Introduction

In the previous article, we introduced the visualization function of generated communications by Illumio Core products. By simply installing VEN in each workload, generated communications are automatically visualized, allowing for a simple and intuitive understanding of the communication situation. In addition, Illumio Core products have various setting functions to further improve readability. These settings can be added as appropriate while checking communication information on a map display, etc.

In this article, we will introduce the label settings, unmanaged workload settings, and IP list settings to improve readability, as well as an overview of each setting and how the settings affect the visualization results.

Label Settings

Each workload has various additional information such as the installation environment, location, usage, etc. Illumio makes it easy to identify each workload by attaching this information to the workload as a label. This label information is used for group display when visualizing communication and for communication control policies.

Illumio provides four default label types, and you can also define custom ones.

• Environment: Workload installation environment (e.g. production environment, validation environment)
• Location: Where the workload is installed (e.g. Headquarters, XX Data Center, XX Factory, AWS)
• Application: Application type (e.g. HR, Finance, Sales Management)
• Role: The role of the workload in the system/application (e.g. web server, DB server, file server)
• Custom: Add up to 16 label types of your choice (e.g. OS, business impact)

The following is an example of a map display for a workload environment with approximately 100 devices. By displaying groups with specified labels, you can get a simpler overall picture of the communications that have occurred. You can also display hierarchically by specifying multiple labels as group conditions.

Additionally, filtering by specifying labels allows you to narrow down your search to focus on specific environments or systems.

Unmanaged Workload Settings

For communications with hosts that do not have VEN installed, only IP address information is displayed. If you want to identify communication targets on a host-by-host basis, use the Unmanaged Workload setting.

In the Unmanaged Workload setting, a host name is assigned to any IP address. Settings can be added at any time on the same screen while checking communication information, or multiple settings can be registered at once. With the Unmanaged Workload setting, even hosts that do not have VEN installed can be clearly identified as communication targets.

A workload with VEN installed is called a Managed Workload. The main differences between the two are as follows: Unmanaged Workloads can be assigned labels just like Managed Workloads, and can also be used as conditions for communication control rules. For more details, see the Communication Control article.

IP List Settings

If you want to identify communications with hosts that do not have VEN installed by network segment, use the IP List setting. In the IP List setting, you assign a name to any network segment. The IP List setting makes it possible to clarify which network segment the communications are with.

IP Lists can also be used as conditions for communication control rules. For more information, see the Communication Control article.

in conclusion

In this article, we introduced the features that improve the readability of communication occurrence status in the communication visualization of Illumio Core products. We hope that you understand that by utilizing each feature, it becomes easier to understand the communication occurrence status.
In the next article, we will show you how to proceed with and configure communication control.

If you would like to learn more about the visualization capabilities of Illumio Core products or request a demo, please contact us.