From 5bdee20eb2cf3d4207181850c636e9a02b500bae Mon Sep 17 00:00:00 2001 From: Joe Amendolara Date: Thu, 12 Dec 2024 09:50:46 +0100 Subject: [PATCH 1/2] update for pro --- ace_pro/docs/lab5.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/ace_pro/docs/lab5.md b/ace_pro/docs/lab5.md index 7b36350f..2f952fa0 100644 --- a/ace_pro/docs/lab5.md +++ b/ace_pro/docs/lab5.md @@ -198,8 +198,8 @@ Begin ``` After having enabled the DCF, two Rules will get generated, automatically: -- `Greendfield-Rule` -- `DefaultDenyAll` = EXPLICIT DENY +- `Greendfield-Rule` = ALLOW EVERYTHING +- `DefaultDenyAll` = it's an EXPLICIT deny The first rule essentially allows all kind of traffic. @@ -452,7 +452,7 @@ The purpose of this **WebGroup** is to authorize traffic only towards both the D ``` ## 6. Edit the Egress-Rule -### 6.1 Create a new rule +### 6.1 Apply a change on an existing rule Go to **CoPilot > Security > Distributed Cloud Firewall > Rules**, click on the **pencil** button on the right-hand side of the `Egress-Rule`. @@ -477,8 +477,8 @@ Commit the changes ``` ```{important} -- **Anywhere (0.0.0.0/0)** = Default Route -- **Publlic Internet** = NON-RFC1918 routes +- **Anywhere (0.0.0.0/0)** = Represents all CIDR ranges or IP addresses. +- **Publlic Internet** = Represents non-RFC 1918 IP ranges, or the public Internet ``` Now you have effectively activated the **ZTNA** approach. @@ -495,7 +495,7 @@ align: center ZTNA ``` -### 6.1.1 Test the new rule +### 6.1.1 Test the modified rule Go to **CoPilot > Security > Egress > Monitor** and select the **_Live View_** from the `"Time Period"` field, then select the **_aws-us-east-2-spoke1_** VPC from the `"VPC/VNets"` drop-down window. From 02c4f8847ccd24c14fdd46460b333515b13bdad1 Mon Sep 17 00:00:00 2001 From: GitHub Actions Bot <> Date: Thu, 12 Dec 2024 08:53:04 +0000 Subject: [PATCH 2/2] auto build from GitHub Actions --- docs/ace-pro/_sources/docs/lab5.md | 12 +- docs/ace-pro/docs/lab5.html | 232 ++++++++++++++--------------- docs/ace-pro/searchindex.js | 2 +- 3 files changed, 123 insertions(+), 123 deletions(-) diff --git a/docs/ace-pro/_sources/docs/lab5.md b/docs/ace-pro/_sources/docs/lab5.md index 7b36350f..2f952fa0 100644 --- a/docs/ace-pro/_sources/docs/lab5.md +++ b/docs/ace-pro/_sources/docs/lab5.md @@ -198,8 +198,8 @@ Begin ``` After having enabled the DCF, two Rules will get generated, automatically: -- `Greendfield-Rule` -- `DefaultDenyAll` = EXPLICIT DENY +- `Greendfield-Rule` = ALLOW EVERYTHING +- `DefaultDenyAll` = it's an EXPLICIT deny The first rule essentially allows all kind of traffic. @@ -452,7 +452,7 @@ The purpose of this **WebGroup** is to authorize traffic only towards both the D ``` ## 6. Edit the Egress-Rule -### 6.1 Create a new rule +### 6.1 Apply a change on an existing rule Go to **CoPilot > Security > Distributed Cloud Firewall > Rules**, click on the **pencil** button on the right-hand side of the `Egress-Rule`. @@ -477,8 +477,8 @@ Commit the changes ``` ```{important} -- **Anywhere (0.0.0.0/0)** = Default Route -- **Publlic Internet** = NON-RFC1918 routes +- **Anywhere (0.0.0.0/0)** = Represents all CIDR ranges or IP addresses. +- **Publlic Internet** = Represents non-RFC 1918 IP ranges, or the public Internet ``` Now you have effectively activated the **ZTNA** approach. @@ -495,7 +495,7 @@ align: center ZTNA ``` -### 6.1.1 Test the new rule +### 6.1.1 Test the modified rule Go to **CoPilot > Security > Egress > Monitor** and select the **_Live View_** from the `"Time Period"` field, then select the **_aws-us-east-2-spoke1_** VPC from the `"VPC/VNets"` drop-down window. diff --git a/docs/ace-pro/docs/lab5.html b/docs/ace-pro/docs/lab5.html index 7f3a4363..91ba66da 100644 --- a/docs/ace-pro/docs/lab5.html +++ b/docs/ace-pro/docs/lab5.html @@ -344,12 +344,12 @@

Contents

  • 6. Edit the Egress-Rule
  • 7. IDS @@ -374,10 +374,10 @@

    1. Objective

    2. Topology#

    Let’s pinpoint the right candidate VPC where would be possible to enable the Egress Control.

    -
    +
    ../_images/lab6-initialtopology.png
    -

    Fig. 147 Lab 6 Initial Topology#

    +

    Fig. 147 Lab 6 Initial Topology#

    The VPC aws-us-east-2-spoke1 has a private subnet in its environment, whereby the Egress Control can be activated in this specific VPC.

    @@ -388,16 +388,16 @@

    2. TopologyTip

    Go to CoPilot > Cloud Fabric > Gateways > Spoke Gateways and select the aws-us-east-2-spoke1 GW, then click on the VPC/VNet Route Tables tab, then select any of the Private RTBs from the Route Table field.

