GigaVUE-FM connects to the VPC through the EC2 API endpoint. HTTPS is the default protocol which GigaVUE-FM uses to communicate with the EC2 API. For more information about the endpoint and the protocol used, refer to AWS service endpoints.
GigaVUE-FM provides you the flexibility to connect to multiple VPCs. You can choose the VPC ID and launch the GigaVUE Cloud Suite for AWS components in the desired VPCs.
Note: To configure the monitoring domain and launch the fabric components in AWS, you must be a user with fm_super_admin role or a user with write access to the Physical Device Infrastructure Management category.
To create a Monitoring Domain:
- From the left navigation pane, click Inventory > AWS, and then click Monitoring Domain.
- On the Monitoring Domain page, click the New button. The Monitoring Domain Configuration page appears.
- Enter or select the appropriate information as shown in the following table.
Description Use V Series 2 Select No to configure V Series 1 node. Configure HTTP Proxy
Select Yes to add a proxy server. Proxy server enables communication from GigaVUE-FM to the Internet, if GigaVUE-FM is deployed in a private network. On selecting a Proxy Server, enter the following information:
An alias used to identify the monitoring domain.
Authentication type for the connection. You can select one of the following:
Basic Credentials EC2 Instance Role
If Basic Credentials is selected, you must enter the Access Key and Secret Access keys.
AWS region for the monitoring domain. For example, EU (London).
Select the AWS account
Select the VPCs to monitor
Traffic Acquisition Method
Select a Tapping method. The available options are:
G-vTAP: G-vTAP Agents are deployed on your VMs to acquire the traffic and forward the acquired traffic to the GigaVUE V Series nodes. If you select G-vTAP as the tapping method, you must configure the G-vTAP Controller to communicate to the G-vTAP Agents from GigaVUE-FM. VPC Traffic Mirroring: If you select the VPC Traffic Mirroring option, the mirrored traffic from the VPC connections is monitored directly using the GigaVUE V Series nodes, and you need not configure the G-vTAP Agents and G-vTAP Controllers.
For more information on VPC Peering, refer to VPC peering connections in the AWS Documentation.
- G-vTAP Controller configuration is not applicable for VPC Traffic Mirroring.
- For VPC Traffic Mirrorning option, additional permissions are required. Refer to the Permissions and Privileges for details.
- After deploying the Monitoring Session in GigaVUE-FM, a traffic mirror session is created in your AWS VPC. For more details, refer to Traffic Mirroring in AWS Documentation.
Secure Mirror Traffic
Check box to establish secure tunnel between G-vTAP Agents and GigaVUE V Series nodes for traffic across VPCs.
- Click Save. The AWS Fabric Launch Configuration page appears.