Review account status

The CloudFlow OVERVIEW page enables you to more easily manage many accounts from multiple vendors. Identify the accounts to focus on and then view the relevant pages to investigate the issues.

Access the Overview page

To open the Overview page, click the OVERVIEW icon on the left.

By default, the page opens on the Account summary tab and displays an overview of all accounts that are onboarded to CloudFlow. To learn more about each of the tabs, see Overview page tabs.

Overview page tabs

Browse through the Account summary, Inventory, Assets, and Security controls tabs in combination with the selected entity in the Overview Tree for a targeted view of the managed accounts, the protected assets , and the security controls.

The Account Summary tab displays an overview of all accounts that are onboarded to CloudFlow. You can easily identify the riskiest accounts, understand the virtual network that makes this account risky, and drill down to review the risks you should fix to improve the account status.

You can use the Overview Tree and Account Summary tab search and filter options to specify which accounts to display. Click an account name to drill down into a summary view of the virtual networks in the account. The tab and column names reflect the virtual network type (VNet Summary, VPC Summary).

By default, the most risky accounts / VNets / VPCs are listed first. To sort by a different column, click on that column name.

Column Name Description

Account / VNet / VPC Name

Displays the vendor icon (AWS, Azure, Google Cloud) and name of the account / subscription / project.

When standing on an individual account, the column name changes based on the virtual network type (VNet Name, VPC Name).

Account / VNet / VPC ID

The Account ID is the unique ID generated by the vendor that identifies the account / subscription / project.

When standing on an individual account, the column name changes based on the virtual network type (VNet ID, VPC ID).

Hover over the icon to see a popup with the Account ID.

Tip: To copy the Account ID, hover over the icon. In the popup that appears, click Copy.

Security policies

Displays the number of security policies for each account (not including policies on cloud firewalls).

Click on the number to view details about the policies on the Network Policies page.

Cloud firewalls

Displays the number of Azure firewalls.

Click on the number to view details about the policies on the Network Policies page.
Unused rules

Displays the number of rules with no traffic logged during the configured inactivity period.

Click on the number to view details about the unused rules on the Network Policies page.

For details about viewing and managing unused rules see Clean up policies.
Risky assets

Displays the number of assets configured with public IPs and which are associated with rules having critical or high risks based on the activated risk profile.

Click on the number to open the Assets tab with a detailed view of the specific risky assets.
Total risk triggers

Displays the total number of risk triggers and categorizes them into a bar graph using distinct colors for each severity level:

= Critical

= High

= Medium

= Low

Tip: To view detailed information about risks categorized by their specific severity levels, click on the respective colors displayed on the bar graph. Alternatively, to access details regarding all risks, click on the total count. Click on the total number or one of the colors in the bar graph to view the corresponding risks on the Risks page.

Security rating

Indicates the network security compliance level of the account. For details on how the security rating is calculated, see Calculating the Security rating.

A color-coded bar beneath the rating gives a visual indication of the level of compliance as follows:

0-50%

51-84%

85-100%

Note: In a situation where data collection was never completed, N/A is displayed.
Trend

Indicates any changes over time in the security rating of the account.

  • The security rating of the account improved during the analyzed period

  • The security rating of the account worsened during the analyzed period

  • No change in the security rating during the analyzed period

  • N/A The trend cannot be calculated (requires at least 2 days of data)

Note: The trend is determined by comparing the current security rating with the rating 30 days prior. If data is unavailable, the rating from the next most recent historical day (e.g., day 29) is used.
Issues

If an issue occurred while collecting account data, appears. Hover over the icon to see a tooltip explaining the cause of the issue.

Possible issues include the following:

  • Log collection issues: Usage information may not have been collected on some rules. As a result, the unused rule column information may not be up to date. The issue only impacts the unused rules of the specific account. To investigate the issue further, see details in Last Used column on the Network Policy page.

  • Failure: A general data collection issue occurred potentially affecting all the data displayed for this account. The information displayed represents the most recent successfully collected data. An administrator can investigate further via the Onboarding page.

  • Internal issue: An analysis issue occurred impacting the risk calculations, security rating, and trends data. The displayed information represents the most recent successfully collected data. Contact support.