    -
    +
    ../_images/lab6-spokegw.png
    -

    Fig. 148 Select the Spoke GW in US-EAST-2#

    +

    Fig. 148 Select the Spoke GW in US-EAST-2#

    -
    +
    ../_images/lab6-vpc.png
    -

    Fig. 149 Check the private RTB#

    +

    Fig. 149 Check the private RTB#

    You will notice that any private RTBs has its own CIDR pointing to local and the three RFC1918 routes pointing to the Aviatrix Spoke Gateway.

    @@ -408,19 +408,19 @@

    3. SSH to the EC2 instance in the Private Subnet

  • SSH to the aws-us-east-2-spoke1-test1 instance from your laptop. Refer to your POD portal or alternatively, you can retrieve the Public IP from the CoPilot’s Topology.

    • -
    +
    ../_images/lab6-publicip.png
    -

    Fig. 150 SSH to aws-us-east-2-spoke1-test1#

    +

    Fig. 150 SSH to aws-us-east-2-spoke1-test1#

    • Then from the aws-us-east-2-spoke1-test1 instance SSH to the aws-us-east-2-spoke1-test2 instance.

    -
    +
    ../_images/lab6-ssh.png
    -

    Fig. 151 From test1 to test2#

    +

    Fig. 151 From test1 to test2#

    @@ -431,10 +431,10 @@

    3. SSH to the EC2 instance in the Private SubnetTip

    Retrieve the Private IP of the aws-us-east-2-spoke1-test2 from the Topology

    -
    +
    ../_images/lab6-retrieve.png
    -

    Fig. 152 Retrieve the private IP#

    +

    Fig. 152 Retrieve the private IP#

    @@ -447,16 +447,16 @@

    4.1 Enable the Egress ControlNote

    Go to CoPilot > Security > Egress > Egress VPC/VNets and click on "Enable Local Egress on VPC/VNets", then select the aws-us-east-2-spoke1 VPC and click on Add.

    -
    +
    ../_images/lab6-egress.png
    -

    Fig. 153 Enable Local Egress#

    +

    Fig. 153 Enable Local Egress#

    -
    +
    ../_images/lab6-vpcegress.png
    -

    Fig. 154 Choose the correct VPC#

    +

    Fig. 154 Choose the correct VPC#

    @@ -475,10 +475,10 @@

    4.2 Inspect the Private RTBTip

    Go to CoPilot > Cloud Fabric > Gateways > Spoke Gateways and select the aws-us-east-2-spoke1 GW, then click on the VPC/VNet Route Tables tab, then select any Private RTBs from the Route Table field.

    -
    +
    ../_images/lab6-defaultroute.png
    -

    Fig. 155 Default route has been injected#

    +

    Fig. 155 Default route has been injected#

    @@ -501,18 +501,18 @@

    4.3 Generate Traffic
    curl www.football.com

    -
    +
    ../_images/lab6-generatetraffic.png
    -

    Fig. 156 Generate traffic#

    +

    Fig. 156 Generate traffic#

    Let’s now check whether the Spoke Gateway could gather NetFlow data after generating the aforementioned curl commands, or not.

    Go to CoPilot > Security > Egress > Overview (default)

    -
    +
    ../_images/lab6-nodatafound.png
    -

    Fig. 157 No Data Found#

    +

    Fig. 157 No Data Found#

    You will notice the Message "No Data Found". You have successfully activated your egress control without disrupting anything that is sitting on the private subnet, nevertheless, if you want to get the NetFlow information, you need to apply a Distributed Cloud Firewall RULE, such that you can start evaluate the behaviour of the Private Subnet and get a good understanding of what domains have been reached out from the private subnet.

    @@ -527,76 +527,76 @@

    4.4 Enable DCF"Enable Distributed Cloud Firewall". Afterwards click on "Begin using Distributed Cloud Firewall", then click on "Begin".

    -
    +
    ../_images/lab6-activate.png
    -

    Fig. 158 Enable Distributed Cloud Firewall#

    +

    Fig. 158 Enable Distributed Cloud Firewall#

    -
    +
    ../_images/lab6-newjoe.png
    -

    Fig. 159 Begin using Distributed Cloud Firewall#

    +

    Fig. 159 Begin using Distributed Cloud Firewall#

    -
    +
    ../_images/lab6-newjoe2.png
    -

    Fig. 160 Begin#

    +

    Fig. 160 Begin#

    After having enabled the DCF, two Rules will get generated, automatically:

      -

    • Greendfield-Rule

      • -

    • DefaultDenyAll = EXPLICIT DENY

      • +

    • Greendfield-Rule = ALLOW EVERYTHING

      • +

    • DefaultDenyAll = it’s an EXPLICIT deny

    The first rule essentially allows all kind of traffic.

    -
    +
    ../_images/lab6-greenfield.png
    -

    Fig. 161 Automatic rules injected by the Controller#

    +

    Fig. 161 Automatic rules injected by the Controller#

    4.4.1 Identify the subnet where the private workload resides#

    First and foremost, you have to identify the public subnet where the aws-us-east-2-spoke1-test2 instance resides.

    -
    +
    ../_images/lab6-greenfieldneww.png
    -

    Fig. 162 Private Subnet#

    +

    Fig. 162 Private Subnet#

    Go to CoPilot > Cloud Resources > Cloud Assets > Virtual Machines and search for the aws-us-east-2-spoke1-test2 instance on the search field on the right-hand side.

    From the outcom you have to pinpoint the Availability Zone.

