Sinefa probes can be deployed directly into Azure tenancies and are able to monitor network traffic within Azure (e.g. VM to VM) as well as in/out of Azure using several deployment options.
Azure NSG Flow Logs
In this deployment option, Sinefa Azure Probes constantly monitor Azure Storage for ASG (Application Security Group) Flow Log files. Similar to Netflow, these Flow Log records contain summary information about the network flows in/out of each VM with Flow Logs enabled.
ASG Flow Logs are easy to configure and very cost effective. However, only summary information is available so features such as Live, L7 DPI and performance metrics are unavailable.
Azure vTap (coming soon)
Azure vTaps copy all packets in/out of each VM where vTaps are enabled to the Sinefa Azure Probe such that raw packet data can be analyzed. Similar to a traditional SPAN or port mirror deployment, the Sinefa Probe sees all packets so can perform the full suite of visibility functions.
While Sinefa support for vTaps is live, Microsoft have yet to make vTaps generally available.
3rd Party Cloud Packet Brokers
3rd party cloud packet brokers install lightweight agents on all VMs that take copies of all packets in/out of the VM and send it to the Sinefa Azure Probe for analysis. Similar to the vTap approach, the agents are responsible for delivering copies of the packets to the Sinefa Probe (as opposed to the Azure Infrastructure itself in the case of vTaps).
Gigamon, Ixia CloudLens and Garland Prisims are examples of cloud packet brokers.
Sinefa probes can be configured to route packets between 2 subnets. In this case, packets pass through the Azure Sinefa Probe.
Sinefa probes that are deployed in-path can perform the full suite of visibility functions as well as provide traffic shaping.