Which solution meets these requirements?

By:
On:
In: SOA-C01
Tagged:
With: 0 Comments
A company has a web application that is deployed in a VPC.Inbound traffic to this web application comes in through an internet gateway and arrives at a NetworkLoad Balancer (NLB).From there, the traffic travels to multiple Amazon EC2 instances in two private subnets.The company wants to perform deep packet inspection on the inbound traffic to identify potential hacking attempts.

Which solution meets these requirements?

Configure AWS Shield for the VPC.

Use AWS Network Firewall on the VPC. Configure Network Firewall to perform deep packet inspection.

Use AWS Network Firewall on the subnets. Configure Network Firewall to perform deep packet inspection.

Set up Traffic Mirroring on an inbound port of the NLB.

Explanations:

AWS Shield is primarily designed to protect against DDoS attacks, not for deep packet inspection. It doesn’t provide the capability for detailed analysis of inbound traffic for hacking attempts.

AWS Network Firewall is a managed service that allows for deep packet inspection in VPCs. It can be configured to analyze and filter traffic to identify potential security threats, including hacking attempts.

AWS Network Firewall should be deployed in the VPC, not in individual subnets. Configuring it only in the subnets does not provide the required traffic inspection for the entire VPC’s inbound traffic.

Traffic Mirroring allows you to capture and analyze traffic, but it doesn’t perform deep packet inspection on its own. It can be used for monitoring and troubleshooting, but additional tools or services would be required for deep packet inspection.

Leave a Reply

Your email address will not be published. Required fields are marked *

four × one =