    -
    +
    ../_images/lab6-greenfieldneww2.png
    -

    Fig. 163 AZ#

    +

    Fig. 163 AZ#

    Now that you know in what Availability Zone the private workload resides, you need to select the VPC/VNets & Subnets TAB and filter out based on the aws-us-east-2-spoke1 VPC.

    Identify the Private Subnet that belongs to the us-east-2a AZ and copy the corresponding IP Address CIDR value!

    -
    +
    ../_images/lab6-greenfieldneww3.png
    -

    Fig. 164 Private Subnet#

    +

    Fig. 164 Private Subnet#

    4.4.2 Create an Ad-Hoc SmartGroup#

    Go to CoPilot > Groups and click on the "+ SmartGroup" button.

    -
    +
    ../_images/lab6-newsg.png
    -

    Fig. 165 SmartGroup#

    +

    Fig. 165 SmartGroup#

    Afterwards, click on the arrow icon inside the "+ Resource Type" button and select "IP / CIDRs".

    -
    +
    ../_images/lab6-greenfieldneww4.png
    -

    Fig. 166 Private Subnet#

    +

    Fig. 166 Private Subnet#

    Ensure these parameters are entered in the pop-up window "Create SmartGroup":

    @@ -605,20 +605,20 @@

    4.4.2 Create an Ad-Hoc SmartGroup"Virtual Machines" additional condition.

    -
    +
    ../_images/lab6-greenfieldneww45.png
    -

    Fig. 167 New SG#

    +

    Fig. 167 New SG#

    4.4.3 Create a new Rule#

    Go to CoPilot > Security > Distributed Cloud Firewall > Rules (default tab) and create a new rule clicking on the "+ Rule" button.

    -
    +
    ../_images/lab6-newrule10.png
    -

    Fig. 168 New Rule#

    +

    Fig. 168 New Rule#

    Insert the following parameters

    @@ -633,10 +633,10 @@

    4.4.3 Create a new Rule

    Action: Permit

    • Do not forget to click on Save In Drafts.

    -
    +
    ../_images/lab6-new.png
    -

    Fig. 169 Saving the new Rule#

    +

    Fig. 169 Saving the new Rule#

    Click on the Commit button and the rule previously created will work in watch/test mode due to the fact that the enforcement was turn off.

    @@ -644,10 +644,10 @@

    4.4.3 Create a new RuleImportant

    If the Enforcement slider is On (the default), the rule is enforced in the data plane. If the Enforcement slider is Off, the packets are only watched. This allows you to observe if the traffic impacted by this rule causes any inadvertent issues (such as traffic being dropped).

    -
    +
    ../_images/lab6-newrule11.png
    -

    Fig. 170 Egress-Rule#

    +

    Fig. 170 Egress-Rule#

    Now delete the Greenfield-Rule:

    @@ -659,16 +659,16 @@

    4.4.3 Create a new RuleCaution

    The deletion of the Greenfield-Rule will also cause the deletion of the DefaultDenyAll, because the Egress-Rule was not enforced on the data path, which in turn means that there will be an Invisible Deny Rule installed on the bottom.

    -
    +
    ../_images/lab6-newruledelete.png
    -

    Fig. 171 Deletion of the Greenfield-Rule#

    +

    Fig. 171 Deletion of the Greenfield-Rule#

    -
    +
    ../_images/lab6-newruledeleted.png
    -

    Fig. 172 Egress-Rule solely#

    +

    Fig. 172 Egress-Rule solely#

      @@ -687,35 +687,35 @@

      4.4.3 Create a new Rule

      Go to CoPilot > Security > Distributed Cloud Firewall > Monitor and you will see the corresponding logs.

      -
      +
      ../_images/lab6-monitorpermit.png
      -

      Fig. 173 Monitor#

      +

      Fig. 173 Monitor#

      Important

      However, on the SSH client, you will NOT see any outputs, this is because the Rule was not enforced in the Data Path, therefore the traffic is dropped.

      -
      +
      ../_images/lab6-monitorpermit22.png
      -

      Fig. 174 SSH client output#

      +

      Fig. 174 SSH client output#

      Go to CoPilot > Security > Egress > Overview (default)

      Now you have finally the egress observability with a full list of domains hit by the EC2 instance inside that private subnet.

      -
      +
      ../_images/lab6-newrul12.png
      -

      Fig. 175 Overview#

      +

      Fig. 175 Overview#

      Furthermore, go to CoPilot > Security > Egress > Monitor and from the "VPC/VNets" drop-down window, select the aws-us-east-2-spoke1 VPC.

      -
      +
      ../_images/lab6-monitor.png
      -

      Fig. 176 Monitor#

      +

      Fig. 176 Monitor#

      You will get a granular Layer 7 visibility that allows you to get a good understanding of how the egress traffic has been consumed and also allows you to help make decisions on how to potentially optimize that.

      @@ -728,10 +728,10 @@

      5. ZTNA - Zero Trust Network Architecture#

      Let’s move towards a posture where only specific egress domains are in place.

      Go to CoPilot > Groups > WebGroups and click on "+ WebGroup" button.

      -
      +
      ../_images/lab6-webgroup.png
      -

      Fig. 177 +WebGroup#

      +

      Fig. 177 +WebGroup#

      Create a WebGroup with the following parameters:

      @@ -742,10 +742,10 @@

      5.1 Create a New WebGroup

      Domains/URLs: www.wikipedia.com

    Do not forget to click on Save.

