Skip to content

Enhancing Visibility & Control Over Google Cloud Platform with IPAM Sync

May 5, 2022 | Written by: Surinder Paul | ,

Today, workloads are deployed on in-house DC or Public Cloud (Hybrid Cloud) or even in various Public Cloud Providers (MultiCloud). This brings new challenges for Netops and SecOps teams to build an accurate and consolidated Visibility on the Hybrid Cloud and Multicloud Infrastructures they are in charge of, so they require a Network Source of Truth (NSoT) for administration, operations and security purposes.

An IPAM is meant for planification and reference purposes. It is used as a blueprint of the IP infrastructure and a Single Source of Truth for not only the IP Plan but, just as important, all the related metadata that can enrich IP addresses and Network subnets such as the localization: where an equipment, a server, a printer or a camera are located (e.g. name of the site, the room or latitude and longitude). Cloud IPAM Sync (such as NetChange) is meant to discover the IP infrastructure of Public Cloud. Cloud IPAM Sync for GCP will help discover the IP infrastructure deployed within Google Cloud allowing to reconcile it with the IP Plan set on the IPAM enabling automation in Hybrid/Multi Cloud environment through API and Security Compliance achieved.

You Can’t Control What You Can’t See!

It is easy and fast to deploy workloads into Public Clouds. The problems start when you need to streamline what has been deployed to optimize costs or the infrastructure. They continue when you need to share the IP plan and related information between the NetOps, SecOps, CloudOps teams to provide them with selective visibility and specific reports on capacity exhaustion for instance.

Beyond a lack of consolidated and shared visibility, when the IP infrastructure of your Public Clouds is not properly documented or does not conform to the original IP plans, company policies cannot be adhered to which jeopardizes compliance management and insurance. By the same token not having your actual IP infrastructure reconciled with how it should be configured can lead to security holes that will soon be exploited by cybercriminals as shown in the 2021 IDC Global DNS Threat Report where 23% of respondents suffered Cloud instance misconfiguration abuse. Lastly, as it cannot be properly secured, unauthorized resources can connect to the network such as BYOD, IoT, etc.

Using The Same IPAM For Your Internal Network And Your Public Cloud

The most logical solution is to use the same tool to manage your internal IP infrastructure a.k.a. IPAM) and the ones of your Public Cloud providers instances. This way you can get a consolidated IP Data Lake for on-Prem and Cloud Environments (e.g. VMware, AWS, Azure or GCP). This IP Data Lake provides a unique IP address management solution and a comprehensive inventory, offering the Network Source of Truth (NSoT) beyond DDI resources, including users, devices and apps and their related metadata with rich data-relations and links between objects (e.g. device, VLANs and IP addresses for instance). Such NSoT will be viewed through a Single Pane of Glass across these heterogeneous environments and will allow reporting and capacity management.

Benefits

  • Overcome data silos between on-prem and Cloud
  • Control consistency and accuracy
  • Improve audit trail & compliance
  • Facilitate orchestration & automation (Golden Records)
  • Simplify management tasks
  • Increase deployment velocity
  • Improve resource utilization
  • Ease troubleshooting and accelerate remediation
  • Enhance capacity planning, dashboard and Reports

What Can This Help You Achieve

The Cloud IPAM Sync feature provided with the EfficientIP IPAM can be used with AWSAzure and now Google Cloud Platform since Rls 8.1 for the following use cases:

  • Automation in Hybrid/Multi Cloud environment using API leveraging IPAM data and metadata
  • Security Compliance

SOLIDserver’s IPAM can be used as the single tool for many usages unifying, network, compute, security, audit, reporting, capacity planning, etc. that can be shared among the NetSecDevOps teams with advanced delegation capabilities.

Simplify & Secure Your Network

When our goal is to help companies face the challenges of modern infrastructures and digital transformation, actions speak louder than words.