Intrustion Detection System on the AWS platform

Question

Is there a solution for an intrustion detection system on the AWS platform? Would you have to go 3rd party or do they have their own offering?

Thanks!

Michal Gasek · Accepted Answer · 2016-11-26T15:48:28.147

Your question is very general. IDS systems look a bit different in the cloud compared to on-premise "traditional" setups and AWS provides a wide array of options in the security area for example: IAM, CloudTrail & VPC Flow Logs. They can serve as building blocks for IDS depending on what you want to achieve.

If you are asking about more "traditional" IDS systems (network-sniffing boxes), there are lots of solutions available on AWS Marketplace via partners, for example: Sophos, AlertLogic, TrendMicro, CloudPassage.

The best recommendation I could give you is watching below videos to get a better overview what are your options:

AWS re:Invent 2015 | (SEC205) Learn How to Hackproof Your Cloud Using Native AWS Tools

AWS re:Invent 2014 | (SEC402) Intrusion Detection in the Cloud

Intrusion Detection in the Cloud (SEC402) | AWS re:Invent 2013

Sorry about the generality. I guess I just wanted to know the various options. These are great resources, thank you. — Justin, Nov 26 '16 at 01:31

score 0 · Answer 2 · answered Nov 27 '16 at 06:09

0

Snort is a well known Intrusion Detection System. Bro is another well known IDS

answered Nov 27 '16 at 06:09

Nadir Latif

3,690
1
15
24

Intrustion Detection System on the AWS platform

2 Answers2