    -
    +
    ../_images/lab6-webgroup2.png
    -

    Fig. 178 WebGroup creation#

    +

    Fig. 178 WebGroup creation#

    @@ -756,31 +756,31 @@

    5.1 Create a New WebGroup

    6. Edit the Egress-Rule#

    -
    -

    6.1 Create a new rule#

    +
    +

    6.1 Apply a change on an existing rule#

    Go to CoPilot > Security > Distributed Cloud Firewall > Rules, click on the pencil button on the right-hand side of the Egress-Rule.

    • Now remove the WebGroup "All-Web" and then select the WebGroup "two-domains".

    • Turn ON the Enforcement knob.

    Do not forget to click on Save In Drafts and then Commit your changes!

    -
    +
    ../_images/lab6-webgroup234.png
    -

    Fig. 179 Editing the Egress-Rule#

    +

    Fig. 179 Editing the Egress-Rule#

    -
    +
    ../_images/lab6-webgroup2345.png
    -

    Fig. 180 Commit the changes#

    +

    Fig. 180 Commit the changes#

    Important

      -

    • Anywhere (0.0.0.0/0) = Default Route

      • -

    • Publlic Internet = NON-RFC1918 routes

      • +

    • Anywhere (0.0.0.0/0) = Represents all CIDR ranges or IP addresses.

      • +

    • Publlic Internet = Represents non-RFC 1918 IP ranges, or the public Internet

    Now you have effectively activated the ZTNA approach.

    @@ -788,20 +788,20 @@

    6.1 Create a new ruleNote

    After committing the changes, the Egress-Rule will be applied to the data path and moreover, the DefaultDenyAll rule will show up again at the very bottom.

    -
    +
    ../_images/lab6-webgroup23456.png
    -

    Fig. 181 ZTNA#

    +

    Fig. 181 ZTNA#

    -
    -

    6.1.1 Test the new rule#

    +
    +

    6.1.1 Test the modified rule#

    Go to CoPilot > Security > Egress > Monitor and select the Live View from the "Time Period" field, then select the aws-us-east-2-spoke1 VPC from the "VPC/VNets" drop-down window.

    -
    +
    ../_images/lab6-newview.png
    -

    Fig. 182 Select the VPC#

    +

    Fig. 182 Select the VPC#

    7. IDS#

    -
    -

    7.1 Create a New Rule#

    +
    +

    7.1 Create a New Rule#

    Let’s now test the IDS feature (i.e. Intrusion Detection System).

    Go to CoPilot > Security > Distributed Cloud Firewall > Rules and click on the "+ Rule" button.

    Create a new DCF Rule with the following parameters:

    @@ -852,17 +852,17 @@

    7.1 Create a New Rule +
    ../_images/lab6-ids.png
    -

    Fig. 185 Inspect-DNS#

    +

    Fig. 185 Inspect-DNS#

    Proceed clicking on the Commit button.

    -
    +
    ../_images/lab6-idscommit.png
    -

    Fig. 186 New DCF List#

    +

    Fig. 186 New DCF List#

    @@ -877,27 +877,27 @@

    7.2 Prepare the simulator

    Note

    You will be asked to type again the student password!

    -
    +
    ../_images/lab6-password.png
    -

    Fig. 187 Root PWD#

    +

    Fig. 187 Root PWD#

    curl -sSL https://raw.githubusercontent.com/0xtf/testmynids.org/master/tmNIDS -o /tmp/tmNIDS && chmod +x /tmp/tmNIDS && /tmp/tmNIDS
    -
    +
    ../_images/lab6-sudo.png
    -

    Fig. 188 Commands issued#

    +

    Fig. 188 Commands issued#

    The last command will show up a simulator from whom you will be able to launch an attack for testing the "Suricata IDS".

    -
    +
    ../_images/lab6-suricata.png
    -

    Fig. 189 Simulator#

    +

    Fig. 189 Simulator#

    @@ -906,10 +906,10 @@

    7.3 Test the New Rule and the IDS feature

  • Before launching the attack, edit the new DCF rule, clicking on the pencil icon beside the Inspect-DNS rule.

    • -
    +
    ../_images/lab6-suricataedit.png
    -

    Fig. 190 Edit existing rule#

    +

    Fig. 190 Edit existing rule#

    Insert the following parameters and do not forget to click on Save In Drafts:

    @@ -917,24 +917,24 @@

    7.3 Test the New Rule and the IDS feature +
    ../_images/lab6-dns.png
    -

    Fig. 191 Modify the rule#

    +

    Fig. 191 Modify the rule#

    Now click on the Commit button.

    -
    +
    ../_images/lab6-commit3.png
    -

    Fig. 192 Commit#

    +

    Fig. 192 Commit#

    From the EC2 instance aws-us-east-2-spoke1-test2, type 5 and click enter for launching a malicious attack, specifically the attack will try to establish a connection towards a TOR server.

    -
    +
    ../_images/lab6-5.png
    -

    Fig. 193 Malicious known attack#

    +

    Fig. 193 Malicious known attack#

    Now go to CoPilot > Security > Distributed Cloud Firewall > Detected Intrusions, and you will be able to find indicators that detected that attempt to contact a TOR server, through a DNS request.

    @@ -942,17 +942,17 @@

    7.3 Test the New Rule and the IDS featureTip

    If you do not see the logs immediately, click on the refresh button

    -
    +
    ../_images/lab6-refresh.png
    -

    Fig. 194 Detected Intrusions#

    +

    Fig. 194 Detected Intrusions#

    Click on any Timestamps to get additional insight on that specific attack.

