CloudGuard Dome9 Help

Protected Assets


In this section of the CloudGuard Dome9 console, you can see a summary of your cloud inventory for accounts onboarded to Dome9. These assets can include, for example, compute services (such as EC2s), database services (such as RDS, SQL DB, and BigQuery), and more. After onboarding your account, Dome9 fetches information about these assets from the cloud platforms (AWS, Azure, Google) and presents it in a console view. Further, CloudGuard Dome9 monitors the security posture of these assets in the Compliance Engine and, for those that are fully protected by Dome9, actively makes corrections (for example, by applying or changing a Security Group policy, if it was incorrectly configured).

You can filter or search the list according to asset type, region, VPC, and other conditions, for specific ones of interest. You can select an asset in the list, and show more detail. The detail depends on the type of asset, but is typically the security group or firewall policies that are active on the asset. For some assets, you can see flow logs. If your cloud account is managed by CloudGuard Dome9 in full-protection mode, you can also change the network security settings.

You cannot set other details for your assets here; this is done in your cloud account with your cloud platform.

Value to customers

Dome9 presents a single console view of your cloud assets, on all platforms, from which you can search or filter for specific assets of interest, and see details about their security posture.

For some asset types, you can apply Security Group or IAM policies directly from the CloudGuard Dome9 console.

Use-cases

Here are some typical use-cases for the CloudGuard Dome9 Protected Asset console view.

  • find assets matching specific criteria across all accounts and platforms

  • review attributes and status for an asset

  • review and change the security policies for an asset

    export inventory information to files

Actions

See also 

VPC Flow Logs

AWS Security Group Management Considerations

Security Groups

Azure Network Security Groups

Organizational Units

Filtering Views