DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Refcards Trend Reports Events Over 2 million developers have joined DZone. Join Today! Thanks for visiting DZone today,
Edit Profile Manage Email Subscriptions Moderation Admin Console How to Post to DZone Article Submission Guidelines
View Profile
Sign Out
Refcards
Trend Reports
Events
Zones
Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
What's in store for DevOps in 2023? Hear from the experts in our "DZone 2023 Preview: DevOps Edition" on Fri, Jan 27!
Save your seat
  1. DZone
  2. Software Design and Architecture
  3. Cloud Architecture
  4. Analyze VPC Flow Logs for Security and Performance

Analyze VPC Flow Logs for Security and Performance

VPC flow logs are an important part of AWS to help troubleshoot connectivity and security issues and to make sure that security group access is in the right place.

Veer Abheek Singh Manhas user avatar by
Veer Abheek Singh Manhas
·
Mar. 26, 18 · Analysis
Like (4)
Save
Tweet
Share
5.27K Views

Join the DZone community and get the full member experience.

Join For Free

The logs capture important information about the IP traffic to and from network interfaces, subnets and VPCs in the AWS infrastructure. They are used to monitor security by tracking traffic reaching and leaving the resources(instance, databases, etc.) in the AWS infrastructure.

The logs provide network flow visibility in the dynamic cloud which helps in tightening security and understand network performance. 

And of course, keep the SecOps team off your back.

Security

The flow logs provide a number of avenues to tighten your security and make sure everything is connecting as needed.

  1. They can be used to boost data collection to help correlate and strengthen security insights.
  2. Help you create baselines of your standardized network activities which in turn helps in identifying abnormal events.
  3. Identifying potential botnet activity is easier by comparing time-stamps and periodicity of certain traffic. You can also directly look for known botnet connections to interfaces and block them.
  4. Identify and block vulnerability scans by checking for ping sweeps, port scans and other malicious activities associated to discover weaknesses in the network.
  5. You can also improve troubleshooting of performance problems.
  6. Optimize connectivity inside your organization for developers, testers and, ITOps teams. 

Performance

The VPC flow logs help in identifying latencies, establish performance baselines, and tweak apps as needed.

It provides granular information like traffic flow duration and latencies and bytes sent, which in turn helps in identifying performance issues quickly. Having quantifiable data from the logs helps in providing a better user experience. 

VPC flow logs are employed to monitor internal application services. The applications build on the microservices architecture heavily rely on internal traffic to communicate.

Note: Understanding VPC flow logs also provides an opportunity to save bandwidth costs like Mikuláš did. You can read more about it here.

Analyzing VPC Flow Logs

Enabling them is the easy part but analyzing VPC flow logs is just another ball game. There are multiple ways of analyzing the VPC flow logs but most of them are expensive in terms of bandwidth and time needed to set them up. Below are certain ways to set up your dashboard.

  • Analyzing VPC Flow Logs with Amazon Kinesis Firehose, Amazon Athena, and Amazon QuickSight

  • Analyzing AWS VPC Flow Logs using Apache Parquet Files and Amazon Athena

 

Conclusion

AWS has provided these logs to improve network visibility and tackle security, performance, and cost.

P.S. – We recently opened the registrations to the closed beta for visualizing VPC flow logs in a virtual environment.

Visual AWS VPC flow

Virtual private cloud Flow (web browser) security Analyze (imaging software)

Published at DZone with permission of Veer Abheek Singh Manhas, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

Popular on DZone

  • Project Hygiene
  • Top Five Tools for AI-based Test Automation
  • Educating the Next Generation of Cloud Engineers With Google Cloud
  • Pros and Cons of Using Styled Components in React

Comments

Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 600 Park Offices Drive
  • Suite 300
  • Durham, NC 27709
  • support@dzone.com
  • +1 (919) 678-0300

Let's be friends: