dcsimg

Amazon Web Services Redefines Cloud Networking with VPC Traffic Mirroring

AWS shakes up the cloud visibility and security market with a major new feature.

 By Sean Michael Kerner | Posted Jun 28, 2019
Page of   |  Back to Page 1
Print Article

Monitoring and securing traffic in the cloud isn't quite the same as it is in a traditional network. For one, there isn't the equivalent of a tap/span port to mirror traffic - that is there wasn't until June 25.

At its' Re:inforce security-focused event in Boston, AWS announced its new VPC Traffic Mirroring feature providing a new way to get visibility into cloud networking. The traffic mirroring feature is specific to AWS' Virtual Private Cloud (VPC) service, which provides a logically isolated section of the public cloud for customer usage.

"You can think of VPC Traffic Mirroring as a 'virtual fiber tap' that gives you direct access to the network packets flowing through your VPC," Jeff Barr, Chief Evangelist for AWS, wrote in a blog. " You can use VPC Traffic Mirroring in a multi-account AWS environment, capturing traffic from VPCs spread across many AWS accounts and then routing it to a central VPC for inspection."

Taps have long been used by traditional networking vendors to enable packet capture tools to monitor performance and security. Alongside the AWS launch were multiple networking vendors providing their own tools that are now enabled by the VPC Traffic Mirroring service.

"Traffic mirroring provides a native AWS solution that simplifies operations by allowing customers to natively mirror their VPC traffic, without using packet-forwarding agents," Heidi Gabrielson, director of product marketing for Riverbed's SteelCentral wrote in a blog. " Today, customers have to install and manage third-party agents on EC2 instances to capture and mirror VPC traffic. This poses scaling challenges and increases operational burden."

Gabrielson commented that support for VPC Traffic Mirroring is coming in September as part of Riverbed's AppResponce Cloud services.

ExtraHop is also set to embrace AWS' VPC Traffic Mirroring via a new service of its own dubbed ExtraHop Reveal(x) Cloud. Reveal(x) Cloud provides network visibility as well as network detection and response (NDR).

"Cloud providers continue to work with security vendors and with enterprise customers to provide functionality and integrations that make it easier, more efficient, and more secure to build presence in the cloud," Fernando Montenegro, Principal Analyst at 451 Research, wrote in a statement. "Amazon VPC traffic mirroring is just the latest example. ExtraHop’s Reveal(x) Cloud fits within this trend, as it allows customers to use traffic monitoring to achieve better network visibility, detection and response, and to do that as a service. This is likely to assist SecOps teams making the transition to support cloud deployments."

Sean Michael Kerner is a senior editor at EnterpriseNetworkingPlanet and InternetNews.com. Follow him on Twitter @TechJournalist.

Get the Latest Scoop with Networking Update Newsletter