Posted On: May 12, 2022

Amazon Virtual Private Cloud (Amazon VPC) Traffic Mirroring now supports sending mirrored traffic to monitoring appliances behind a Gateway Load Balancer. This feature enables Amazon VPC Traffic Mirroring customers to centralize the out-of-band monitoring and inspection of network traffic across AWS accounts and VPCs.

Amazon VPC Traffic Mirroring allows customers to replicate network traffic from an EC2 instance and forward it to security and monitoring appliances for use cases such as content inspection, threat monitoring, and troubleshooting. Until now, customers could send mirrored traffic to monitoring appliances either directly using an Elastic Network Interface or through a Network Load Balancer. With this new capability, customers can forward mirrored traffic from their subnet, VPC, or account to the Gateway Load Balancer backed monitoring appliances via Gateway Load Balancer Endpoints deployed in the subnets containing their workloads. This helps simplify the monitoring of network traffic across AWS accounts and VPCs in a highly scalable and operationally efficient manner by removing routing complexity and operational overhead.

Gateway Load Balancer Endpoint as a target for Amazon VPC Traffic Mirroring is available in all 22 AWS regions where Amazon VPC Traffic Mirroring is supported: US East (Ohio, N. Virginia), US West (N. California, Oregon), Europe (Frankfurt, Ireland, London, Paris, Stockholm), Asia Pacific (Mumbai, Seoul, Singapore, Sydney, Hong Kong, Tokyo), Canada (Central), South America (São Paulo), Middle East (Bahrain), China (Beijing), operated by Sinnet, China (Ningxia) operated by NWCD, and AWS GovCloud Regions (US).

You can learn more about this feature by reading our documentation and the blog post.