TL;DR?

• Multi Cloud observability strategies are complex undertakings
• Enterprises need flexible tools to manage data flow between cloud service providers
• Cribl Stream is an ideal solution to manage data flow between cloud service providers

You may be thinking of investing in multiple cloud vendors to increase redundancy and deal with the complexity of your enterprise requirements. You are not alone. Many enterprises are moving in this direction to take advantage of the options offered by competing cloud vendors. Adopting one major cloud vendor is a complex project that can consume a company for months if not years.

Sometimes, multi-cloud adoption creeps up on you. For instance, you may start with Amazon Web Services to host applications and platforms like EKS. Over time, you may find yourself using another cloud service, like Azure, either intentionally or through an acquisition. Soon you are running into the complexity of trying to exchange data between 2 services that work hard to add friction in sharing data between different clouds.

Effectively adopting more than one cloud vendor is an immense challenge and companies need flexible options, like Cribl Stream, for managing data flows between clouds to provide more capabilities, manage risks, and lower costs.

Multi-Cloud Example Use Cases

It’s a very common use case that an enterprise SIEM is installed in Amazon Web Services or SaaS with something like SumoLogic or Elastic Cloud. You can funnel all of your security data out of AWS towards your SaaS platform with generic data movement tools like Lambda, Firehose and/or Kafka, but that requires a fair amount of work and complexity. In some cases, you may also be collecting tons of data from your legacy on-prem centers to funnel to your SIEM as well. More complexity and more work for your teams even with just one cloud.

As a note, too many times enterprises forget that most cloud providers will charge a ton for egress costs till the bills come due and they are stuck. We encountered one prospect that was being charged 3-4k per day in egress costs to get data from its cloud provider to an on-prem security tool. They were using AWS Lambda to route the data and had no idea they were paying so much due to a lack of visibility inherent to the process.

Another example is a company that started with an on-prem SIEM and then opened up shop in Amazon Web Services, where the security team built a security data lake with a lot of success. Another business unit, created from an M&A that was already using Azure, was tasked to run the enterprise SIEM using Microsoft Sentinel. So the enterprise security team has a massive investment in AWS for its security data lake, but the enterprise SIEM is in Azure so fun times for everyone involved. The enterprise security team collects data from 10 thousands of endpoints and data sources all over the world runs multiple clouds to feed its established data lake, and now it also needs to supply data to another business unit running a different set of tools. This team was really struggling to meet enterprise requirements to support data movement across the enterprise.

How Do You Solve the Problems with Multi-Cloud?

Two super-common examples where teams struggle with visibility and control over their data as they add one and two and sometimes three cloud providers to their data platform collection processes.

Security teams need the following:

• Highly scalable platform that will run wherever they have data
• Easy-to-use user experience that will automate data collection from as many cloud providers and data sources as possible
• Full visibility into data flows for monitoring and cost forecasting
• Flexible data routing options to enable pushing data to wherever it is needed with as little effort as possible
• Powerful default options but also the ability to build new tools if needed

Cribl Stream offers security teams the ability to have visibility and control over their data regardless of where the data is generated or where it needs to be processed and analyzed. By installing Stream where the data is collected and where it is processed, teams can see all parts of the process and act accordingly. A big plus with this model is Stream to Stream communication from one cloud to another can cut egress costs by 80% through data reduction and advanced compression.

Only Cribl Stream offers:

• Infinite scale to run wherever your data is located regardless if it is on-prem, in one cloud, or 2 clouds.
• A powerful user experience that enables your whole team to contribute to every task
• The visibility to monitor data from where it is collected to where it is shipped regardless if the data is on-prem, in one cloud, or 2 clouds.
• Flexible data options to process and route data anywhere. If you need to feed a data lake in Amazon Web Services and SIEM Azure that is not a problem
• 60 plus built-in source and destination options that will solve most requirements and the ability to build your own if required.

Wrapping Up the Benefits of Multi-Cloud

Cribl Stream brings visibility and control to your security teams to meet challenges and solve problems faster and with fewer costs than otherwise possible. Unlock the potential of multi-cloud with less complexity by routing data to the right cloud with as little effort and cost as possible.

Try Cribl’s free, hosted Stream Sandbox (we even bring the event generator!). I’d love to hear your feedback; after you run through the sandbox, connect with me on LinkedIn, or join our community Slack and let’s talk about your experience!

Cribl, the Data Engine for IT and Security, empowers organizations to transform their data strategy. Customers use Cribl’s suite of products to collect, process, route, and analyze all IT and security data, delivering the flexibility, choice, and control required to adapt to their ever-changing needs.

We offer free training, certifications, and a generous free usage plan across our products. Our community Slack features Cribl engineers, partners, and customers who can answer your questions as you get started. We also offer a hands-on Sandbox for those interested in how companies globally leverage our products for their data challenges.