Sinefa probes can be deployed directly into AWS tenancies and are able to monitor network traffic within AWS VPCs (e.g. VM to VM) as well as in/out of AWS VPCs using several deployment options.
AWS VPC Flow Logs
In this deployment option, Sinefa AWS Probes constantly monitor an AWS S3 bucket for AWS VPC Flow Log files. Similar to Netflow, these Flow Log records contain summary information about the network flows in/out of each VM with Flow Logs enabled.
AWS VPC Flow Logs are easy to configure and very cost effective. However, only summary information is available so features such as Live, L7 DPI and application performance metrics are unavailable. For more information on configuring AWS VPC Flow Logs, see How to Setup AWS VPC Flow Logs.
AWS VPC Traffic Mirroring
AWS VPC Traffic Mirroring (VTM) copies all packets in/out of each VM (where traffic mirroring is enabled) to a Sinefa AWS Probe. Similar to a traditional SPAN or port mirror deployment, the Sinefa Probe sees all packets so can perform the full suite of visibility functions.
AWS have made VPC Traffic Mirroring available on select VM instance types only. For instructions on how to configure AWS VPC Traffic Mirroring, see How to setup AWS VPC Traffic Mirroring (Nitro).
3rd Party Cloud Packet Brokers
3rd party cloud packet brokers install lightweight agents on all VMs that take copies of all packets in/out of the VM and send it to the Sinefa AWS Probe for analysis. Similar to the Traffic Mirroring approach, the agents are responsible for delivering copies of the packets to the Sinefa Probe (as opposed to the AWS infrastructure itself in the case of Traffic Mirroring).
Gigamon, Ixia CloudLens and Garland Prisims are examples of cloud packet brokers.
Sinefa probes can be configured to route packets between 2 subnets. In this case, packets pass through the AWS Sinefa Probe.
Sinefa probes that are deployed in-path can perform the full suite of visibility functions as well as provide traffic shaping.