On this page
Akamai Guardicore
- Dashboard Widgets
-
General (General overview of the system)
-
USP Compliance (The number of rules with violations, according to their severity level)
-
Cleanup (Summary of the number of rules that are disabled, and, from 5.2, rules that have not been hit in the past year or are highly permissive)
- Browsers
-
Rule Viewer (see Rule Viewer)
-
USP Viewer (see USP Viewer)
-
USP Alert Manager Viewer (see USP Alerts Manager)
-
USP Exceptions Viewer (see USP Exceptions)
-
Device Viewer (see Device Viewer)
- (From 5.2) Topology
- Select assets in Path Analysis Query
- Path Analysis
Visibility and search in Rule Viewer
-
In TOS, Guardicore labels display as tags.
-
For rules with tags, the Rule Viewer displays the tag value. Hovering over the tag shows the tag key, the tag value, and, starting from TOS 5.2, the assets associated with the tag.
-
The Rule Viewer supports Guardicore-specific TQL fields.
-
destination.tag, source.tag
-
(from 5.2) source.assetTag and destination.assetTag
These fields require key:value pairs within single quotes.
For example: destination.tag=('application:tufin')
See TQL and TQL fields for Rule Viewer.
-
-
In Rule Viewer, the Last Hit field shows the last hit date that is displayed in the Guardicore device. From Rule Viewer, search timeLastHit to identify unused rules. For details, see TQL queries in the Rule Viewer.
Asset types
Tags apply to workload assets or endpoint assets.
Tag expressions and tag groups
-
A tag expression is a single key-value pair, or multiple comma-separated key-value pairs.
-
A tag group is a set of one or more tag expressions.
-
AND and OR relationships in tag expressions and tag groups
-
Within a tag expression, multiple tags (same line) have an AND relationship, represented in TOSby commas.
-
Multiple tag expressions on different lines have an OR relationship between them.
-
Compliance support for tag-based policies
Adding Guardicore tags to zones allows you to use tag-based zones in Unified Security Policies (USPs). This enables compliance management and validation for Guardicore microsegmentation policies that use Guardicore tags and networks in zone definitions.
See adding tags to zones.
(From 5.2) Topology
-
The Guardicore device is only displayed in the source or destination of the path.
-
The Guardicore device is only displayed (with the allow/block verdict) when the source or destination IP address or host matches an asset managed by Guardicore (in other words, an asset with an installed Agent).
-
Subnets, ranges, and sources/destinations with Any or Internet are never treated as assets. Therefore, if neither the source nor the destination has a specific IP address matching a Guardicore asset, no Guardicore device will appears in the path.
Was this helpful?
Thank you!
We’d love your feedback
We really appreciate your feedback
Send this page to a colleague