Solution needed for "Port Mirroring" in Azure (seemed it was coming, then held)

KDG@LST 1 Reputation point
2022-05-01T17:08:40.223+00:00

Good afternoon, all.

We're going to be deploying a VM that ultimately needs to have it's traffic monitored by a second VM. In a physical world, we'd simply activate Port Mirroring on the network switch, or deploy some sort of Network TAP. However, we're not dealing with the physical when we're talking Azure VMs.

It appears, Azure announced a potential solution to this in 2018, and up until recently, had it in Preview (if I'm understanding what I read), a service called vTAP. However, I'm not sure to what extent it was going to do what we need (meaning, not knowing if it only streamed to certain "partner" systems, or if you could literally say "stream this over this interface to that address").... This appears to be a feature AWS has embraced, so the potential 4-year lead time on Azure is a bit disconcerting.

I'm open to alternative suggestions (that don't involve nesting VMWare inside of Azure VMs, both from clunkiness and cost perspectives). The two VMs will be Ubuntu 20, and I need the network traffic hitting VM1 to be sent to VM2 (over a secondary network interface that ties the two machines together). I'm aware there are possible software-based solutions out there, but haven't worked with them before, nor do I know what kind of processing overhead they may add to the machine.

Does anyone have thoughts on this, or (in an ideal world), know how to natively achieve this within Azure?

Thanks.

Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,141 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. risolis 8,701 Reputation points
    2022-05-02T00:20:34.627+00:00
    1 person found this answer helpful.
  2. GitaraniSharma-MSFT 47,416 Reputation points Microsoft Employee
    2022-05-19T14:32:23.363+00:00

    Hello @KDG@LST ,

    Apologies for the delay in my response.

    As you correctly mentioned, Virtual network TAP Preview is currently on hold in all Azure regions. You can email at azurevnettap@microsoft.com with your subscription ID and the team will notify you with future updates about the preview. In the interim, you can use agent based or NVA solutions that provide TAP/Network Visibility functionality through our Packet Broker partner solutions available in Azure Marketplace Offerings.

    Refer : https://learn.microsoft.com/en-us/azure/virtual-network/virtual-network-tap-overview#virtual-network-tap-partner-solutions
    https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-traffic-inspection

    Most of the customers are using our Virtual network TAP Partner solution GigaVUE Cloud Suite for Azure.
    Refer: https://azuremarketplace.microsoft.com/en-us/marketplace/apps/gigamon-inc.gigamon-fm-5_15_00?tab=Overview
    https://www.gigamon.com/content/dam/resource-library/english/data-sheet/ds-gigavue-cloud-azure.pdf

    There is no other inbuild solution available at the moment but from what I've heard the Azure Product Group team is targeting the private preview of Virtual Tap in H2CY22 (second half of 2022).

    Kindly let us know if the above helps or you need further assistance on this issue.

    ----------------------------------------------------------------------------------------------------------------

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments