEBRE
W
Synthetic Monitoring
HOMEBRE
W
Log Monitoring
HOMEBRE
W
Cloud Monitoring
Cisco Confidential
6
•
Requirement gathering from multiple teams and end users
Some high level requirements which we looked at:
•
Compute requirements to be minimal for running the APM solution
•
Ease of auto detection of business transactions
•
Future roadmap from AppDynamics more aligned with business requirements
•
PoC run for an extended period, including performance tests to ensure no negative impact on
applications
•
Runbook automation functionality to help reduce false positives from existing monitoring infrastructure
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
7
• 23 Datacenters Globally
• Hub & Spoke Architecture Design
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
8
•
23 Datacenters Globally
•
6.3 Billion Web Requests scanned per day
•
200 Million Threats blocked per day
•
Reporting Database contains 500 billion rows on
average.
•
Reporting Database is approximately 220TB in size
•
4000+ Web Scanning Hosts distributed globally
•
AppDynamics deployed onto 14000 JVMs globally
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
9
Global deployment across 23 datacenters
covering 4000+ hosts in less than a week.
Example puppet module available on
GitHub.
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
10
Some of the issues we’ve been able to identify with the use of AppDynamics:-
•
Unique Slow Business Transactions affecting services: Identified
•
Configuration errors in applications: Identified and remediated (Prevented 70M Slow transaction from
occurring)
•
Unique behavior of the service dependent on end user usage Identified, further analysis undertaking
•
Inter application communication and failure in the network stack Identified and remediated
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
11
•
Nagios used for existing application monitoring, approximately 25 service
checks configured per host.
•
AppDynamics Monitoring Extensions to be used to replace Nagios application
checks
•
Runbook Automation
•
Further integration into more Security Cloud Operations Products
•
Chaos Monkey vs Runbook Automation
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
12
Thank you.
Related documents
IoT EBC Deck - Cisco Communities
IoT EBC Deck - Cisco Communities
7 Survival Skills - 21st Century Schools
7 Survival Skills - 21st Century Schools
AIR-CAP3702E-EK910
AIR-CAP3702E-EK910
SPN-5300-K9
SPN-5300-K9
if not using preferred method of corporate MPLS circuits
if not using preferred method of corporate MPLS circuits
Cisco and Qualcomm offer the latest in Carrier Grade Wi
Cisco and Qualcomm offer the latest in Carrier Grade Wi
entire ecosystem - Open Education Europa
entire ecosystem - Open Education Europa
Integration - Community
Integration - Community
Download