AWS Network Analyzer

Analyzer: AWS Network

The AWS Network Analyzer provides a detailed understanding of your networking infrastructure, including Virtual Private Clouds (VPCs), Route 53, VPNs, and more. This Analyzer is indispensable for IT Operations (IT Ops) and Security Operations (Sec Ops) engineers, offering actionable insights to enhance operational efficiency, maintain security, and ensure compliance.

From a security perspective, it helps identify misconfigurations such as overly permissive security groups, untagged resources, or risky access control lists (ACLs). From a compliance standpoint, the analyzer ensures that network configurations adhere to organizational policies and regulatory standards, such as tagging requirements and encryption policies. In terms of operational observability, it monitors networking components, highlights anomalies, and helps optimize configurations for better resource allocation and performance.

Sightline: VPCs

The VPCs sightline provides insights into Virtual Private Clouds, helping engineers ensure proper segmentation, access control, and efficient resource allocation. This sightline enables the identification of misconfigurations, such as missing subnets or improper naming conventions, which can lead to security and operational inefficiencies.

Widgets:

• All VPCs

• VPCs without private subnet

• VPCs without public subnet

• VPCs without Name

• Default vs Non-default VPCs

Sightline: Subnets

The Subnets sightline focuses on providing visibility into subnet configurations and their compliance with best practices. Engineers can identify subnets with risky network ACLs or missing metadata, ensuring both security and operational clarity.

Widgets:

• All Subnets

• Public Subnets with risky NACLs

• Private Subnets with risky NACLs

• Subnets without Name

• Subnets without Tags

• Default Subnet Distribution

• Public and Private Subnet

Sightline: Route Tables

The Route Tables sightline offers detailed insights into routing configurations, helping IT Ops and Sec Ops engineers ensure proper connectivity and avoid orphaned or untagged resources. This sightline is crucial for maintaining efficient and secure network routing.

Widgets:

• All Route Tables

• All Route Tables with Resources

• All Route Tables without any resources

• All Route Tables without Name

• All Route Tables without Tags

• Number of Route Tables per VPC

Sightline: Elastic Load Balancers

The Elastic Load Balancers sightline helps monitor load balancer configurations and associated events to ensure reliability and security in handling network traffic.

Widgets:

• All Elastic Load Balancers

• All Elastic Load Balancers without Name

• All Elastic Load Balancers without Tags

• Elastic Load Balancer Distribution

• Load Balancers Events

Sightline: Route53 Domains

The Route53 Domains sightline gives visibility into your DNS configurations to ensure accurate and secure domain management.

Widgets:

• Route53 Domains Count

• Route53 Domains Names

Sightline: Route53 A Records

The Route53 A Records sightline focuses on DNS record configurations, ensuring they align with best practices for security and observability.

Widgets:

• Route53 Type Record Names

• Route53 A Records

Sightline: API Gateway

The API Gateway sightline tracks REST and HTTP APIs, helping engineers monitor tagging, access patterns, and related events for compliance and efficiency.

Widgets:

• Rest APIs Count

• HTTP APIs Count

• Rest APIs without Tags

• HTTP APIs without Tags

• RestAPIsEventChart

Sightline: Cloudfront

The Cloudfront sightline provides insights into content delivery configurations and events, ensuring secure and efficient operations.

Widgets:

• Cloudfront Distributions

• Events for CloudFront

Sightline: ACL

The ACL sightline focuses on Access Control Lists, ensuring rules align with organizational policies and secure network traffic.

Widgets:

• ACLs

• Number of ACLs per VPC

Sightline: NAT Gateways

The NAT Gateways sightline monitors gateway configurations and traffic flow, helping optimize costs and track resource usage.

Widgets:

• NAT Gateways

• Total Bytes Transferred

• Number of NAT Gateways per VPC

Sightline: Security Groups

The Security Groups sightline provides critical insights into security group configurations, ensuring proper access controls and minimizing risks.

Widgets:

• All Security Groups

• Security Groups without any associated resources

• Security Groups that allow inbound access

• Security Groups that allow inbound access on non-standard ports (22, 80, 443)

• Security Groups without Tags

• Number of Security Groups per VPC

Alerts

VPCs that do not have a private subnet

This alert highlights VPCs without private subnets, which could expose resources to the public network. From a security standpoint, it mitigates risks by ensuring sensitive data is not inadvertently exposed.

VPCs that do not have a public subnet

This alert identifies VPCs without public subnets, potentially affecting external integrations. For IT Ops, it helps address connectivity issues that may impact operational workflows.

Security Groups that do not have an associated EC2 instance

This alert detects orphaned security groups, ensuring better resource hygiene and reducing the attack surface. For IT Ops, it minimizes configuration sprawl.

Security Groups that allow public access on non-standard ports (22, 80, 443)

This alert flags overly permissive security groups, protecting against unauthorized access. It is critical for Sec Ops to enforce secure access controls.

Non-default VPCs without any associated resources

This alert identifies unused VPCs, allowing IT Ops to optimize resource allocation and reduce costs.

Security Groups without any associated resources

This alert detects unused security groups, helping Sec Ops reduce potential vulnerabilities and improve network hygiene.