• Support
  • Forums
  • Blogs

USM for AWS capable for NIDS

FusionITSecurityFusionITSecurity

Based on recent request from PCI-DSS auditor, we are required to have NIDS in place to prevent attacker who may have compromised to a machine from further exploitation to all other instances within the internal network. 

Please may i know if NIDS is available on USM for AWS version when monitoring internal traffic between AWS's EC2 instances ?

Much appreciated for any guru or expert's advices.


Share post:

Answers

  • Fusion IT Security,

    AWS does not support Promiscuous monitoring, nor does it allow an instance to view the network traffic for other instances.  You can find documentation for this on AWS’s site such as the following page where under the title “Packet Sniffing” they mention you can’t see network traffic for other devices. 


     Due to this limitation from AWS, the USM for AWS product does not offer a NIDs solution for AWS.  Please note you can still gain insight into your network traffic  by enabling things like VPC flow logs or having either a host or in-line firewall.  With any of those options you can send the logs to the USM for AWS product
    tracy.danger
Sign In or Register to comment.