Oracle Cloud Infrastructure (OCI) Virtual Test Access Point (VTAP) functionality provides a way to mirror traffic from a designated source to a selected target to facilitate troubleshooting, security analysis, and data monitoring.

We have recently validated a few OCI partners’ products with VTAP functionality. This blog provides a high-level view of Network and Monitoring partners’ products and how you can use their products to support traffic mirroring use cases.

Palo Alto Networks

VM-Series Firewall on OCI can analyze, filter, and process the raw data available through the virtual networking VTAP capability within OCI and provide contextually rich application, content, and threat information. You can avoid egress data charges by keeping the traffic within OCI and using Palo Alto’s VM Series Firewall IDS solution to process and inspect the network traffic. Based on this more in-depth inspection, you can enable alerts for a wide range of security issues, including the following examples:

  • High-priority security alerts: Attacks for known exploits. Primarily, VM-Series serves as an intrusion detection system (IDS).

  • Traffic to inappropriate, malicious destinations and command-and-control systems: Detect whether the source or destination is inappropriate or malicious, whether geo-blocking restrictions must be met, or whether bitcoin traffic or an SSH session to a known command-and-control (C2) domain exists.

To integrate VM Series Firewall with VTAP, refer to the following architecture:

A graphic depicting the architecture for PaloAlto VTAP integration.

Use the tunnel inspection capabilities of VM Series Firewall, which supports VXLAN traffic, to inspect traffic running within your virtual cloud networks (VCNs).

Check out VM Series Firewall on OCI Marketplace today!

Accedian

Accedian recently partnered with OCI, and we have validated VTAP functionality with Skylight Analytics platform.

Skylight is a virtualized performance assurance platform, delivering end-to-end network, application, and service performance visibility, right from the user edge to the core network and cloud. It proactively ensures that networks and cloud applications meet increasingly stringent performance requirements, optimize network capacity, and meet demanding customer expectations on quality of experience. Skylight uses its high-quality performance data, analytics, and machine learning to identify, predict, and prevent customer-impacting issues.

To Skylight with VTAP, refer to the following topology:

A graphic depicting the architecture for Accedian VTAP integration.

Deploy Accedian Sensor virtual machine (VM) on your OCI tenancy that supports VXLAN traffic and send the mirrored traffic to Accedian Skylight Analytics platform

Check out Accedian Skylight Performance Analytics on OCI Marketplace today!

NETSCOUT

NETSCOUT’s innovative Smart Data technology goes beyond traditional north-south traffic views to deliver deep insights into traffic across OCI. The nGeniusONE Service Assurance solution uses real-time network traffic analysis from vSTREAM and InfiniStreamNG appliances to provide application performance management capabilities that are ideal for enterprises running application workloads that require compute, network, and storage resources in multicloud environments.

This offering enables these enterprises to ensure a high-quality customer and user experience as they migrate applications and other workloads to the cloud. These capabilities are also critical to DevOps organizations with services that seek to optimize the performance of refactored applications and assure outstanding customer experience for apps developed natively in OCI that rely heavily on microservices. nGeniousOne Service Assurance solution with vStream has the following features and capabilities:

  • Dynamically recognizes different digital services, applications, and protocols behind IP sessions and delivers detailed performance metrics and actionable intelligence on service availability, reliability, and responsiveness

  • Uses Smart Data to intelligently and efficiently analyze traffic flows for a contextual view of service and its interdependencies end-to-end across the service delivery infrastructure

  • Generate real-time performance, traffic, and error metrics and session event records

To integrate NetScout Virtual nGeniusOne with VTAP, refer to the following graphic:

A graphic depicting the architecture for NetScout VTAP integration.

Deploy vSTREAM, which supports VXLAN traffic, and send the mirrored traffic to NetScout Virtual nGeniusONE platform will need to deploy vSTREAM which supports VXLAN traffic and send the mirrored traffic to NetScout Virtual nGeniusONE platform.

Check out NETSCOUT Virtual nGeniusONE on OCI Marketplace today!

Gigamon

GigaVUE AnyCloud platform delivers intelligent network traffic visibility for workloads running in OCI and enables increased security, operational efficiency, and scale across VCNs. With this solution, organizations have the following capabilities:

  • Optimize costs with up to 100% visibility for security without increasing load on compute instances as more security tools are deployed

  • Use GigaSMART traffic intelligence to deliver optimized traffic to the right tool with a dramatic reduction in traffic with NetFlow and IPFIX generation

The solution integration with VTAP consists of the following key components:

  • Traffic acquisition using G-vTAP Modules: OCI VTAP functionality helps here to send mirrored traffic to GigaVUE V Series

  • Traffic aggregation, intelligence, and distribution using GigaVUE V Series

  • Orchestration and management using GigaVUE-FM

To learn more about GigVUE AnyCloud and stay up-to-date information on product roadmap connect with a Gigamon partner. Check out GigVUE AnyCloud on OCI Marketplace today!

What’s next?

Virtual Networking VTAP capability gives you deeper visibility into OCI. This feature allows you to address use cases around threat monitoring, forensic analysis, compliance, and troubleshooting. We looked at different validated partners and their solution availability on OCI Marketplace. You can use VCN VTAP capability with OCI partner solutions to monitor and gain deeper level visibility into Oracle Cloud Infrastructure.

Check out the Virtual Test Access Point official documents and announcement. You can explore partner products from Oracle Cloud Marketplace today!