    -
    +
    ../_images/lab6-final.png
    -

    Fig. 195 Additional insights#

    +

    Fig. 195 Additional insights#

    @@ -960,10 +960,10 @@

    7.3 Test the New Rule and the IDS feature +
    ../_images/lab6-finaltopo.png
    -

    Fig. 196 Final Topology for Lab 5#

    +

    Fig. 196 Final Topology for Lab 5#

    @@ -1059,12 +1059,12 @@

    7.3 Test the New Rule and the IDS feature6. Edit the Egress-Rule
  • 7. IDS diff --git a/docs/ace-pro/searchindex.js b/docs/ace-pro/searchindex.js index b5926a80..a27dc9c1 100644 --- a/docs/ace-pro/searchindex.js +++ b/docs/ace-pro/searchindex.js @@ -1 +1 @@ -Search.setIndex({"alltitles": {"1. Create VPCs, Transit GW, Spoke GW and Attachment through Terraform": [[4, "create-vpcs-transit-gw-spoke-gw-and-attachment-through-terraform"]], "1. General Objectives": [[11, "general-objectives"], [12, "general-objectives"]], "1. Introduction": [[2, "introduction"]], "1. Objective": [[3, "objective"], [5, "objective"], [6, "objective"], [7, "objective"], [8, "objective"], [9, "objective"], [10, "objective"], [13, "objective"]], "1. Preface": [[1, "preface"]], "1.1. Attachment between Edge and the Transit": [[12, "attachment-between-edge-and-the-transit"]], "2. Azure VNet": [[2, "azure-vnet"]], "2. CostIQ": [[13, "costiq"]], "2. Distributed Cloud Firewall Overview": [[3, "distributed-cloud-firewall-overview"]], "2. FireNet Overview (Firewall Network)": [[10, "firenet-overview-firewall-network"]], "2. High Performance Encryption and ActiveMesh": [[8, "high-performance-encryption-and-activemesh"]], "2. Multicloud Connectivity Overview": [[6, "multicloud-connectivity-overview"]], "2. Network Domain Association": [[12, "network-domain-association"]], "2. Network Segmentation Overview": [[7, "network-segmentation-overview"]], "2. Prerequisites": [[1, "prerequisites"]], "2. Site2Cloud Overview": [[11, "site2cloud-overview"]], "2. ThreatIQ Overview": [[5, "threatiq-overview"]], "2. Topology": [[9, "topology"]], "2. Validate": [[4, "validate"]], "2.1 Enable CostIQ": [[13, "enable-costiq"]], "2.1. Create Azure VNet": [[2, "create-azure-vnet"]], "3. AWS VPC": [[2, "aws-vpc"]], "3. Create Transit Peering": [[4, "create-transit-peering"]], "3. Edge: Connectivity Test": [[12, "edge-connectivity-test"]], "3. Getting Started with the labs": [[1, "getting-started-with-the-labs"]], "3. New York DC is the Shared Services": [[13, "new-york-dc-is-the-shared-services"]], "3. SSH to the EC2 instance in the Private Subnet": [[9, "ssh-to-the-ec2-instance-in-the-private-subnet"]], "3. Smart Groups Creation": [[3, "smart-groups-creation"]], "3. Topology": [[5, "topology"], [6, "topology"], [7, "topology"], [8, "topology"], [10, "topology"], [11, "topology"]], "3.1. Create AWS VPC": [[2, "create-aws-vpc"]], "3.1. Smart Group \u201cbu1\u201d": [[3, "smart-group-bu1"]], "3.2. Smart Group \u201cbu2\u201d": [[3, "smart-group-bu2"]], "3.2. Verify from AWS Console": [[2, "verify-from-aws-console"]], "3.3. Connectivity verification (ICMP)": [[3, "connectivity-verification-icmp"]], "3.4. Connectivity verification (SSH)": [[3, "connectivity-verification-ssh"]], "4. Access Information": [[1, "access-information"]], "4. Configuration": [[7, "configuration"], [10, "configuration"], [11, "configuration"]], "4. DCF Rules Creation": [[3, "dcf-rules-creation"]], "4. Edge: FlowIQ": [[12, "edge-flowiq"]], "4. Egress Control": [[9, "egress-control"]], "4. GCP VPC": [[2, "gcp-vpc"]], "4. High Performance Encryption Configuration": [[8, "high-performance-encryption-configuration"]], "4. IAC Summary": [[4, "iac-summary"]], "4. Initial configuration": [[6, "initial-configuration"]], "4. PSF": [[5, "psf"]], "4.1 Deploy the PSF": [[5, "deploy-the-psf"]], "4.1 Enable the Egress Control": [[9, "enable-the-egress-control"]], "4.1. Aviatrix Transit Gateways": [[6, "aviatrix-transit-gateways"], [7, "aviatrix-transit-gateways"]], "4.1. Azure Transit to Spoke Peering": [[10, "azure-transit-to-spoke-peering"]], "4.1. Build a Zero Trust Network Architecture": [[3, "build-a-zero-trust-network-architecture"]], "4.1. CoPilot View before starting": [[8, "copilot-view-before-starting"]], "4.1. Create GCP