Enable Traffic Visibliity

Enabling traffic visibility provides awareness into the traffic flows within the Cloud Accounts by collecting the following logs:

• NSG Flow Logs

• (AWS only) VPC Flow Logs

• DNS Logs

• Route53 Query Logging

The flow and DNS query logs are used by Multicloud Defense to understand traffic flow, correlate with threat intelligence feeds, and provide insight into existing threats that can be protected using Multicloud Defense.

Enabling traffic visibility is a different process for every cloud account type, but typically you will need to identiy account characteristics such as your cloud account's region, VPC/VNet you want to monitor, network security groups, and a cloud storage account for logs.

Note

Multicloud Defense does not support traffic visibility for OCI at this time. We strongly recommend enabling asset discovery as the alternative action for this proecdure: this means Multicloud Defense identifies and collects metadata for assets from an external environment and the resulting data collected creates an inventory that can be used to assist migration. See Enable Asset Discovery and Inventory for more information.