Aviatrix CoPilot and MCN Architecture (MCNA)

CoPilot is state of the art Multi-Cloud Network (MCN) operations and extreme visibility product, part of the Aviatrix platform. It fits right into MCNA Cloud Operations pillar in order to provide enhanced visibility and troubleshooting from single pane of glass.

MCNA is a reference architecture to build Networking and Security infrastructures in the public-cloud. If you are not familiar with the MCNA, you should visit aviatrix.com to know more about it. Following diagram shows the MCNA various layers and pillars.

Aviatrix CoPilot delivers new levels of cloud network visibility to make Day-2 cloud network operations easier

Some Advantages of using CoPilot for Cloud Operation

Tools like ping, traceroute, and packet capture are the basics for on-premises environments, but in public clouds, many of these familiar options have not been available – until now.

There are many advantages CoPilot provides. Lets take a look at some of them here:

1. Cloud network practitioners don’t have the time to log into multiple tools, services and cloud provider consoles to obtain the network visibility they require.



2. CoPilot is the "Cloud Operations Savior" to achieve multi-cloud network visibility and utilize capabilities such as cloud network flow analysis, geographical source-destination heat maps, and time series traffic analysis to visually identify flow anomalies.



3. Dynamically visualize cloud network topology and easily pinpoint anomalies. This Real-time cloud topology builder is fascinating and attractive for almost all the enterprises I talk to. It provides enterprise-class operational visibility that is missing in cloud network



4. Simplify network health monitoring, troubleshooting, resource inventory and network status

Multi-Cloud Network Dashboard

When you first login to CoPilot, you will see a dashboard showing inventory view across all the clouds you have. It also shows errors or anomalies right on the dashboard. This dashboard is your morning coffee view of entire cloud infrastructure.

In the diagram below, I can quickly see the warning and pin point the issue for quick resolution.

CoPilot Topology

CoPilot Topology is my favorite because this is the most difficult to figure out in the Cloud Operations space. CoPilot uses deep analytics and machine-learning techniques to co-relate the data and present it in a graphical foramt that it easy to consume by an Enterprise operator. The Cloud operators can slice and dice it in the fashion they want.

Following diagram was automatically built by CoPilot

Another advantage is that it ties very well in the Enterprise support and operations model. It seamlessly integrates into existing support models. without any friction because all the data is coming from Aviatrix Controller and FlowIQ engine. There is no need for operator to worry about managing CSP Accounts/Subscriptions.

Customer Testimonial

Last year I visited a large enterprise in Portland, Oregon USA. It was our initial meeting with this multi-national company, a famous sportswear brand.

Like many other enterprises, they shared the pain of DevOps building hundred of VPCs in AWS without any policy, governance and reference architecture. The cloud just grew organically and the IT leadership was concerned about compliance and audit.

One of the problems was identifying thousands of AWS EC2 instances and which VPCs they were connected to, and how they were connected. The audit would fail if the information was not provided. We showed them the CoPilot and it capabilities and they were stunned.

Following diagram shows a topology built by CoPilot that shows

• VPC/vNET/VCN across multiple cloud



• Instances attached to VPV/vNET/VCNs



• Rogue VPCs
  
  
  
  
  
  • For example VPCs that are not connected to any subnets or VPCs that not connected to enterprise transit network backbone)
  
  
  



• Rogue instances
  
  
  
  
  
  • For example instances that are connected to rouge VPCs or instances that are connected to sunc VPN GWs that are not under enterprise's governance scheme/model
  
  
  

CoPilot became one of the reasons for them adopting Aviatrix platform and MCNA. There might be other tools in this space, but no one is providing a platform and architecture approach to solve these Day2 challenges.

CoPilot FlowIQ

FlowIQ section provides visualization of traffic flows that traverse Aviatrix gateways. Flows provider the user with critical visibility capability to that traffic that traverses their network.

FlowIQ providers various views for visualizing traffic records. The view respond to filters that are selected. The filters that are set by the user are carried across all of views.

Heat maps is the easiest way to identify the concentration of traffic in geographic locations. These hot spots can find bad actors trying to breach into your Multi-Cloud network. For example in the diagram below, customer notices some traffic hot sports in the China and Greece region. If this enterprise has no business in China or Greece region, then it could be matter of concern.

Application Identification and Spike Resolution

Visual leads can also provide insight into various traffic pattern and attack surface. Following chart displays the Application consuming the most amount of traffic based on destination. Any change in the normal behavior could indicate abnormality that should be investigated.

There are various options to slice and dice the information.

Conclusion

Aviatrix CoPilot is a component of Aviatrix platform offering extends visibility into multi-cloud networks deployed and managed by Aviatrix controller. CoPilot delivers, end-end, in-depth, historical analytics of multi cloud networks with a single pane of glass that offers application flows, inventory, health, and complete topological view of the network.