VPC": [[2, "create-gcp-vpc"]], "4.1. Site2Cloud Connection (Cloud to On-Prem)": [[11, "site2cloud-connection-cloud-to-on-prem"]], "4.1.1.Transit Gateway in AWS US-EAST-2": [[6, "transit-gateway-in-aws-us-east-2"]], "4.2 Inspect the Private RTB": [[9, "inspect-the-private-rtb"]], "4.2 Network Domains": [[7, "network-domains"]], "4.2 RTB verification": [[5, "rtb-verification"]], "4.2 Site2Cloud Connection - StrongSwan\u2019s configuration": [[11, "site2cloud-connection-strongswan-s-configuration"]], "4.2. Aviatrix Spoke Gateways": [[6, "aviatrix-spoke-gateways"]], "4.2. Create an intra-rule that allows ICMP inside bu1": [[3, "create-an-intra-rule-that-allows-icmp-inside-bu1"]], "4.2. Create an intra-rule that allows ICMP inside bu2": [[3, "create-an-intra-rule-that-allows-icmp-inside-bu2"]], "4.2. PAN Firewall Deployment": [[10, "pan-firewall-deployment"]], "4.2. Transit-Spoke Attachment": [[8, "transit-spoke-attachment"]], "4.2.1. Spoke Gateway in AWS": [[6, "spoke-gateway-in-aws"]], "4.2.2. Spoke Gateway in Azure": [[6, "spoke-gateway-in-azure"]], "4.2.3. Spoke Gateway in GCP": [[6, "spoke-gateway-in-gcp"]], "4.3 Generate Traffic": [[9, "generate-traffic"]], "4.3. CoPilot View after Transit-Spoke Attachment": [[8, "copilot-view-after-transit-spoke-attachment"]], "4.3. Explore the Cloud Fabric": [[6, "explore-the-cloud-fabric"]], "4.3. Firewall Configuration": [[10, "firewall-configuration"]], "4.4 Aviatrix Spoke to Transit Gateways Attachments": [[6, "aviatrix-spoke-to-transit-gateways-attachments"]], "4.4 Enable DCF": [[9, "enable-dcf"]], "4.4. Firewall Vendor Integration": [[10, "firewall-vendor-integration"]], "4.4. Transit Peerings Configuration": [[8, "transit-peerings-configuration"]], "4.4.1 Identify the subnet where the private workload resides": [[9, "identify-the-subnet-where-the-private-workload-resides"]], "4.4.1. Spoke to Transit Attachment in AWS": [[6, "spoke-to-transit-attachment-in-aws"]], "4.4.1. Transit Peerings Verification": [[8, "transit-peerings-verification"]], "4.4.2 Create an Ad-Hoc SmartGroup": [[9, "create-an-ad-hoc-smartgroup"]], "4.4.2 Spoke to Transit Attachment in Azure": [[6, "spoke-to-transit-attachment-in-azure"]], "4.4.3 Create a new Rule": [[9, "create-a-new-rule"]], "4.4.3. Spoke to Transit Attachment in GCP": [[6, "spoke-to-transit-attachment-in-gcp"]], "4.5. CoPilot Verification of Spoke-Transit Attachments": [[6, "copilot-verification-of-spoke-transit-attachments"]], "4.5. Verify Routes Installed on Firewall": [[10, "verify-routes-installed-on-firewall"]], "4.6. FireNet Policy": [[10, "firenet-policy"]], "4.6. Multicloud Transit Peerings": [[6, "multicloud-transit-peerings"]], "4.6.1. AWS and Azure": [[6, "aws-and-azure"]], "4.6.2 Azure and GCP": [[6, "azure-and-gcp"]], "4.6.3. GCP and AWS": [[6, "gcp-and-aws"]], "5. - Network Insights API": [[4, "network-insights-api"]], "5. A new SmartGroup for the Public Subnet": [[5, "a-new-smartgroup-for-the-public-subnet"]], "5. Edge: \u201cIt\u2019s more than a Spoke GW\u201d\u201d": [[12, "edge-it-s-more-than-a-spoke-gw"]], "5. Enforcement": [[5, "enforcement"]], "5. High Performance Encryption Verification": [[8, "high-performance-encryption-verification"]], "5. Lab Topology": [[1, "lab-topology"]], "5. S2C - Verification": [[11, "s2c-verification"]], "5. Verification": [[3, "verification"], [6, "verification"], [10, "verification"]], "5. Verification of Segment Attachments": [[7, "verification-of-segment-attachments"]], "5. ZTNA - Zero Trust Network Architecture": [[9, "ztna-zero-trust-network-architecture"]], "5.1 Create a New WebGroup": [[9, "create-a-new-webgroup"]], "5.1 Create an Ad-Hoc SmartGroup": [[5, "create-an-ad-hoc-smartgroup"]], "5.1 Edge: As-Path Prepend": [[12, "edge-as-path-prepend"]], "5.1 Generate traffic towards the \u201cBad Guy\u201d": [[5, "id1"]], "5.1. Automatic enforcement: \u201cforce-drop\u201d": [[5, "automatic-enforcement-force-drop"]], "5.1. CoPilot Verification": [[7, "copilot-verification"]], "5.1. CoPilot Verification of the VPC Peerings(Transit-Transit and Spoke-Transit)": [[8, "copilot-verification-of-the-vpc-peerings-transit-transit-and-spoke-transit"]], "5.1. Inside Azure": [[10, "inside-azure"]], "5.1. Verification