Blog   |   Multi Cloud   |   September 16, 2013

CloudCheckr Use Case: Visibility and Control for the Public Cloud

How CloudCheckr responds to the core enterprise need for data center quality reporting by delivering complete visibility and enabling control in a decentralized cloud environment.

Over the last few months, we have been servicing both enterprises and some of the leading consultants that assist them. We have learned one key fact from these customers: enterprises require performance and security assurances before they will even consider a public cloud.
Speak to any enterprise or their service provider and the first 10 questions they ask revolve around how to effectuate cloud security. The next 10 will focus upon performance and how to ensure availability and elasticity. Only after these questions have been sufficiently answered, will the discussion turn to cost.
With this in mind, we turned to one of our enterprise user’s Cloud Manager (“John”) and asked him: “What are your main concerns with public cloud usage and how does CloudCheckr help assuage those concerns?”
John told us his single greatest concern is visibility. Without visibility into his deployment, he cannot ensure security or availability.
John had ‘grown-up’ in a data center environment. He was accustomed to the tools and controls that surround the data center. He was used to being able to efficiently track users, configurations, and resources. When John got to the cloud, the lack of tools was daunting.
John uses CloudCheckr for the following 5 reasons:

  1. He needs to create a comprehensive resource inventory.
  2. He has to track deployment changes.
  3. He needs to vigilantly assess his configurations.
  4. He has to ensure mitigation.
  5. Steps 1-4 must be repeatable.

John chose CloudCheckr because it makes it extremely easy for him to quickly and efficiently fulfill all of these needs.

Resource Inventory

John uses CloudCheckr to create his comprehensive inventory. Instead of being dependent upon self-reporting and manual tracking, he uses the CloudCheckr resource dashboard to automatically scan and provide a single view with a complete inventory of all resources employed within all of his teams’ accounts. In the decentralized cloud environment, this saves him hours of time. John is able to group his deployment resources by AWS service type, by account, and by individual user. He uses the click-through functionality to dive deep into the individual reports – down to the individual instance, distribution, security grouping, and more. He uses CloudCheckr to make his deployment transparent so that he can instantly assess all provisioned accounts and project resources.

Change Monitoring

Ensuring continued security, availability, and compliance demands on-going monitoring of a deployment. John recognized that the elasticity and decentralized nature of the cloud makes this difficult. Resource utilizations and configurations change on an hourly basis and, in a large deployment, monitoring and tracking those changes can be a full time job.
Instead of wasting hours and attempting to manually tackle this problem, John uses CloudCheckr’s customizable change monitoring alerts. Every morning, he is provided a comprehensive report of all deployment resource and configuration changes. He uses the report to identify potential issues, trace them back to their root causes, and ensure that he can quickly mitigate any potential security or availability concern.

Configuration Assessment

John also recognized that the dynamic environment of AWS could easily make manually checking a multi-person full time job.  However, CloudCheckr automates the process. After compiling its comprehensive inventory, CloudCheckr compares its finding against a proprietary list of 200 best practices. Checks are performed for security, availability, usage, and cost best practices. Exceptions are highlighted. Alerts are provided. John uses this feature to save him and his team hours of time and effort. He quickly customized his alert settings so that he could instantly review all potentially compromising configuration issues.


John knows that AWS is rapidly evolving and that exception mitigation can often be complicated with cascading issues and effects. He uses CloudCheckr to simplify the process. All CloudCheckr exception alerts contain detailed information about the exception, why it is important, possible mitigation strategies.
Instead of performing hours of research, John relies on the CloudCheckr experts to understand and explain the latest AWS features. John reviews the information and recommendations. He then employs CloudCheckr’s click-through functionality to dive directly to the individual resource in question. With CloudCheckr backing him up, John can then make a fully informed assessment and efficiently mitigate his security or availability concerns.


John understands that the cloud is dynamic and that each of steps 1-4 needs to be repeatable. He uses CloudCheckr to save him time. By automating the inventory, change reports, security alerts, and mitigation identification, CloudCheckr ensures that John is always in control of his deployment.
As John told us: “Without CloudCheckr, I would have to assign at least one team member to spend every minute of every day checking and rechecking my inventory and configurations. My entire focus would have to be on my AWS deployment.”

See CloudCheckr in Action

Schedule a demo to see what CloudCheckr can do for your resource management and change monitoring.