Exam4Training

Which VMware Cloud tool would an administrator use to forward all the monitored traffic to a network appliance for analysis and remediation?

Which VMware Cloud tool would an administrator use to forward all the monitored traffic to a network appliance for analysis and remediation?
A . vRealize Log Insight
B . Traceflow
C . Port mirroring
D . IPFIX

Answer: C

Explanation:

Port mirroring is a VMware Cloud tool that an administrator can use to forward all the monitored traffic to a network appliance for analysis and remediation. The network appliance can then analyze the mirrored traffic and take the appropriate remedial action. Port mirroring can also be used to identify and troubleshoot network issues, as well as monitor network activities.

Port mirroring lets you replicate and redirect all of the traffic coming from a source. The mirrored traffic is sent encapsulated within a Generic Routing Encapsulation (GRE) tunnel to a collector so that all of the original packet information is preserved while traversing the network to a remote destination.

Port mirroring is used in the following scenarios:

Troubleshooting – Analyze the traffic to detect intrusion and debug and diagnose errors on a network.

Compliance and monitoring – Forward all of the monitored traffic to a network appliance for analysis

and remediation.

Port mirroring includes a source group where the data is monitored and a destination group where the collected data is copied to. The source group membership criteria require VMs to be grouped based on the workload such as web group or application group. The destination group membership criteria require VMs to be grouped based on IP addresses. Port mirroring has one enforcement point, where you can apply policy rules to your SDDC environment.

The traffic direction for port mirroring is Ingress, Egress, or Bi Directional traffic: Ingress is the outbound network traffic from the VM to the logical network. Egress is the inbound network traffic from the logical network to the VM.

Bi Directional is the traffic from the VM to the logical network and from the logical network to the VM. This is the default option.

https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/com.vmware.vmc-aws-networking-security/GUID-3268A0D3-89D0-406F-B44F-156DD1A30E00.html

Exit mobile version