Hi @petemb,
You can use port mirroring in VMConAWS to analyze Ingress, Egress or Bi Directional traffic.
Port Mirroring use a "source group" where the data is monitored and a "destination group" where the data is copied to, so you will need to create Compute Groups for the source VMs and the destination VMs to send the traffic ( this destination group is based on IPs addresses)
Also you you will need a virtual appliance to be deployed on the VMConAWS side as your security VM to analyze the traffic or install the security software in a new VM.
The steps are quite simple:
- Login in to the VMC console and select Networking & Security and then Port Mirroring
- On the Port Mirroring tab Add Profile and create a new one. Select here the parameters you would line to monitor:
- Tag the port mirroring profile to use it for future needs if you want, so when you create new VMs or the ones you have, you can add this tag and all of them will be under the same security profile you just created.
Related links:
There is good video where you can see a live demo in this link: https://www.youtube.com/watch?v=CToNGJ7jGvg&feature=emb_logo
How to add a Port Mirroring Profile: https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.0/administration/GUID-DBF4B64F-5F77-4255-95BF-...
How to add a Compute Group: https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/com.vmware.vmc-aws.networking-security/GUID-...
VMware Cloud on AWS Networking and Security guide Updated 14 January 2021: https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/vmc-on-aws-networking-security.pdf
Regards,