What is virtual Smart Tap (vST)?
vST is a small foot print software that sits above the hypervisor layer, which taps into vSwitch to allow the capturing and analyzing all traffics between Virtual Machines in the same server or located in other servers. One copy of vST is required to be installed for each server under monitoring by Uila.
What is virtual Information Controller (vIC)?
vIC is a Uila software implemented as a guest (VM) which (1) interfaces to vCenter to retrieve compute and storage performance data, (2) acts as a proxy for vST to transfer vST collected application and network performance meta data to Uila Cloud via encrypted SSL channel, (3) receives Uila management commands to install and configure vST. There is only one instance of VIC required per vCenter.
What is Instance Smart Tap (iST)?
The Uila Instance Smart Tap (iST) is deployed as a plug-in in a distributed manner across the Public Cloud on the VMs or Instances running the application workload. It collects traffic as well as VM and Instance level Compute statistics and sends it to the vST for Deep Packet Inspection.
How does vST differ from physical network probe that is attached switch span port or server Ethernet port directly?
Physical probe can only see traffic that pass through ethernet port to the switch, it can’t see traffic sent by VM’s through vSwitch within a physical host. In a large scale data center, it is impractical, and cost prohibitive to deploy physical probe everywhere. Furthermore Uila vST pre-processes traffic, sends only meta data to Uila Cloud. It reduces traffic overhead by 99% compared to physical probe without pre-processing capability.
How does vST differ from products that use agentless software?
They typically employ SNMP polling, and other OS API to access statistical information from the Data Center infrastructure. Since it cannot see network packets, it does not have the ability to identify application type and its associated attributes. SNMP polling typically creates higher network overheads than vST.
Uila Cloud Service
Where is Uila Cloud located and what are the security mechanisms in place?
Uila SaaS is hosted with a well-regarded hosting company in the United States. Customer data currently resides in the United States of America and primarily in the state of California.
The hosting company tests their security systems and protocols regularly to ensure exceptional response rates, and each year participates in compliance validation programs such as ISO 27001, SOC 1 Type 2, SOC 2 Type 2, HIPAA and PCI DSS. All compliance examinations for those Data Centers are conducted by Schellman & Company, Inc., an independent, licensed CPA firm, QSA, and accredited ISO 27001 certification body by ANSI-ASQ National Accreditation Board (ANAB) and the United Kingdom Accreditation Services (UKAS).
The hosting company also directly employs experienced security officers at their facilities, who receive rigorous annual training and are required to pass certification. CoreSite data centers are protected by a gamut of technological security measures including IP-DVR cameras & perimeter fencing, Biometric SCANNERS & card readers, mantraps, locking cages and cabinets.
How does Uila Cloud ensure data captured by vST agent is not compromised during transmission to the Uila Cloud?
First, the data transmission between vST and Uila Cloud is using Secure Shell (SSH), an encrypted network protocol. Second, we added another security layer by using digital signed certification to ensure the true identity of the vST agent loaded in your server.
How does Uila Cloud ensure no business critical information is captured and stored in the cloud?
Although vST can capture and see the network traffics, it only analyzes the packet header to identify unique application and its response time. vST keeps both application response time and network response time for performance analysis.
However, when an application exhibits slow performances, vST will capture small portion of the transaction data, e.g. IP addresses to allow application developer to analyze application issue that might be the cause of slow response time. If capture partial data is prohibited by your company’s security policy, we recommend that you select the On-Prem deployment option.
What Deployment options Uila offers?
• Uila Saas Cloud: Require to install Uila vST and vIC in your Data Center.
• On-Prem Server: For customer whose compliance policy prohibits the use of Public cloud service. It requires the installation of Uila server software inside your private data center.
What is the level of effort to get Uila up and running?
• SaaS via Uila Cloud: One hour to deploy vST and vIC.
• On-Prem: Need additional 30-60 min to deploy Uila Server software on premise. We offer assistance to ensure you have the best user experience.
How much resources do I need to allocate for vST?
How much resources do I need to allocate for vIC?
What are the Network requirements for vIC and vST?
• Pre-allocate one IP address for each of the vST’s, which can be either static IP address or allocated via DHCP, prior to deployment
• Pre-allocate one static IP address for vIC prior to deployment
• If you choose Uila Cloud, open ports 80, 443, and 5000 on your firewall to allow SSL traffic to Uila Cloud where the Uila analytics and data store resides
How much vST traffic overhead consumes the network bandwidth?
Since vST pre-analyze all traffic captured and only sends meta data in one minute internal, it consumes less than 1% of a 1Gbit network link.
How much vST VM consumes CPU usage on the host it resides?
It averages no more than 5% on a typical loaded ESXi host.
How much resources do I need for AWS deployment?
How much resources do I need for Azure deployment?