1개 답변
- 최신
- 최다 투표
- 가장 많은 댓글
3
VPC Flow Logs is a feature that enables you to capture information about the IP traffic going to and from network interfaces in your VPC. Flow log data is collected outside of the path of your network traffic, and therefore does not affect network throughput or latency.
Traffic Mirroring is an Amazon VPC feature that you can use to copy network traffic from an elastic network interface of type interface. You can then send the traffic to out-of-band security and monitoring appliances for:
- Content inspection
- Threat monitoring
- Troubleshooting
So the logs are just that. Logs about your IP Traffic. Mirroring streams a copy of the network traffic say to an EC2 or Appliance for packet inspection
관련 콘텐츠
- 질문됨 2달 전
AWS 공식업데이트됨 2년 전- AWS 공식업데이트됨 7달 전
So for what I can see Traffic Mirroring allows you to monitor traffic not caputred by VPC flowlogs (from/to ENI to ENI or NLB) and further monitor it
Its actually 2 difference fundamental features. Logs just log the From/To IP address, Size of packet, port numbers etc.. The Mirror can have a full copy of the packet. Need to understand whats in a network packet vs information about the IP Header of the packet..