Back to blog results

June 11, 2015By George Gerchow

Sumo Logic AWS VPC Flow Log Application

Hola peeps,

Exciting times here at Sumo Logic! Last week we announced a new round of funding Sumo Logic Raises 80 Million and this week we are EXCITED to holla about our upcoming release of the AWS VPC Flow Log App!

See the AWS blog by @jeffbarr https://aws.amazon.com/blogs/aws/vpc-flow-logs-log-and-view-network-traffic-flows/At a high level VPC Flow Logs allow AWS customers to create alarms that will fire if certain types of traffic are detected; you can also create metrics to help you to identify trends and patterns.

The information captured by Flow Logs includes allowed and denied traffic (based on security group and network ACL rules). It also includes source and destination IP addresses, ports, the IANA protocol number, packet and byte counts, a time interval during which the flow was observed, and an action (ACCEPT or REJECT).

The Sumo Logic Application will add a TON of additional value on top of what AWS is currently giving you with pre built Dashboards that show Geographical Locations of Network Traffic, highlight REJECTED IP’s

Dashboard Uno: Packets dropping from China and Russia

LiveDashboard1

Dashboard Dos: Looking for Anomalies within the Network Traffic (Source, Destination, high rate of packets dropped) all dynamically set by our machine based learning analytics.

InteractiveDashboard1

This is just another step in quest of the Cloud Illuminati. Stay tuned for more updates and join us in our BETA program to get a head start on our AWS VPC Flow Application!

Join the Cloud Illuminati

Cambio y Fuera!

George

Complete visibility for DevSecOps

Reduce downtime and move from reactive to proactive monitoring.

George Gerchow

George Gerchow

As Sumo Logic's Chief Security Officer (CSO), George Gerchow brings 18 years of information technology and systems management expertise to the application of IT processes and disciplines. His expertise impacts the security, compliance, and operational status of complex, heterogeneous, virtual and cloud computing environments. Mr. Gerchow's practical experience and insight from managing the infrastructures of some of the world's largest corporate and government institutions, make him a highly regarded speaker and invited panelist on topics including cloud secure architecture design, virtualization, configuration management, operational security and compliance. George was one of the original founders of the VMware Center for Policy and Compliance and he holds CISSP, ITIL, Cisco, and Microsoft Certifications. Mr. Gerchow is also an active Board Member for several technology start ups and the co-author of Center for Internet Security - Quick Start Cloud Infrastructure Benchmark v1.0.0 and is a Faculty Member for IANS - Institute of Applied Network Security https://www.iansresearch.com/

More posts by George Gerchow.