of Transit Peerings on CoPilot(Cloud Fabric)": [[6, "verification-of-transit-peerings-on-copilot-cloud-fabric"]], "5.1. Verify SSH traffic from your laptop to bu1": [[3, "verify-ssh-traffic-from-your-laptop-to-bu1"]], "5.1.1 Launch connectivity test": [[10, "launch-connectivity-test"]], "5.2 Create a new Rule": [[5, "create-a-new-rule"]], "5.2 Generate traffic towards the \u201cBad Guy\u201d": [[5, "generate-traffic-towards-the-bad-guy"]], "5.2. Azure to GCP": [[10, "azure-to-gcp"]], "5.2. CoPilot Verification of HPE": [[8, "copilot-verification-of-hpe"]], "5.2. Verification of Transit Peerings on CoPilot (Topology)": [[6, "verification-of-transit-peerings-on-copilot-topology"]], "5.2. Verify ICMP within bu1 and from bu1 towards bu2": [[3, "verify-icmp-within-bu1-and-from-bu1-towards-bu2"]], "5.3. Route Info DB": [[6, "route-info-db"]], "5.3. Verify SSH within bu1": [[3, "verify-ssh-within-bu1"]], "5.4. Add a rule that allows SSH in bu1": [[3, "add-a-rule-that-allows-ssh-in-bu1"]], "5.4. Connectivity": [[6, "connectivity"]], "5.4. SSH to VM in bu2": [[3, "ssh-to-vm-in-bu2"]], "5.5. Verify ICMP traffic within bu2": [[3, "verify-icmp-traffic-within-bu2"]], "5.6. Inter-rule from bu2 to bu1": [[3, "inter-rule-from-bu2-to-bu1"]], "6. ActiveMesh": [[8, "activemesh"]], "6. Connection Policy": [[7, "connection-policy"]], "6. CostIQ": [[5, "costiq"]], "6. East-1 and the Multi-Tier Transit": [[3, "east-1-and-the-multi-tier-transit"]], "6. Edit the Egress-Rule": [[9, "edit-the-egress-rule"]], "6.1 Activation of the MTT": [[3, "activation-of-the-mtt"]], "6.1 Create a new rule": [[9, "id1"]], "6.1. CoPilot Verification of ActiveMesh": [[8, "copilot-verification-of-activemesh"]], "6.1. Verification of Connection Policy": [[7, "verification-of-connection-policy"]], "6.1.1 Test the new rule": [[9, "test-the-new-rule"]], "6.2 Smart Group \u201ceast1\u201d": [[3, "smart-group-east1"]], "6.2. Connectivity test of ActiveMesh (Pt.1)": [[8, "connectivity-test-of-activemesh-pt-1"]], "6.2.1 Enable Segmentation": [[8, "enable-segmentation"]], "6.2.2. Associate Aviatrix Spoke to the Network Domain": [[8, "associate-aviatrix-spoke-to-the-network-domain"]], "6.3 Create an inter-rule that allows ICMP from bu2 towards east1": [[3, "create-an-inter-rule-that-allows-icmp-from-bu2-towards-east1"]], "6.3. Connectivity test of ActiveMesh (Pt.2)": [[8, "connectivity-test-of-activemesh-pt-2"]], "6.4 Verify connectivity between bu2 and east1": [[3, "verify-connectivity-between-bu2-and-east1"]], "7. FlightPath": [[8, "flightpath"]], "7. IDS": [[9, "ids"]], "7. Spoke to Spoke Attachment": [[3, "spoke-to-spoke-attachment"]], "7.1 Create a New Rule": [[9, "id2"]], "7.1 Creating a Spoke to Spoke Attachment": [[3, "creating-a-spoke-to-spoke-attachment"]], "7.2 Prepare the simulator": [[9, "prepare-the-simulator"]], "7.3 Test the New Rule and the IDS feature": [[9, "test-the-new-rule-and-the-ids-feature"]], "Bonus questions": [[8, "bonus-questions"]], "Description": [[4, "description"], [4, "id3"]], "Expected Results": [[4, "expected-results"], [4, "id2"]], "Gateway Keepalive Templates": [[8, "gateway-keepalive-templates"]], "LOGOS-ICONS": [[14, null]], "Lab 1 - VPCs/VNets CREATION": [[2, null]], "Lab 10 - DISTRIBUTED CLOUD FIREWALL": [[3, null]], "Lab 11 - IAC & NETWORK INSIGHTS API": [[4, null]], "Lab 2 - TRANSIT NETWORKING": [[6, null]], "Lab 3 - NETWORK SEGMENTATION": [[7, null]], "Lab 4 - HPE WITH ACTIVE MESH": [[8, null]], "Lab 5 - CLOUD PERIMETER SECURITY (Secure Cloud Egress)": [[9, null]], "Lab 6 - FIRENET": [[10, null]], "Lab 7 - SITE2CLOUD": [[11, null]], "Lab 8 - SECURE HIGH-PERFORMANCE DATACENTER EDGE": [[12, null]], "Lab 9 - COSTIQ": [[13, null]], "Lab 9 - THREATIQ & COSTIQ": [[5, null]], "Link": [[15, "link"]], "PDFs": [[0, null]], "POD Portal": [[15, null]], "Transitive Routing": [[8, "transitive-routing"]], "Validate": [[4, "id1"], [4, "id4"]], "Welcome to ACE Professional Lab": [[1, null]]}, "docnames": ["docs/PDFs", "docs/home", "docs/lab1", "docs/lab10", "docs/lab11", "docs/lab12", "docs/lab2", "docs/lab3", "docs/lab4", "docs/lab5", "docs/lab6", "docs/lab7", "docs/lab8", "docs/lab9", "docs/logos-icons", "docs/pod"], "envversion": {"sphinx": 