For Azure environments, there is a single view, which shows the Network Security Groups.
- In Clarity, select one of your Azure accounts from the pane on the left. The main pane will show the networks in this account and, for each, the number of assets in it.
- Select one of the networks. The pain on the right will show details for the network, including a summary of the asset types in it.
- Click VIEW GRAPH. The main pane will show a Security Group view of the network (similar to the Security Group view for AWS networks). In this view, instances are grouped together in order to make large environments more readable. Grouping is done for instances that share an effective network (have the same inbound traffic), and share similar names.
This view shows the following:
Each Security Group is shown as a block. The number in the upper right corner (if present) is the number of assets the Security Group affects, and the icon indicates the type of asset. The names of security groups are contracted, with special characters and numerals removed, so qa-webapp1 is shown as qawebapp (and groups qa-webapp1 and qa-webapp2 are grouped in the same block).
The view is divided into logical zones, indicating the level of exposure to the outside world, from the External Zone (red, at left), the most exposed, to the Internal Zone (green, at right), the least exposed. Security Group blocks are located in the view according to their level of exposure.
Sources are indicated as yellow blocks, with an IP address. These are typically in the External Zone (external sources) and in the Internal Zone (instances).
Lines between sources and Security Groups indicate that the address is controlled by the Security Group, that is, that a rule in the Security Group affects the address.
- Click LEGEND (lower right) to show a legend for the different symbols for each asset type.
- Click on a Security Group. The Sources affected by the Security Group are highlighted , and the connecting lines are highlighted in orange. These are the permitted traffic flows.
The pane on the right shows details for the Security Group. The top of the pane shows the zone in which the Security Group is grouped is shown. In the example above, this is the Effectively Internal zone. Below this are details for the Security Group (they can each be expanded). Below this, the cloud assets affected by the Security Group are shown (instances, functions, etc, according to the entity types for the specific cloud provider). These are color-coded according to the level of exposure. Expand them to show more detail, or click to show more detail for the asset, in the Protected Assets page.
Below this, are the Inbound and Outbound rules for the Security Group. Expand to show the IP addresses for the rule. For Inbound rules, click to highlight the Source block.
- Click on a Source block. The source block is highlighted in the view, and the Security Groups that affect this source are highlighted.