Configuration Explorer

CloudGuard Configuration Explorer gives graphical visualizations of the network security of your cloud environment. It shows the hierarchy and structure and your cloud assets and their interconnectivity. These views are arranged to show the level of exposure to the external world. From this, you can identify assets that are misconfigured in the network, or overly exposed. In addition, you can drill down from these views to see details in CloudGuard for the Security Groups or assets and make corrections directly in CloudGuard.

You can use Configuration Explorer to analyze your cloud network for toxic combinations, such as access to sensitive components from the Internet. Or you can troubleshoot it for connectivity issues such as blocked paths to components.

Benefits

  • Logical visualization of inbound traffic to your VPC and its components, and the cloud perimeter

  • Visualize complex networks (for example, with many instances, cross-VPC, cross-region)

  • Easily identify toxic combinations, blocked paths

  • Agent-less & automated information gathering from Cloud environments

  • Automatically classifies protected cloud assets based on the level of exposure to the outer world

  • Real-time topology map of security groups, and the interrelationships between security policies

  • Visualization of traffic flow and dropped traffic between cloud assets - security groups, instances, etc.

  • Real-time topology view of cloud assets

  • Visibility into the interplay between security policies for multi-tier applications and the effective security posture in a cloud environment

  • Similar cross-cloud security visualization experience

  • Contextual VPC Flow Logs

  • Visualize virtual networks connectivity

Configuration Explorer Views

Configuration Explorer offers different views of your Security Groups, each highlighting different aspects of the Security Groups.

The following sections tell how to select and then visualize a cloud environment in Configuration Explorer, how to use the different views, and the actions you can do to see more information.

Security Group View

This view shows the relationship between the Security Groups in your network. They are grouped logically based on exposure to the Internet. Their interconnections are shown.

The steps below tell how to select a network and open this view, and then how to navigate and use the view.

Asset View

This view shows your cloud assets, such as instances and database servers, and the connections between them. Each node in this view shows an asset. They are grouped logically based on their exposure to the internet. Their interconnections are shown.

This view is available for all cloud providers.

Effective Policy Grouping

The Effective Policy grouping in the Asset view groups nodes (assets) together if they are affected by the same security groups.

The pane on the right shows the grouped assets.

Show Peered VPCs

You can see assets in peered VPCs in the Asset View. Move the Peer VPC switch at the top of the graph, to enable this.

Navigation and Controls

You can use the following controls from the menu bar to change the Security Group or Asset views.

Button

Description

Zoom the view in or out.

Expand or close groups in the view (based on the selected grouping).

Group external sources or Security Groups based on the selected parameter (affects the same assets).

Search for elements by name. While you enter text in the text box, the elements with the name that match the text show from the list below the text box. In addition, same elements become highlighted in the visualization map. When you select an element in the search list, the same element is selected it in the map.