Crown Jewels are the most critical assets in your data center. Crown Jewel Analysis in VMware Aria Operations for Networks will provide insights into the reachability of these crucial objects in a security event. It will showcase the number of reachability points and how many dependent entities are vulnerable at the reachability point.
You can add your most critical VMs and physical IPs as Crown Jewels to analyze and view existing flow-related information, relationships between the entities based on flows, the number of entities directly connected to your Crown Jewels, total incoming traffic flow to your Crown Jewels, and more.
Adding Crown Jewels
Click on the Plan & Assess > Crown Jewel Analysis > Add Crown Jewels.
Note: If any Crown Jewels exist in your environment in Aria Operations for Networks, you can add Crown jewels from the Manage Crown Jewels page.
In the Add Crown Jewels page, select VMs or IPs you want to add as Crown jewels.
You can add multiple VMs or IPs as crown jewels using the auto-populated option or the custom VM / IP search.
Note: You can add up to 25 entities as Crown Jewels.
What to do next
Once you have added the Crown Jewels, click on Analyze and select the Scope and Duration for your analysis.
Results
The Crown Jewels Analysis page shows the total connected entities to the crown jewels, reachability score, incoming flows, total incoming traffic, etc. You can toggle between the Topology view or Grid view for better visibility.
Use the Grid view to view in a tabular format.
Search a specific Entity/Object using the search filter and see how far your crown jewels are and possibly how many lateral moves an adversary requires to reach your crown jewels.
Focus on an individual entity to determine how its state affects availability and track flows between entities based on availability points.
Get Entity details that are at a specific reachability score (Ex: Reachability Score 02)
Click the “Generate Report” option to export the Crown Jewels Analysis to a PDF file as a report. It will list all related entities and recommended firewall rules to protect these objects.
Conclusion:
This post should give you a good understanding of how Crown Jewel Analysis can help get richer insights into the reachability of critical assets in a security event. So get your most vital virtual machines, Physical IPs, and other objects secured today in a multi-cloud hybrid infrastructure.
If you’re interested in experiencing the power of VMware Aria Operations for Networks, you can start by visiting VMware Aria Operations for Networks. If you want to try the product before making a purchase, sign up for a free 30-day trial at VMware Aria Operations for Networks Free Trial.