Operating workloads in Amazon AWS introduces new challenges for network visibility and security. Traffic is distributed across regions, services, and shared infrastructure, while traditional packet capture is not available.
FastNetMon provides flow-based network traffic monitoring and DDoS detection for AWS by integrating with native Amazon services. Using VPC Flow Logs as the primary telemetry source, FastNetMon enables operators to analyse traffic patterns, detect anomalies, and gain visibility into cloud network behaviour.
Flow-Based Visibility Using VPC Flow Logs
In AWS environments, FastNetMon relies on Amazon VPC Flow Logs to collect network telemetry. VPC Flow Logs provide metadata about traffic flowing to and from network interfaces within a Virtual Private Cloud.
FastNetMon processes this flow data and converts it into its internal traffic representation, enabling consistent monitoring across cloud and on-premise environments. This approach avoids the need for packet inspection and works at scale within AWS constraints.
Native AWS Components Integration
FastNetMon integrates with several AWS-native services to collect and process flow data.
Amazon Lambda is used to receive VPC Flow Logs, transform them into a format supported by FastNetMon, and forward them for analysis. This process is automated once configured and does not require manual intervention during operation.
FastNetMon can also use the Amazon API to retrieve metadata about cloud resources. This includes mapping internal IP addresses used by virtual machines or load balancers to external IP addresses where required. This mapping allows traffic statistics and detections to be presented in a way that is meaningful for operators monitoring internet-facing services.
Cloud Traffic Analytics and Cost Visibility
Understanding traffic patterns in AWS is critical not only for security, but also for cost control. FastNetMon helps identify which regions, services, and external networks generate the most traffic to and from your VPCs.
This visibility supports capacity planning, optimisation of data transfer costs, and informed decisions about architecture changes such as load balancing, regional deployments, or use of CDNs.
Deployment Models in AWS
FastNetMon can be deployed directly within AWS as a virtual machine instance. Two common deployment models are supported.
A single central FastNetMon instance can collect and analyse flow data from multiple AWS regions. Alternatively, separate FastNetMon instances can be deployed per region to keep traffic telemetry local and avoid transferring flow data across regions or external networks.
The choice depends on operational, security, and data residency requirements.
DDoS Detection in Cloud Environments
Using flow data from VPC Flow Logs, FastNetMon monitors traffic rates, packet counts, and flow characteristics to detect abnormal patterns that may indicate DDoS attacks.
This enables early detection of volumetric and protocol-level attacks affecting cloud workloads, even in environments where traditional network-level controls are limited.
Network Visibility for AWS at Scale
FastNetMon integrates with AWS services such as VPC Flow Logs, Lambda, and the Amazon API to provide reliable, scalable network traffic visibility without requiring changes to application workloads.
The same FastNetMon platform can be used across cloud and on-premise environments, simplifying operations and tooling.
Get Started with FastNetMon on AWS
FastNetMon helps you gain clear visibility into your AWS network traffic and detect DDoS attacks using native cloud telemetry.
Start a free trial to evaluate FastNetMon in your AWS environment, or contact our sales team to discuss deployment options and architecture recommendations.