Skip to main content

Network Discovery

The Network Discovery page in the NetFoundry zLAN Console provides a powerful interface for exploring observed network flows and traffic patterns across your firewalls. This guide explains how to use the search and filter features, switch between different views, and quickly create firewall rules based on discovered traffic.

Viewing Network Flows

When you open the Network Discovery page, you'll see a table (grid view) listing all observed network flows. Each row represents a unique flow.

Network Discovery Grid View

Searching and Filtering

At the top of the page, you can use the search and filter fields to quickly find specific network flows. You can filter by any of the columns:

  • SourceFirewall: Filter by firewall name
  • SourceInterface: Filter by interface name (e.g., eth0)
  • SourceAddr: Filter by source IP or subnet
  • DestinationAddr: Filter by destination IP or subnet
  • DestinationPort: Filter by port number (single or range)
  • Protocol: Filter by protocol (TCP, UDP)

Combine multiple filters to narrow down results and identify relevant traffic for analysis or rule creation.

Switching Views: Grid and Roll-Up

By default, the Network Discovery page shows the Grid View, listing each flow individually. To see a summarized view, click the View icon (usually at the top right of the table). This switches to the Roll-Up View, which groups flows by firwall(SourceIp or DestinationIP), making it easier to spot patterns and high-level trends.

NetworkDiscoveryViewIcon

You can switch back to the Grid View at any time by clicking the icon again.

Creating Firewall Rules from Discovered Flows

To quickly create a firewall rule based on a discovered flow, click the NetworkDiscoveryCreateRule icon next to the flow you want to allow or block. This opens the rule creation dialog, pre-filled with the details from the selected flow (source, destination, port, protocol, etc.).

You can adjust the rule as needed, set the action (allow or block), and save it. The new rule will immediately appear in your firewall's rule set.

For more information on managing firewall rules, see the Adding & Removing Rules

NetworkDiscoveryCreate

Best Practices

  • Use the search and filter tools to identify unknown or unwanted traffic.
  • Use the Roll-Up View to spot trends and repeated patterns.
  • Create rules directly from observed flows to quickly secure your network.