This solution deploys Amazon Elastic Compute Cloud (Amazon EC2) instances with Suricata to the Amazon Web Services (AWS) Cloud. Suricata is an open-source tool for network security monitoring. This solution is for security, DevSecOps, and network engineers who want to use Suricata to monitor EC2 instances.
The solution provides parameters for deploying Sucata on a single EC2 instance or on multiple instances in an Auto Scaling Group. After deployment, you can configure Amazon Virtual Private Cloud (Amazon VPC) Traffic Mirroring to copy traffic from the elastic network interfaces of EC2 instances and send the traffic for out-of-band security inspection to Suricata. This solution deploys only Suricata and does not configure Traffic Mirroring.
This solution was developed by AWS.
What you'll build
How to deploy
Costs and licenses
https://aws.amazon.com/solutions/implementations/amazon-ec2-suricata/
