Discovering and Visualizing Public Cloud Resources
Contents
NetBrain can discover and visualize the public cloud resources on dynamic maps. The following public cloud vendors are currently supported by NetBrain:
Use Flow
The general flow of visualizing and managing a public cloud network in NetBrain Workstation is as follows:
1.Discovering and Benchmarking Public Cloud Resources
2.Understanding Public Cloud Network Tree
oUnderstanding AWS Network Tree
oUnderstanding Azure Network Tree
3.Calculating Paths Across Hybrid Cloud
4.Building Data View Template to View More Public Cloud Data
5.Using Runbook Automation for Public Cloud
Visualizing AWS Resources
The AWS support mainly focuses on the networking objects and the pertaining objects. The following is a complete list of all supported networking objects:
Objects |
Supported Technology Details |
Map |
Topology |
Path |
VPC |
•Security Group •Network ACL •ENI Interface details per VPC •VPC Sharing across Multiple Accounts •VPC Route Table •Ingress Routing |
Yes |
Yes |
Yes |
VPC Peering |
•VPC Peering within Same Accounts •Cross Account VPC Peering |
Yes |
Yes |
Yes |
Internet Gateway |
•Private to Public IP Mapping Table |
Yes |
Yes |
Yes |
Virtual Private Gateway |
•Virtual Route Table (based on NetBrain's unique algorithm) •Cloudhub function •Site-2-Site VPN details |
Yes |
Yes |
Yes |
ELB (ALB/NLB) |
•Target Group oIP/Instance as targets •Listener Table |
Yes |
Yes |
Yes |
NAT Gateway |
•ENI interfaces provisioned for VPCs |
Yes |
Yes |
Yes |
AWS Direct Connect ( DX Router Support) |
•Virtual Route Table for DX Router •Virtual Interfaces details oPrivate virtual interface oTransit virtual interface •Traffic engineering (As Path prepend, local preference for BPG community). •DX Connection details •LAG details |
Yes |
Yes |
Yes |
Direct Connect Gateway |
•Virtual Route Table •Allowed Prefix for VGW/TGW •Cross Account association to VGW/TGW |
Yes |
Yes |
Yes |
Transit Gateway |
•Transit Gateway attachments •Transit Gateway route tables •Transit Gateway associations •Transit Gateway propagation •Transit Gateway peering •ENI interfaces provisioned for VPCs •Transit Gateway sharing for VPC attachments |
Yes |
Yes |
Yes |
EC2 Instance |
•EC2 Data Details •Network Interface Details •Security Groups |
Yes |
Yes |
Yes |
Network Virtual Appliances (ASAv, CSR1000v, Vedge etc.) |
•Relationship to EC2 hosts •EC2 details |
Yes |
Yes |
Yes |
VPC Endpoint (Gateway Endpoint) |
|
Yes |
||
VPC Endpoint (Interface Endpoint) - Private Link |
•ENI interfaces provisioned for VPCs |
Yes |
||
Visualizing Azure Resources
The Azure support mainly focuses on the networking objects and the pertaining objects. The following is a complete list of all supported networking objects:
Objects |
Supported Technology Details |
Map |
Topology |
Path |
Unsupported Features |
Virtual Machine (VM) |
•VNIC Interface details •VM Device details •Network Security Group (Interface Level) |
Yes |
Yes |
Yes |
|
Virtual Network (VNet) |
•Network Security Group (Subnet Level) •Application Security Group •Across Multiple Accounts •Across Multiple subscription •User Defined Route Table(UDR) •VNet Peering Table •VNIC Effective Route Table •Virtual Route Table (based on NetBrain's algorithm) |
Yes |
Yes |
Yes |
|
VNet Peering |
•VNet Peering within the same subscription •VNet Peering across Multiple subscriptions •VNet Peering within the same Account/Tenant •VNet Peering across Multiple Account/Tenant |
Yes |
Yes |
Yes |
|
Virtual Network Gateway (VPN/ExpressRoute Gatway) |
•VPN/ExpressRoute Gateway device details •Virtual Route Table (based on NetBrain's algorithm) |
Yes |
Yes |
Yes |
|
Azure Load Balancer (Public) |
•Device details •Inbound NAT Rules Table •Load Balancing Rule Table •Outbound Rules Table •Virtual Route Table (based on NetBrain's algorithm) |
Yes |
Yes |
Yes |
|
Azure Load Balancer (Internal) |
•Device details •Inbound NAT Rules Table •Load Balancing Rule Table •Virtual Route Table (based on NetBrain's algorithm) |
Yes |
Yes |
Yes |
|
NAT Gateway |
•Device details •NAT Table •Virtual Route Table (based on NetBrain's algorithm) |
Yes |
Yes |
Yes |
|
Azure Firewall |
•Device details •Network Rule Collection Table •DNAT Rule Collection Table •Application Rule Collection Table •Virtual Route Table (based on NetBrain's algorithm) |
Yes |
Yes |
Yes |
|
Application Gateway |
•Device details •Listener Table •Rules Talbe •Http Setting Table •Virtual Route Table (based on NetBrain's algorithm) |
Yes |
Yes |
NO |
•OSI Layer 7 Path (URL/Http/Https) |
Network Virtual Appliances (ASAv, CSR1000v, Vedge etc.) |
•Relationship to Virtual Machine host •Virtual Machine details |
Yes |
Yes |
Yes |
|
Internet Cloud |
•Device details |
Yes |
Yes |
Yes |
•NCT route table •Path Originated from Internet |
MPLS Cloud |
•Device details •Virtual Route Table (based on NetBrain's algorithm) |
Yes |
Yes |
Yes |
|
Private link |
|
No |
No |
No |
|
Public Service |
|
No |
No |
No |
|