A consulting firm oversees AWS accounts for its clients. One client requires intrusion prevention for their environment without re-architecting the setup. The environment consists of five VPCs across two AWS Regions in the United States, connected via VPC peering. The client does not anticipate adding more VPCs in the next two years. The solution must support unencrypted traffic.

Which solution fulfills these requirements?