Integration in Microsoft Azure

Prev Next

In this article we'll be delving into how Provider Connectivity Assurance (formerly Skylight) is integrated in Microsoft Azure.

The Cloud Challenges

More Complexity. More Users. Less visibility.

image.png

No access to the network layer

There is no network layer access! How can I capture the network traffic?

image.png

Azure Basic Concepts to Know

C.png

D.png

Provider Connectivity Assurance in the cloud: general principles and architectures

Cloud visibility using Azure partner TAPs

Azure does not yet support packet mirroring (vTAP) natively on their platform, but relies on 3rd party software partners to perform traffic mirroring and forwarding to probes and analyzers. See Azure virtual network TAP partners page for Azure recommended solutions to mirror traffic.

Assurance Sensor Capture deployed in Azure

  • Receives monitored network traffic
  • Computes Per Packet Intel
  • Sends Per Packet Intel to Provider Connectivity Assurance (formerly Skylight analytics) through HTTPS (TCP port 443)

Technical Requirements

Assurance Sensor Capture

  • Version 21.02.10-r1 release and above

Network Flows Requirements

Ingress traffic Egress traffic
Assurance Sensor Capture TCP port 443 to Provider Connectivity Assurance and TCP port 443 to NATS on same Provider Connectivity Assurance

Main Deployment Steps

  1. Deploy Assurance Sensor Capture(s)

  2. Link deployed Assurance Sensor Capture(s) to your Provider Connectivity Assurance tenant

How to deploy an Assurance Sensor Capture in Azure

image.png

image.png

image.png

image.png

image.png

Sizing Small Medium Large
Flow analysis per min

Max average recommended

100 K 1M 1,6M
CPU 2,4 GHz

2 Core / 4 Threads

2,4 GHz

6 Core / 12 Threads

2,4 GHz

8 Core / 16 Threads

RAM 6 GB 16 GB 24 GB
Data Disks (Read performances) 50 MB/s 80 MB/s 100 MB/s
Input / Output per second 500 IOPS 1000 IOPS 1000 IOPS

image.png

image.png

image.png

image.png

image.png

image.png

image.png

image.png

image.png

T.png

U.png

How to link an Assurance Sensor Capture to a Provider Connectivity Assurance tenant

  1. Select deployment model
    Type deploy show to check the actual deployment model

23.png

Type deploy disable PVX to disable the PVX deployment model

24.png

Type deploy enable Analytics to activate the appropriate deployment model
25.png

  1. Link the Sensor to your Provider Connectivity Assurance own tenant
  • Type **register skylight** to initiate the process
  • When being prompted, provide the following information:
    • Tenant Host: URL of your Provider Connectivity Assurance tenant
    • Username: your admin username
    • Password: password linked to your username

26.png

  • You can check the presence of your sensor under Data Connections menu in Provider Connectivity Assurance.

V.png

© 2025 Cisco and/or its affiliates. All rights reserved.
 
For more information about trademarks, please visit: Cisco trademarks
For more information about legal terms, please visit: Cisco legal terms

For legal information about Accedian Skylight products, please visit: Accedian legal terms and tradmarks