On This Page
Topology Intelligence
Topology Intelligence lets you use the routing information in your devices to make better decisions about your network's security. For all devices that have topology enabled in the device settings, SecureTrack collects the interface information and routing tables with the policy revisions. SecureTrack updates the network topology once a day.
Topology calculations also include NAT information from supported devices or with the generic NAT model.
SecureTrack uses this information for:
- Interactive Map - SecureTrack builds a dynamic and editable map of your network devices and networks.
- Risk - You can define your risks based on the zone types from the topology map.
- Security Risk Report - You can run the Security Risk report based on the zone types from the topology map.
- Compliance Policies - You can have SecureTrack identify the relevant policies for the compliance criteria automatically.
Also, SecureChange uses topology intelligence to:
- Suggest target devices for access requests
- In Designer, SecureChange calculates the necessary change and shows a picture of the path between the source and destination
- Automatically verify if an Access Request was successfully added
Enabling or Disabling Topology for Devices
Topology intelligence calculations combine the routes for all virtual systems in a device together, and do not treat the virtual devices as separate entities. All supported devices are enabled for topology intelligence data collection by default.
To improve router performance and resolve issues associated with retrieving the networks for devices with many dynamic routes, contact Tufin Support to add or delete specific networks and routes, rather than retrieving the entire network for these devices.
To enable or disable topology data collection for a device:
- Go to Monitoring Devices.
- Select the device and click Edit Configuration.
- Select or clear Enable Topology.
- Complete the Edit Device wizard and click Save.