Cloud Network Traffic

10/19/2020

Mirror Mirror on the wall show me the packets show them all!

Traffic mirroring is useful to set up and allow a true Packet Capture to occur without modifying or needing to have a primary host monitor and log traffic. With mirroring the traffic a host receives to some other device or series of devices we can setup independent dedicated systems for monitoring PCAP, IPD/IPS or any other system to facilitate monitoring and analysis of network traffic and threat detection.

Traffic mirroring can be tacked directly into any AWS EC2 instance and is not difficult to setup. Traffic Mirroring is AWS solution to what an on premise network tap. A Network Tap is a hardware device that’s installed on your network. It enables network traffic to pass through unimpeded while duplicating all data to a monitor port where it can be accessed by a network analyzer.