I'm not aware of OSPF neighboring options with AWS but yes BGP peering is one of many choices. http://media.amazonwebservices.com/AWS_Amazon_VPC_Connectivity_Options.pdf
I recommend you read the first page of the Metron documentation, it should explain what Metron is generally - http://metron.apache.org/current-book/index.html - and if you have more questions feel free to ask. Jon On Sat, Dec 30, 2017, 19:57 Martin Lee <[email protected]> wrote: > Hi Jon, > > Do you mean AWS can be configured BGP and OSPF so that logically be part > of my network though physically outside my network site to collect scan ? > > Cisco IPS’s IME can get attacker or victim log, > What is the difference between IME and Metron? What are more in Metron in > aspect of security? > > Regards, > > Ho Yeung, Lee > > Get Outlook <https://aka.ms/qtex0l> for iOS > _____________________________ > From: [email protected] <[email protected]> > Sent: Sunday, December 31, 2017 6:05 AM > Subject: Re: where do Metron install ? inside or outside of infrastructure > network? > To: <[email protected]> > > > > Typically you would install Metron in a secured area of your network, > especially if you aren't implementing Kerberos. This can be locally on > servers, or in AWS (or be any other cloud) with certain configurations. > Metron does primarily data cleansing and analysis but is fed data from > sensors. Those sensors are the things that can be distributed throughout a > network, that do scans, or can be on systems in your environment as an > agent. There are a lot of options on how you get the logs and alerts from > the sensors into Metron, but for a start you can look at Apache NiFi or > tooling that uses librdkafka. Hope that helps, > > Jon > > On Sat, Dec 30, 2017, 11:36 Martin Lee <[email protected]> wrote: > >> Hi, >> >> i find that SOC can scan inside and outside of network. >> >> where do Metron install ? inside or outside of infrastructure network? >> >> as i see that it can be installed in Amazon cloud, >> is it install outside of infrastructure of company network? >> if install outside, how can it scan from inside? >> if install inside, how can it scan from outside? >> >> is there any book teaching how to set up Metron? >> i find that there are 10 nodes if install in Amazon >> >> Regards, >> Ho Yeung, Lee >> Martin >> >> -- > > Jon > > > -- Jon
