Review account status
The CloudFlow OVERVIEW page enables you to more easily manage many accounts from multiple vendors. Identify the accounts to focus on and then view the relevant pages to investigate the issues.
Access the Overview page
To open the Overview page, click the OVERVIEW icon on the left.
By default, the page opens on the Account summary tab and displays an overview of all accounts that are onboarded to CloudFlow. To learn more about each of the tabs, see Overview page tabs.
Overview page tabs
Browse through the Account summary, Inventory, Assets, and Security controls tabs in combination with the selected entity in the Overview Tree for a targeted view of the managed accounts, the protected assets , and the security controls.
The Account Summary tab displays an overview of all accounts that are onboarded to CloudFlow. You can easily identify the riskiest accounts, understand the virtual network that makes this account risky, and drill down to review the risks you should fix to improve the account status.
You can use the Overview Tree and Account Summary tab search and filter options to specify which accounts to display. Click an account name to drill down into a summary view of the virtual networks in the account. The tab and column names reflect the virtual network type (VNet Summary, VPC Summary).
By default, the most risky accounts / VNets / VPCs are listed first. To sort by a different column, click on that column name.
Column Name | Description |
---|---|
Account / VNet / VPC Name |
Displays the vendor icon (AWS, Azure, Google Cloud) and name of the account / subscription / project. When standing on an individual account, the column name changes based on the virtual network type (VNet Name, VPC Name). |
Account / VNet / VPC ID |
The Account ID is the unique ID generated by the vendor that identifies the account / subscription / project. When standing on an individual account, the column name changes based on the virtual network type (VNet ID, VPC ID). Hover over the icon to see a popup with the Account ID. Tip: To copy the Account ID, hover over the icon. In the popup that appears, click Copy. |
Security policies |
Displays the number of security policies for each account (not including policies on cloud firewalls). Click on the number to view details about the policies on the Network Policies page. |
Cloud firewalls |
Displays the number of Azure firewalls. Click on the number to view details about the policies on the Network Policies page. |
Unused rules |
Displays the number of rules with no traffic logged during the configured inactivity period. Click on the number to view details about the unused rules on the Network Policies page. For details about viewing and managing unused rules see Clean up policies. |
Risky assets |
Displays the number of assets configured with public IPs and which are associated with rules having critical or high risks based on the activated risk profile. Click on the number to open the Assets tab with a detailed view of the specific risky assets. |
Total risk triggers |
Displays the total number of risk triggers and categorizes them into a bar graph using distinct colors for each severity level: █ = Critical █ = High █ = Medium █ = Low Tip: To view detailed information about risks categorized by their specific severity levels, click on the respective colors displayed on the bar graph. Alternatively, to access details regarding all risks, click on the total count. Click on the total number or one of the colors in the bar graph to view the corresponding risks on the Risks page. |
Security rating |
Indicates the network security compliance level of the account. For details on how the security rating is calculated, see Calculating the Security rating. A color-coded bar beneath the rating gives a visual indication of the level of compliance as follows: █ 0-50% █ 51-84% █ 85-100% Note: In a situation where data collection was never completed, N/A is displayed. |
Trend |
Indicates any changes over time in the security rating of the account.
Note: The trend is determined by comparing the current security rating with the rating 30 days prior. If data is unavailable, the rating from the next most recent historical day (e.g., day 29) is used. |
Issues |
If an issue occurred while collecting account data, appears. Hover over the icon to see a tooltip explaining the cause of the issue. Possible issues include the following:
|
Account Summary tab search and filter options
Use the search and filter fields to see a targeted selection of accounts.
Search | Search accounts using partial or whole account names or vendor IDs. |
Cloud type | Filter by vendor type(s) (AWS, Azure, Google Cloud). |
Accounts | Filter by account name(s). |
Risk severity | Filter by risk severity (Critical, High, Medium, Low). |
The Inventory tab displays an overview of the selected Assets and Security Controls.
Inventory resource types
Your CloudFlow inventory is organized into the following resource types:
Assets |
AWS
Azure
Google Cloud
|
Security controls |
Includes the following types of security controls:
|
The Assets tab displays a detailed list of the onboarded assets.
You can use the Overview Tree and Assets tab Search and Filter options to specify which assets to display.
Type | Type of cloud asset (e.g. VM, firewall, subnet). |
Name |
User-defined name of the onboarded asset. Click an asset name to view element details. See View Element Details. |
Element ID |
The Element ID is the unique ID generated by the vendor that identifies the element. Hover over the icon to see a popup with the Element ID. Tip: To copy the Element ID, hover over the icon. In the popup that appears, click Copy. |
Status* |
Displays the state of the machine:
|
Address* |
The public and private IP address of the asset. When the asset has multiple IP addresses hover over the number to see the additional IP addresses. Note for Azure: CloudFlow displays the following:
|
Policy in path* |
Displays one of the following:
|
Risk triggers | The number of risk triggers detected at each severity level associated with this asset. |
Tags | Any key/value definitions assigned to the asset. |
Assets tab Search and Filter options
Use the search and filter fields to see a targeted selection of assets.
Search | Search accounts using partial or whole asset or policy set names. |
Asset type | Filter by asset type(s). |
Network type | Filter assets by its network type (public IP, private IP). |
Risk severity | Filter by risk severity associated with the asset (Critical, High, Medium, Low). |
Show unprotected assets |
Toggle to determine whether to display all assets or only VMs with no protecting policy.
|
The Security controls tab displays a detailed, complete list of the relevant security controls.
-
Click the name of the security control to view element details. See View Element Details.
View Element Details
In the Assets and Security Controls tabs, you can click on the name of the asset or security control to display the Element Details window.
Overview Tree
The Overview Tree lets you drill down to see specific assets of each vendor.
The Overview Tree contains the following entities:
Vendor / Policy Type | Account / Subscription / Project | Virtual Network Type | ||
Icon | Type | Icon | Type | |
AWS | Account | VPC | ||
Azure | Subscription | VNet | ||
Virtual Hub | ||||
Google Cloud | Project | VPC |
â See also: