Monitoring Egress Traffic
| Controller 8.0 and the enablement of the DCF feature is required to monitor VPC/VNets. |
On the Security > Egress > Egress VPC/VNets tab, you monitor onboarded VPC/VNets to apply egress and monitor the traffic of these VPC/VNets to the Internet.
Monitoring your VPC/VNets:
-
Applies local egress
-
Modifies the default route
-
Enables SNAT
-
Creates Monitor-VPCs Watch Rules against the selected VPC/VNets:
-
Monitor-VPCs-ICMP-Rule
-
Monitor-VPCs-UDP-Rule
-
Monitor-VPCs-Domains-Rule
-
-
Adds the VPC/VNets to the Monitored-VPCs SmartGroup
To monitor VPC/VNets:
-
On the Security > Egress > Egress VPC/VNets tab, do one of the following:
-
Select one or more VPC/VNets and then select Monitor from the Actions menu.
-
Click Monitor in the Recommended Action column next to a VPC/VNet.
The Monitor VPC/VNets dialog displays.
-
-
Click Monitor.
The status changes to Monitored for this VPC/VNet on the Egress VPC/VNets tab.
A timestamp is displayed next to the VPC/VNet on the Egress VPC/VNets tab to indicate how long it has been monitored.
Disabling Monitoring of Egress Traffic
You disable monitoring for all VPCs/VNets by going to Security > Distributed Cloud Firewall > Policy and deleting the Monitor-VPCs Watch Rules that were created when monitoring was enabled. You cannot disable monitoring for individual VPC/VNets.