A company has migrated to AWS and requires a solution for securing traffic in their production VPC, mirroring the capabilities of their previous on-premises inspection server. Which AWS service should they implement for traffic inspection and filtering?