VPC flow monitoring
With reasons such as security, data modernization, growth, flexibility, and cost driving more businesses to move to the cloud, organizations that have their data on-premises are using the cloud for their vital data. Amazon Web Services (AWS) continues to be one of the most sought after and in demand, and Amazon Virtual Private Cloud (VPC) is gaining popularity among those with a majority of their data on-premises.
Amazon VPC is a cloud computing service that allows you to define and launch your own private cloud by isolating a section of the AWS cloud. The Amazon VPC mirrors a traditional network and includes a VPC dedicated to your AWS account, a subnet, a route table that determines where the traffic is directed, a VPC endpoint that enables you to privately connect to the VPC and related AWS services, Classless Inter-Domain Routing (CIDR) block, and an internet gateway that is attached you the VPC. You have complete control over your VPC, and can customize network configuration and define the visibility of your network and resources on the Amazon cloud.
Amazon VPC flow logs
AWS provides two methods to monitor the network traffic in your Amazon VPC. They are Amazon VPC traffic mirroring and Amazon VPC flow logs.
Amazon VPC flow logs allows you to monitor, collect, and analyse network flow logs which is the IN and OUT IP traffic going to and from your AWS resources. This includes information about source and destination IP addresses, ports, protocol number , packet count and byte count. It also includes information about what traffic is allowed, what is denied, and an action (accept or reject). Flow logs can be created for an entire VPC, a subnet, or just a network interface. This collected data can then be pushed to Amazon CloudWatch or Amazon S3(Simple Storage Service)storage.
You can use this feature to gain visibility into your network traffic patterns and activities, detect network anomalies, and troubleshoot connectivity, configuration, and security issues.
NetFlow Analyzer and Amazon VPC flow monitoring
ManageEngine NetFlow Analyzer now integrates with and extends support for Amazon VPC to make cloud monitoring easier. NetFlow Analyzer's VPC flow monitoring features helps you collect and monitor all critical performance metrics in the form of logs, and provides you with a comprehensive view of the AWS resources and VPCs in your network.Download now
- Getting Started
- Licensing and pricing
The first step to monitoring VPC flow logs on NetFlow Analyzer is to add an AWS monitor to the NetFlow Analyzer console.
- Access AWS
Under the Export Cloud Flow tab in Settings, provide credentials such as AWS Access Key and Secret Access Key, and selecting Regions and Polling Interval to enable access to AWS.
Learn more about how to obtain the access and secret keys here.
- Create and Export Cloud Flow Logs
Once connected, VPC flow can be exported from the CloudWatchLogs API by selecting the interfaces, Aggregation Interval, Log Group Name, and IAM Role.
Once created, the Export Cloud Flow page will display the AWS instance details such as AWS name, region name, interface count and each individual AWS interface, its status, flow log ids, and export flow logs. An AWS instance can be created by individual users and the user specific AWS is accessible only to that particular user.Learn more about how to enable AWS and create VPC flow logs here.
NetFlow Analyzer helps monitor cloud traffic, discover patterns, and offers complete visibilty into your network with customizable reports.
The Devices tab in the Inventory section helps you gain visibility by providing a complete overview of the VPCs and their status, and allowing you to drill down to each of them to monitor individual interfaces, Flow Count, IN and OUT traffic, Source and Destination details, Applications, and Conversations.
NetFlow Analyzer's cloud flow monitoring feature helps you monitor VPC cloud interfaces in detail using the Search and Forensics reports. These reports provide you with in-depth interface-based information including IN and OUT Region Name, Interfa Name, Source and Destination IP, associated Applications, Port, Protocol, Traffic, TCP Flags, and Conversations.
With AWS and VPC cloud flow monitoring offered by NetFlow Analyzer, gain visibility into network traffic, application performance, and overall health of your AWS infrastructure and performance.
Each Amazon instance is considered as an interface for licensing. For example, if you are using the 6 router interfaces out of the 10 license , 4 cloud instances can be monitored for the same license. Once the license is applied, the instances can be managed directly from the UI under License Management Settings.