OK, this isn’t likely to happen for Software as a Service, but if you are taking Platform or Infrastructure as a Service, it’s not an unreasonable request.
I would hope your provider is deploying separate virtual switches per customer, and they should be distributed to allow ease of virtual machine migration and of course scale. You did check didn’t you?
So, how much effort would it be to allow you a promiscuous port for a virtual probe? Plus of course your provider is going to get additional revenue from its deployment.
So why do this?
Well firstly, solutions like Riverbed SteelCentral will provide you visibility into the traffic into the virtual switch and between virtual machines, which means if you have performance problems, you have a platform in place to give you advance warning and help you troubleshoot. You can also use it’s behaviour analytics to warn you if the traffic patterns change.
Secondly, your security team will have a response plan that guides them through the evidence they need to gather if they believe a security breach has occurred. Part of this is tracking who talked to what and when. Getting this information from a cloud provider is highly unlikely and if it is the time scales will likely exceed your needs.
So find out how Riverbed’s SteelCentral solution can help you in the Cloud.