Cloud Monitoring


When we talk about monitoring for performance, security, and business rules, we often refer to monitoring of infrastructure or Platform as a Service mechanisms. But how do you monitor Software as a Service? Do you just tally the dollars spent for the service, or can you look at application performance, security issues, or even your business rules today? Or do you trust the SaaS to provide data?

As many companies move from “roll-your-own” IaaS solutions to higher-performance SaaS solutions for various web-hosting properties, we see an increase in the need to monitor the performance of these SaaS solutions. Yes, there is a growing trend of SaaS services replacing common web services presented by IaaS solutions. There are SaaS solutions available for most content management systems, even for specialized niches like physicians with MyChart, among others. Many of these solutions are cheaper than IaaS solutions, but what you lose may be too much to handle, unless the SaaS itself provides the monitoring data you need.

This is a major shift for monitoring tools. It’s very difficult to peer into clouds to get the monitoring data you need to make informed decisions today. Zenoss, Xangati, New Relic, AppNeta, Dynatrace, and the like all need access to the underlying infrastructure, code, etc. to provide usable data in today’s world. So, as we move from IaaS to SaaS, we end up losing details that we use today.

It becomes even more interesting as we know the services we want to use employ these tools daily to monitor their own stacks, so that they can make their own decisions using the data gathered. However, since the tools are not multi-tenant, there is no way for this information to be seen by the SaaS tenants for their own use. Now, this often occurs by choice, but the same data could be valuable to the tenants as well. We, as tenants using a SaaS, also need to know when slow queries happen, who performed the queries, and why the queries were slow.

This is another area that the Cloud Access Security Broker (CASB) could tackle or even provide data to. Since web services are accessed via the web, we can use existing security tools to extract performance data, such as how long a particular query takes to complete. In the past, I have written about using APM for security reasons, but now perhaps we can use security tools for APM reasons. To delve into per-tenant performance issues, we need to improve our experience within a SaaS.

Currently, we put very fast web application firewalls (WAFs), caching content delivery networks (CDNs), and CASBs in front of our SaaS services. These solutions record usable data that could be fed into APM tools, so that you would get a view of how each query performs. Granted, going this route won’t necessarily reveal the reasons for performance issues, but you will get a feel for what queries are causing issues. Ultimately, you still need to go to the code, but you now have a query that you can use to reproduce the problem on a development machine or two where the appropriate tools are running.

Application Performance Management is often the early-warning system for security issues, but now we can use security tools as an early-warning system for SaaS performance issues as well. The marriage between these tools depends entirely on systems that can ingest log files created by the other or that send and receive data from each other. Data platforms such as Zenoss, SolarWinds, Splunk, Elasticsearch, and others make this much easier to integrate. We have too much data on our hands not to find ways of using it for all parts of our business.

There is no longer a divide between security and monitoring. The security operations center and the network operations center share so much data that they are really just an operations center with different types of incident response. Share the data and improve your incident response.

Share this Article:

The following two tabs change content below.
Edward Haletky
Edward L. Haletky, aka Texiwill, is the author of VMware vSphere(TM) and Virtual Infrastructure Security: Securing the Virtual Environment as well as VMware ESX and ESXi in the Enterprise: Planning Deployment of Virtualization Servers, 2nd Edition. Edward owns AstroArch Consulting, Inc., providing virtualization, security, network consulting and development and The Virtualization Practice where he is also an Analyst. Edward is the Moderator and Host of the Virtualization Security Podcast as well as a guru and moderator for the VMware Communities Forums, providing answers to security and configuration questions. Edward is working on new books on Virtualization. [All Papers/Publications...]
Edward Haletky

Latest posts by Edward Haletky (see all)

Related Posts:

Leave a Reply

2 Comments on "Cloud Monitoring"

Sort by:   newest | oldest | most voted
2 months 16 days ago

Interesting topic Edward. This, for me, is a sensitive topic. Cloud monitoring, I think, is a job that needs to be done by someone from inside the company and not from the SaaS provider itself. It would be more reasonable that the one who uses the service is the one to evaluate it rather than the one who provides it. Also, security and privacy issues are cliche on this matter. I have heard from someone that Lirik does great job when it comes to providing SaaS support.

2 months 15 days ago

Hello Erin,

Security Monitoring is a requirement for any cloud based solution; cliche or not. Security monitoring cannot be ignored. Yet, there is so much more data today to monitor that will help solve security, performance, and other problems. Lirik may do a good job for outsourced SaaS development and monitoring. But this does not change the fact that once you move your service from IaaS to SaaS (such as for web hosting) that your monitoring capability also changes.

Best regards,
Edward Haletky