FortiCWP consolidates AWS traffic logs of all virtual private cloud resources and present in a graphical user interface. By enabling traffic log, FortiCWP lets you be able to monitor all inbound and outbound traffic visually, and remediate suspicious activities on AWS Cloud. To activate Traffic feature on FortiCWP, AWS flow logs needs to be enabled.
An active Amazon AWS account installed on FortiCWP is required to enable Traffic logging.
- Log into AWS portal: https://console.aws.amazon.com/
- Click on Services and search for "cloudwatch".
- Click on Logs from left menu.
- Click on Get Started. then click on Create log group in welcome page.
- Give a log group name and keep the log group name for later use.
- Click OK to finish creating log group.
- Click on Services and search for "VPC".
- In VPC Dashboard, click Your VPCs.
- Select all the VPC that you want to create flow log, right click, and select Create flow log.
- In Filter field, click on drop down menu to select All.
- Make sure Destination has Send to CloudWatch Logs selected.
- In Destination log group, enter the log group name created earlier.
- Click on Set Up Permissions Under IAM role to grant permission.
- In the new pop-up screen, next to IAM Role, make sure flowlogsRole is selected, for Policy Name, make sure Create a new Role Policy is selected.
- Click Allow.
- Go back to Create flow log page, next to IAM role, select flowlogsRole. Then go to step 12.
- When Flow Logs Role creation page pop-up, click Allow to grant permission to create a Role with the name flowlogsRole.
- Now go back to "Create flow log" page, select flowlogsRole under IAM role, then click Create to complete the setup.
If flowlogsRole is not in the selection, this means that you are setting up VPC flow log for the first time. Click Set Up Permissions to set up a new Role.
FortiCWP is now able to extract cloud traffic data from AWS and present in Traffic on FortiCWP.
|You have finished all the steps to activate FortiCWP Traffic.|