Support for this exists in the latest AMI Linux and FreeBSD images, but not in older ones. This feature will require the use of the newer Elastic Network Adapter. That said, capture with a T3 instance is not recommended for production, if a lot of bandwidth is being monitored. Therefore, for experimentation, a T3 instance will allow for use of the feature, with significantly lower cost. The cost involved with the smallest version of this instance type can still be over $100 per month. Large high-speed local ephemral hardware storage that provides high-speed, multi-terabyte landing zone for pcap archives.Enhanced networking offers an adapter that can scale from 25Gbps to 100GBps.
For this, a storage-optimized EC2 instance, the I3en, will be suitable for two reasons: As a start, we will try to build a system that will capture traffic from one or more traffic sources. The following blog post introduces us to traffic mirroring with an example of setting it up in the AWS console:įirst thing, it is important to identify an instance that will be best suited for the job. It is a really interesting feature, and as such I've wanted to try it out, as network traffic inspection and collection is notoriously challenging in the AWS cloud environment. This feature is available on any compute workload that is built using the new AWS Nitro System (link contains supported EC2 instance types).
Earlier this year, AWS made available a new feature named " Traffic Mirroring" to their customers.
0 kommentar(er)
