VPC Access gives you real-time visibility into traffic between virtual private clouds (VPCs), so you can spot unusual activity and respond quickly.
Prerequisites
Before you begin, ensure that you have:
A VPC firewall created and enabled. For more information, see Configure a VPC firewall for an Enterprise Edition transit router
View VPC access data
Log on to the Cloud Firewall console.
In the left-side navigation pane, choose Traffic Analysis > VPC Access.
In the upper-right corner of the VPC Access page, set the time range for the query. Select a preset range from the drop-down list, or specify a custom range within the last seven days.
In the upper-left corner, select the local VPC and peer VPC to filter traffic data. For the peer VPC, select a specific VPC or choose All VPC Firewalls.
Review the sections and tabs described in the following table.
What each section shows
| Section or tab | What it shows | What you can do |
|---|---|---|
| Traffic Between VPCs | Peak traffic, average traffic, and inbound/outbound trend charts for the selected VPCs. | Click any point on a trend chart to see the top IP addresses involved in traffic at that moment in the Ranking of IP Addresses by Traffic section. |
| Ranking of IP Addresses by Traffic | Top 10, 20, or 50 IP addresses by traffic volume. Columns: IP, Inbound, Outbound. Default view shows the top 50. | Click View Logs in the Actions column to open the VPC Border page and review log details for that IP address. |
| Ranking of Sessions Between VPCs | Session-level traffic data between VPCs. Columns: Ranking, Session, Sessions, Traffic, Port, View Proportion. | Click View in the View Proportion column to see the port distribution for that session in the Open Port Proportion section. |
| Open Port Proportion | Distribution of all open ports. | — |
| Open Ports tab | Open ports used in VPC traffic. Columns: Local Open Port, Protocol, Application, Access Traffic, Requests, Local Asset IP Address, Risk Level. | Click View Details in the Actions column to open the Port Access Details panel. From the panel, click View Logs next to a peer IP address to see log details on the VPC Firewall tab of Traffic Logs. To export the port list, click the download icon above the port list to download a CSV file. |
| Asset tab | Assets involved in VPC traffic. Columns: Local Asset IP Address, Local Instance ID/Name, Local Port, Access Traffic, Requests, Risk Level. | Click View Details in the Actions column to open the Asset Access Details panel. From the panel, click View Logs next to a peer IP address to see log details on the VPC Firewall tab of Traffic Logs. To export the asset list, click the download icon above the asset list to download a CSV file. |