Today's enterprise networks are no longer restricted to a few data centers or selected vendors. Migration of applications to public clouds, rapid adoption of SaaS offerings, and an increase in remote users have all contributed to blind spots for administrators. This significantly increases security risks as an enterprise grows due to acquisitions, 3rd party vendor access requests, or multi-cloud configurations.

The Lumeus Topology Engine automatically builds a unified connectivity and access topology of the enterprise infrastructure. The proprietary Transit Graph stitches and provides a unified view across multiple vendors, campus to cloud, multiple AWS accounts or Azure subscriptions etc.

The picture above shows a topology graph built using APIs from the on-prem WAN Gateway and public cloud vendors. Each of the nodes represents resources in the network, and links are built using connectivity or traffic logs. The engine stitches the information from different vendors to derive the links between each entity e.g. stitching using VPN tunnel IP address or source/destination from traffic logs.

Transit graph technology is backed by some of the leading graph databases and can easily scale to millions of nodes. Resources are automatically grouped together based on segments for simplified visualization.

Escalations on each of the resources are displayed on the nodes and aggregated for the segment groups. Users can drill-down to identify individual resources where the issues are detected.

The topology state is updated periodically. The system compares the new state with the old one and automatically takes a backup whenever the network state changes, utilizing DVR-like functionality to review previous network states during troubleshooting.

The engine supports the following types of topologies:

Network Topology

Network Topology provides a connected view of the resources based on the configuration data. Nodes can be devices or cloud resources like AWS Transit Gateway or Virtual Private Networks. Links are created based on the connectivity configuration e.g. VPC/TGW peering links across different AWS accounts or physical connections/Site-Site VPN Tunnels.

It also displays the network and security policies & traffic and usage data for each of the resource entities. Escalations are marked at the resource or segment level.

Application Topology

Application Topology displays the access of applications from each of the devices or WAN/Cloud Gateways. The view is created by stitching traffic or flows log data. Traffic/flows log data are stitched across vendors and network entities to build a unified access topology.

The view helps users understand the application access patterns across the enterprise. It can be used during troubleshooting performance issues to identify and solve security risks.