Layer 2

Traditionally, layer 2 security is the first level of defense we have from rogue devices within our on-premise local area network. In the cloud, this would be replaced by AWS Config. AWS Config allows us to detect any changes (creation of instances and network interfaces) that could be connected to the VPC. An alert can be sent out that would act in the same fashion as an alert from a network switch that detected a device connection. AWS Config can also be integrated with Lambda, and in cases where strict compliance is required, Lambda can automatically detach and isolate these unauthorized resources so that an incident response team can investigate.