CloudGuard Dome9 Clarity NG
Clarity Visualization provides graphical representation of the Virtual Network's security posture based on Security Group configurations, Load Balancers, IP ranges and so forth. It maps both the overall security group configuration and the effective policy associated with assigning instances to more than a single security group.
- On the menu click on Clarity.
- Click on the Clarity NG link.
- Clarity home opens. On the home screen select your cloud account
- The cloud region selector will open, indicating the number of assets in each region.
In addition it is also possible to click on CloudFormation to upload a JSON formatted AWS CloudFormation template (see CloudFormation Template Visualization section).
- Select a Region. The Virtual Network map of the region will be presented. The map shows the virtuals networks in the region, as well as the connections (AWS VPC peering / Azure VNet-to-VNet / GCP Direct Peering) between networks (if such connections exist).
- Select a VPC. The assets summary and view selector will show up to the right.
For detailed information on Security Groups view and Effective Policy view see Clarity Views.
- Select either the 'Security group view' or the 'Effective policy view'. The Security group view maps the configuration of security groups including traffic sources and exposure to the internet per Virtual Network. The Effective policy view relates instance membership to this security group configuration. It also provides aggregated (effective) policy display of instances assigned to any given virtual network.
For details on the visualization interactive map see Clarity Visualization.
This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.