Account Summary tab search and filter options

Use the search and filter fields to see a targeted selection of accounts.

Search Search accounts using partial or whole account names or vendor IDs.
Cloud type Filter by vendor type(s) (AWS, Azure, Google Cloud).
Accounts Filter by account name(s).
Risk severity Filter by risk severity (Critical, High, Medium, Low).

The Inventory tab displays an overview of the selected Assets and Security Controls.

Inventory resource types

Your CloudFlow inventory is organized into the following resource types:

Assets

AWS

  • Accounts

  • VPCs

  • Subnets

  • Instances

  • S3 Buckets

Azure

  • Subscriptions

  • VNets

  • Subnets

  • VMs

  • Virtual Hubs

  • Storages

Google Cloud

  • Projects

  • VPC networks

  • Subnets

  • VM Instances

  • Cloud storages

Security controls

Includes the following types of security controls:

  • AWS SGs (Security Groups)
  • Azure
    • Azure NSGs (Network Security Groups)
    • Azure Firewalls (Managed with Policies) and the Azure Firewall Policies
    • Azure Firewall (classic) rule-based
  • Google Cloud Firewall

The Assets tab displays a detailed list of the onboarded assets.

You can use the Overview Tree and Assets tab Search and Filter options to specify which assets to display.

*For AWS Instances, Azure VMs, and Google Cloud VM Instances
Type Type of cloud asset (e.g. VM, firewall, subnet).

Name

User-defined name of the onboarded asset.

Click an asset name to view element details. See View Element Details.

Element ID

The Element ID is the unique ID generated by the vendor that identifies the element. Hover over the icon to see a popup with the Element ID.

Tip: To copy the Element ID, hover over the icon. In the popup that appears, click Copy.

Status*

Displays the state of the machine:

  • Running: VM operating system and applications are actively running.

  • Not running: VM operating system and applications are not running.

Address*

The public and private IP address of the asset.

When the asset has multiple IP addresses hover over the number to see the additional IP addresses.

Note for Azure: CloudFlow displays the following:

  • Primary and Secondary Public IPs:
    • Static
    • Dynamic (when the VM is running)
  • Primary Private IPs:
    • Static
    • Dynamic

Policy in path*

Displays one of the following:

  • For protected assets: When an asset is protected, the column displays the policy sets protecting the asset. Click on a policy set name to view its details. See Network Policies page.

    Tip: AWS and Google Cloud assets have an automatic default security group assigned if none is selected. In this case, Default is shown for the asset.

  • For unprotected assets:

    • When a VM is unprotected, Unknown is displayed.

    • Non-VM assets are not checked for protection and a dash () is always displayed.

Risk triggers The number of risk triggers detected at each severity level associated with this asset.
Tags Any key/value definitions assigned to the asset.

Assets tab Search and Filter options

Use the search and filter fields to see a targeted selection of assets.

Search Search accounts using partial or whole asset or policy set names.
Asset type Filter by asset type(s).
Network type Filter assets by its network type (public IP, private IP).
Risk severity Filter by risk severity associated with the asset (Critical, High, Medium, Low).
Show unprotected assets

Toggle to determine whether to display all assets or only VMs with no protecting policy.

  • Off (default): Display all assets

  • On: Display only unprotected assets

The Security controls tab displays a detailed, complete list of the relevant security controls.

View Element Details

In the Assets and Security Controls tabs, you can click on the name of the asset or security control to display the Element Details window.

Overview Tree

The Overview Tree lets you drill down to see specific assets of each vendor.

The Overview Tree contains the following entities:

Vendor / Policy Type Account / Subscription / Project Virtual Network Type
Icon Type Icon Type
AWS Account VPC
Azure Subscription VNet
Virtual Hub
Google Cloud Project VPC

Overview tree search bar

Use the Overview Tree Search bar to filter the tree and find entries visible in the tree quicker.

Search using partial or whole names of any of the following:

  • Vendors / Policy Types

  • Accounts / Subscriptions / Projects

  • Regions

  • VPCs / VNets / Virtual Hubs

 

â See also: