Enterprise customers of Google’s cloud platform now have a new option for logging and monitoring network traffic for security and performance issues.
The company this week introduced VPC (Virtual Private Cloud) Flow Logs, a function that gives administrators a way to track network flows down to individual interfaces in a near real-time manner.
Organizations can use VPC Flow Logs to capture network telemetry from a range of sources including traffic on internal virtual private networks or between a private network and Google Cloud interconnection points. VPC Flow Logs can also capture telemetry from traffic flowing between an enterprise server and any Internet endpoint or any Google service.
Such logging and monitoring can help administrators more efficiently identify and access traffic patterns that may pose a security or performance issue, said Ines Envid, product manager, of Google Cloud Platform in a blog April 5.
“VPC Flow Logs provides responsive flow-level network telemetry for GCP environments, creating logs in five-second intervals,” Envid said. Administrators can use it to collect telemetry for an entire private cloud network, or a portion of it. They can also use it to drill all the way down and collect network telemetry from a specific virtual interface or virtual machine instance.
VPC Flow Logs has several use cases from an operational standpoint, according to Envid. For instance, it enables application debugging and troubleshooting by allowing administrators to monitor application performance at the network level.
Similarly, it can help organizations optimize network usage by revealing global traffic usage as well as application traffic flowing between specific Google cloud regions. The visibility gives organizations a way to optimize network costs via better bandwidth utilization, content distribution and load balancing, she said.
Log data from VPC Flow Logs can also help with security analytics and network forensics by helping identify traffic from unexpected sources or unexpected volumes of data exiting a network. When exported to a security information and event management system, the data from VPC Flow Logs can help with real-time security analytics, Envid said.
“All this happens with near real-time accuracy (updates every 5 seconds verses minutes), with absolutely no performance impact on your deployment,” she noted.
VPC Flow Logs is one of two application performance monitoring and management tools that Google announced this week for customers of its cloud services. The other is an update to Google’s Stackdriver Monitoring v3 Application Programming Interface.
The update introduces a new capability for managing and automating policies for alerting DevOps teams on performance and security issues impacting applications running in the cloud.
The update makes it possible for administrators to create, read, write and manage Stackdriver alerting policies and notification channels, said Michael Safyan, a Google software engineer and Amir Hermelin, a product manager with the company.
“If you have multiple alerting policies configured by various teams within a single Google Cloud project, navigating and organizing these policies can be challenging,” the two Google engineers said. The new alerting policy management feature in the Stackdriver Monitoring v3 API should help alleviate this issue, Safyan, and Hermelin said.