Amazon Web Services on Tuesday rolled out a new networking security feature that will let customers natively replicate network traffic from an EC2 instance. The new VPC traffic mirroring feature[1] enables customers to mirror EC2 instance traffic within their Amazon Virtual Private Cloud ( VPC) and forward that traffic to security and monitoring appliances -- making it easier to conduct content inspection, threat monitoring or troubleshooting.
"Running a complex network is not an easy job," Jeff Barr, chief evangelist for AWS, wrote in a blog post[2]. "In addition to simply keeping it up and running, you need to keep an ever-watchful eye out for unusual traffic patterns or content that could signify a network intrusion, a compromised instance, or some other anomaly."
Previously, customers had to install and manage third-party agents on EC2 instances to capture and mirror traffic.
The security and monitoring appliances that integrate with VPC traffic mirroring are available on AWS Marketplace[3]. Several AWS partners on Tuesday, including JASK,[4] NetScout[5] and Palo Alto Networks[6], announced solutions that integrate with VPC traffic mirroring.
Customers can deploy them on an individual EC2 instance or a fleet of instances. They can also filter the traffic that is mirrored, to limit monitoring to traffic they're interested in.
VPC Traffic Mirroring is now available in all commercial AWS Regions except Asia Pacific (Sydney), China (Beijing), and China (Ningxia). Support for those regions will be added soon.
The new feature was one of multiple networking and cloud security announcements made this week at AWS's new re:Inforce[7] security conference.
AWS is also introducing a new APN Security Navigate track[8]