ENGIE IT gets complete network traffic visibility thanks to AWS Traffic Mirroring, NetScout and Simac BMS

Given the critical nature of its operations, the availability of data or applications at energy management group ENGIE is a ‘must’. That’s why ENGIE continuously monitors all traffic on its networks. Recently, ENGIE IT expanded its traffic monitoring to the cloud and chose Simac BMS for the implementation of NetScout on Amazon Web Services, and for expert advice.

ENGIE IT is a business unit of the ENGIE Group. ENGIE IT delivers IT services at group level and at business unit level. Currently, ENGIE has a dual datacenter strategy, maintaining its physical datacenters in France (Paris) and Belgium (Gembloux), while most new applications are hosted in private clouds on Amazon Web Services or Microsoft Azure. ENGIE IT takes care of all the interconnections between the virtual private clouds (VPCs) of the business units and the global infrastructure.

Network monitoring is key

Business users expect flawless operation and constant availability of the network, requiring ENGIE IT to continuously monitor network traffic. “We need to deliver a continuous service to our business users. Over the years, cloud has become a central place to host infrastructure and services,” says Geoffrey Lambelin, Expert Network Tooling at ENGIE IT. “We cannot permit ourselves problems with availability.” Monitoring is key in assuring network performance for ENGIE. On the one hand, monitoring alerts instantaneously warns the organization about any abnormal traffic on the network and, on the other hand, monitoring also ascertains that the flow over the network is correct.

Three years ago, ENGIE IT set up a global infrastructure dedicated to the capture and analysis of network traffic for their two physical datacenters. To achieve this, ENGIE IT combined the high-end solutions from NetScout and Gigamon with the integration services of the Business Management Solution (BMS) division of Simac ICT Belgium.

For the physical data centers, ENGIE IT uses a standard network traffic capturing infrastructure based on a physical tap or probe on the fiber cabling. “As a general rule, we capture everything that enters and leaves the datacenter, covering both internal and external traffic,” said Geoffrey Lambelin. “This allows us to have a global 24/7 overview of what happens on our network at the datacenter.” Beside the probes in the datacenters, ENGIE IT also installed remote probes in the offices of the internal customers based in Paris and Brussels.

Monitoring in the cloud

As more of the applications and services have moved to the cloud, using physical taps was no longer an option. ENGIE IT has solved this challenge by installing Gigamon agents directly on the servers.

At the beginning of 2020, AWS released a new service, called Traffic Mirroring. Traffic Mirroring allows IT to capture the traffic from any virtual machine without having to interfere with the virtual machine itself. “Installing agents on the server takes time and always involves some risks,” said Geoffrey Lambelin. “Traffic Mirroring takes away a lot of the complexity.”

With Traffic Mirroring on AWS, ENGIE IT now gets the same features that were available with the NetScout/Gigamon implementation at the physical datacenters. “We have the same functionality, but with the added benefit of the cloud. In our legacy datacenters, data capture and analysis are still something very physical: you have to think of cabling, fibers, potential errors in the cabling, etc. When you work in the cloud, you don’t have to bother with that. You can configure a tap in AWS in just three minutes,” said Lambelin.


From an architectural viewpoint, ENGIE IT uses a logical backbone called ENGIE Backbone. It stretches between the physical datacenters and the cloud datacenters, using AWS Direct Connect and Transit Gateway. The Transit Gateway is the extension of the ENGIE Backbone in AWS. “We permanently capture the traffic at all entry and exit points. These points can be internal datacenter zones, the internet, connections to other Business Units or connections to partners. SD-WAN, VPN and other edge services are considered access points and are included in the monitoring. A second use of monitoring is the extension to the internet. We have a large number of Office 365 users depending on internet connections. We have permanent monitoring of the internet connections, both inside the network and outside. A third area of monitoring is a temporary capture whenever there is a performance problem.”

The information that is captured is presented in the dashboard that Geoffrey Lambelin frequently consults, but whenever something happens, alerts go out, and the monitoring data are analyzed. Upon request, dashboards are delivered to business users, and the data from NetScout are also used to uphold the SLAs that ENGIE IT has with its internal customers.

Positive and healthy relationship

ENGIE IT has been working closely with Simac BMS for over ten years, both for application monitoring and for network monitoring. The current cloud project was a logical extension to the network monitoring contract that ENGIE IT and Simac entered into five years ago. “We have a positive and healthy relationship with Simac BMS,” said Geoffrey Lambelin. “I have never had a single problem with Simac, neither technically nor commercially. There is a mutual openness, respect and honesty that creates a true partnership.”

“I see Simac as a human company, and they have the right size for a vendor. They are big and experienced enough to have good relationships with vendors such as NetScout and they are not so big that they become inaccessible. They play the role of a true integrator, being very proactive and alerting us to opportunities and challenges that we may have missed. I can always rest assured that they will handle things the right way, without needing to consult me for every action they take."

Objectives reached, looking to the future

With this AWS Traffic Mirroring project, ENGIE IT has achieved all its objectives. “We now have the same level and quality of capture in the cloud as we have in the physical datacenters,” said Geoffrey Lambelin. “But we are much more flexible when it comes to deployment. We always want to capture as much data as possible, and immediately add new access methods such as SD-WAN. We are very proud of what we have accomplished. This is not revolutionary, but it is on the cutting edge of technology, as we were among the first customers for AWS Traffic Mirroring. Our next project will be to extend this functionality to Azure, as soon as a comparable solution comes to market.”


ENGIE IT is a business unit of Global Business Support, part of ENGIE (EPA: ENGI), a worldwide reference in low-carbon energy and services. A global partner for IT and digital technology for the ENGIE Group, ENGIE IT partners with the ENGIE business units and their teams to implement and run IT and digital transformation projects. By delivering services and solutions to drive the operational excellence of the Group, ENGIE IT is creating a highly connected and collaborative environment that enables ENGIE’s transformation.

Are you interested in monitoring critical assets and applications?
Contact our specialists!

Network monitoring explained

Interested in our network monitoring services?

Network monitoring