AWS Certified Advanced Networking - Specialty Exam: Monitoring VPN Connections

Answer - D.

The AWS Documentation mentions the following.

You can monitor VPN tunnels using CloudWatch, which collects and processes raw data from the VPN service into readable, near real-time metrics.

These statistics are recorded for a period of 15 months, so that you can access historical information and gain a better perspective on how your web application or service is performing.

VPN metric data is automatically sent to CloudWatch as it becomes available.

For more information on monitoring VPN Connections, please refer to below URL:

The correct answer is D. AWS CloudWatch.

AWS CloudWatch is a monitoring service provided by Amazon Web Services that allows you to monitor your AWS resources and the applications you run on AWS in real-time. It can be used for monitoring VPN connections to ensure their proper operation and detect any issues that may arise.

VPC Flow Logs, AWS WAF, and AWS Config are not suitable for monitoring VPN connections.

VPC Flow Logs can be used to capture information about IP traffic flowing to and from network interfaces in an Amazon VPC. This information can be used for network monitoring, troubleshooting, and security analysis. However, VPC Flow Logs do not provide specific information about VPN connections.

AWS WAF is a web application firewall that helps protect web applications from common web exploits. It can be used to filter traffic to and from web applications based on specific criteria, such as IP addresses, HTTP headers, and URI strings. However, AWS WAF is not designed for monitoring VPN connections.

AWS Config is a service that enables you to assess, audit, and evaluate the configurations of your AWS resources. It allows you to track changes to your resources over time, and it can be used to identify compliance issues, security vulnerabilities, and operational problems. However, AWS Config does not provide specific information about VPN connections.