Analyze Vpc Flow Logs | Security | Performance

VPC flow logs are an important part of AWS to help troubleshoot connectivity and security issues and to make sure that security group access is in the right place.

The logs capture important information about the IP traffic to and from network interfaces, subnets and VPCs in the AWS infrastructure. They are used to monitor security by tracking traffic reaching and leaving the resources(instance, databases, etc) in the AWS infrastructure.

The logs provide network flow visibility in the dynamic cloud which helps in tightening security and understand network performance.

And of course, keep the SecOps team off your back.

Security

The flow logs provide a number of avenues to tighten your security and make sure everything is connecting as needed.

  1. They can be used to boost data collection to help in correlate and to strengthen securityinsights.
  2. Help you create baselines of your standardized network activities which in turn helps in identifying abnormal events.
  3. Identifying potential botnet activity is easier by comparing time-stamps and periodicity of certain traffic. You can also directly look for known botnet connections to interfaces and block them.
  4. Identify and block vulnerability scans by checking for ping sweeps, port scans and other malicious activities associated to discover weaknesses in the network.
  5. You can also improve troubleshooting of performance problems.
  6. Optimize connectivity inside your organization for developers, testers and ITOps teams.

Performance

The VPC flow logs help in identifying latencies, establish performance baselines and tweak apps as needed.

It provides granular information like traffic flow duration & latencies, bytes sent which in turn helps in identifying performance issues quickly. Having quantifiable data from the logs helps in providing a better user experience.

VPC flow logs are employed to monitor internal application services. The applications build on the microservices architecture heavily rely on internal traffic to communicate.

Note: Understanding VPC flow logs also provides an opportunity to save bandwidth costs like Mikuláš did. You can read more about it here.

Analyzing VPC Flow Logs

Enabling them is the easy part but analyzing VPC flow logs is just another ball game. There are multiple ways of analyzing the VPC flow logs but most of them are expensive in terms of bandwidth and time needed to set them up. Below are certain ways to set up your dashboard.

Conclusion

AWS has provided these logs to improve network visibility and tackle security, performance, and cost.

P.s. – We recently opened the registrations to the closed beta for visualizing VPC flow logs in a virtual environment.

Analyze Vpc Flow Logs | Security | Performance

Smart Scheduling at your fingertips

Go from simple to smart, real-time AWS resource scheduling to save cost and increase team productivity.

Learn More
More Posts

You Might Also Like

AWS Use Case Files
Launch EC2 Instances with CloudFormation
CloudFormation is the gateway to Infrastructure-as-code for AWS users. Learn how you can deploy Cloudformation templates through Totalcloud workflows and increase your customization.
June 25, 2020
Hrishikesh
AWS Use Case Files
JIRA Triggered Cloud Management
What if cloud management were as easy as raising a JIRA ticket? Almost every DevOps team uses JIRA as a standard means of issue tracking & task management. It’s a given that it would be a seamless process if you could also integrate your cloud processes with it.
June 16, 2020
Hrishikesh
AWS Use Case Files
Totalcloud Launches New Temporary Rightsizing Feature
You can't always shut down your EC2 machine outside of business hours since some machines are needed up for longer periods. Totalcloud's new downgrade feature lets you optimize your costs by letting you downgrade your machines in a fixed schedule.
June 8, 2020
Hrishikesh
AWS Use Case Files
S3 Cost Saving: Archiving Compressed S3 Data into Glacier
We've devised a new workflow to cut your archiving costs. Simplify the storage, compression, and transfer of your S3 data into S3 Glacier with 1 workflow and 8 nodes.
June 8, 2020
Hrishikesh
AWS Use Case Files
Creating a 3-tier Application With Totalcloud’s Code-Free Workflows
As part of a new request by a customer, we've developed a workflow to deploy 3-tier applications much faster. Utilising merely 3 workflows to achieve a result that would have you scripting and troubleshooting for hours. This post gives you an idea of how this workflow functions, the services being used, and how you can benefit from it.
June 2, 2020
Hrishikesh
AWS Tips & Tricks
Componentized Cloud Management: The way ahead for Cloud Automation
When something gets complex, our primary approach is to break it down — even cloud management. If you’re a part of a growing company that uses the cloud, you can see your infrastructure becoming more…
May 29, 2020
Sayonee