Global Application Visibility

SecureCloud lets you view the assets of all your cloud accounts as global applications, regardless of vendor account, subnet or vpc, as opposed to the traditional listings of the servers and services in each cloud account. SecureCloud can group your assets into distinct applications that represent a complete business service, such as a web service or SaaS application. This global view lets you see the effective connections to and from your distributed cloud applications across multiple cloud vendors and accounts and shows you how those connections comply with your security policy. The correlation between your organization's business applications and SecureCloud's applications is achieved through tags.

An application in SecureCloud is a logical entity defined by its assets. SecureCloud identifies your applications through the tags you have assigned to your assets. These may be native asset tags defined in your cloud environment, tags inherited from subnets or virtual networks, or custom tags created in the Tag Manager.

For SecureCloud to identify your applications, you need to:

  • Define tags directly on your assets and / or define virtual tags in the Tag Manager.
  • Specify how you want to use tags to identify applications. This is done in Asset Grouping.

In addition to the applications defined in this way by the asset tags, an additional application named Default will contain all the assets that have not been aligned with a specific application.