AWS Certified Solutions Architect - Associate
Get started today
Ultimate access to all questions.
A company has migrated to AWS and requires a solution for securing traffic in their production VPC, mirroring the capabilities of their previous on-premises inspection server. Which AWS service should they implement for traffic inspection and filtering?
A company has migrated to AWS and requires a solution for securing traffic in their production VPC, mirroring the capabilities of their previous on-premises inspection server. Which AWS service should they implement for traffic inspection and filtering?
Explanation:
The correct answer is AWS Network Firewall (Option C). AWS Network Firewall is specifically designed to provide traffic inspection and filtering functionalities for VPCs, closely replicating the capabilities of an on-premises inspection server. Amazon GuardDuty (Option A) focuses on threat detection and monitoring rather than direct traffic filtering. Traffic Mirroring (Option B) is used to capture traffic for analysis but does not provide inline filtering. AWS Firewall Manager (Option D) is a management tool for configuring and managing firewall rules across multiple accounts and resources, but does not directly perform traffic filtering itself.