62, "sphinx.domains.c": 3, "sphinx.domains.changeset": 1, "sphinx.domains.citation": 1, "sphinx.domains.cpp": 9, "sphinx.domains.index": 1, "sphinx.domains.javascript": 3, "sphinx.domains.math": 2, "sphinx.domains.python": 4, "sphinx.domains.rst": 2, "sphinx.domains.std": 2, "sphinx.ext.intersphinx": 1}, "filenames": ["docs/PDFs.md", "docs/home.md", "docs/lab1.md", "docs/lab10.md", "docs/lab11.md", "docs/lab12.md", "docs/lab2.md", "docs/lab3.md", "docs/lab4.md", "docs/lab5.md", "docs/lab6.md", "docs/lab7.md", "docs/lab8.md", "docs/lab9.md", "docs/logos-icons.md", "docs/pod.md"], "indexentries": {}, "objects": {}, "objnames": {}, "objtypes": {}, "terms": {"": [2, 3, 4, 5, 6, 8, 9, 10, 13], "0": [2, 3, 4, 5, 8, 9, 10, 11, 12, 13], "0xtf": 9, "10": [2, 5, 8, 9, 10, 12, 13], "100": [8, 11, 12], "105": 1, "12": [2, 3, 5], "129": 10, "149": 8, "15": 10, "16": [1, 2, 5, 8, 10, 11, 12, 13], "168": [2, 3, 10, 11], "172": [2, 8, 11, 12], "1918": [8, 10], "192": [2, 3, 10, 11], "1a": [5, 8], "1b": 8, "1x": 6, "20": [6, 10], "200": 11, "22": [1, 2, 3], "225": 12, "23": 3, "24": [2, 5, 8, 11, 12], "26": 6, "27": 9, "28": 5, "2a": [6, 9], "2x": [2, 6], "30": [8, 12], "32": 5, "3x": 6, "40": [5, 13], "443": 8, "5": 2, "50": 3, "53": [9, 10], "6": [4, 12], "60": 5, "63": [1, 10], "64512": 3, "64513": 12, "64514": 12, "64515": 3, "7": [1, 10], "71": 1, "8": [1, 3, 5, 11], "9": [1, 4, 10], "A": 8, "AS": [3, 12], "As": [2, 6, 8], "At": [1, 3, 6, 7, 8, 9, 10], "Be": [6, 8, 11], "By": [1, 4, 5], "For": [6, 11, 12], "If": [1, 3, 5, 6, 8, 9, 10, 12, 13], "In": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12], "It": [2, 3, 6, 8], "Its": 11, "NOT": [2, 3, 6, 8, 9], "No": [3, 5, 9, 12], "ON": [9, 10, 11], "OR": 3, "Of": [9, 12], "On": [3, 4, 5, 6, 8, 9, 10, 12], "TO": [3, 8], "The": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12], "Then": [2, 3, 5, 6, 7, 8, 9, 10, 11, 12], "There": 12, "These": [1, 4, 5, 6, 8], "To": [1, 3, 6, 8], "With": [4, 9], "abl": [1, 3, 6, 7, 8, 9, 10], "about": [2, 4, 5, 8, 10, 11, 12], "abov": [3, 4, 5, 6], "absenc": [3, 9], "absolut": [5, 13], "ac": 0, "access": [7, 10, 12, 15], "accomplish": [10, 12], "accord": 3, "account": [2, 5, 6], "achiev": [3, 8, 11], "across": [3, 7], "action": [3, 5, 6, 8, 9, 10, 11, 13], "activ": [4, 9, 10, 11], "activemesh": [0, 1], "actual": 8, "ad": [3, 4], "add": [5, 9, 10, 11], "addit": [1, 2, 3, 5, 6, 8, 9, 10, 12], "addition": 6, "addr": 10, "address": [5, 6, 9, 10, 11, 12], "adjust": 6, "admin": [2, 10], "administr": 12, "adopt": 3, "advanc": 3, "advertis": [5, 12, 13], "affect": 3, "aforement": [5, 9, 13], "aft": 3, "after": [3, 4, 5, 6, 7, 9, 10, 11, 12, 13], "afternoon": 1, "afterward": [2, 5, 6, 9, 12], "again": [2, 3, 4, 5, 6, 8, 9, 10, 12], "aggress": 6, "aid": 1, "aka": [1, 3, 7, 8, 10], "akin": 6, "alert": 5, "algorithm": 8, "alia": 5, "aliv": 8, "all": [2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13], "alloc": [3, 6], "allow": [4, 9, 10, 12], "almost": [2, 9, 10], "along": [8, 12], "alreadi": [3, 4, 6, 10, 11, 12], "also": [2, 3, 4, 5, 8, 9, 12], "alt": 4, "altern": [2, 9], "although": [3, 10, 12], "alto": [1, 10], "alwai": [2, 3, 6, 7], "among": [3, 6, 7], "an": [1, 2, 4, 6, 8, 10, 11, 12], "ani": [3, 5, 6, 8, 9, 10, 11, 12, 13], "anoth": [3, 4, 5, 11, 12], "anyth": 9, "anywher": [3, 9, 10], "api": [0, 1, 10], "app": 4, "appear": 6, "appiq": 8, "appli": [3, 4, 5, 7, 8, 9, 10, 12], "applic": [2, 5, 13], "approach": 9, "appropri": [7, 8], "approv": 4, "approxim": 3, "apt": 12, "ar": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12], "arc": 7, "architectur": [6, 7], "arrow": [3, 5, 9], "ask": [1, 3, 9, 12], "asn": [3, 12], "assess": 4, "asset": [2, 5, 9], "assign": [2, 3, 8, 10, 11], "assocci": 12, "associ": [5, 7, 9, 10, 13], "assum": 2, "attach": [1, 2, 5, 10], "attachemnt": 12, "attack": 9, "attempt": [8, 9], "attent": [1, 6], "attribut": 12, "authent": 10, "authet": 11, "author": [4, 9], "auto": [4, 8, 10], "autom": 4, "automat": [8, 9, 10, 11], "avail": [1, 2, 4, 5, 6, 8, 9, 11, 12], "aviatrix": [1, 2, 3, 4, 5, 9, 10, 11, 12, 14], "aviatrixlab": 11, "aviatrixsystem": 4, "avod": 3, "avx": 10, "avxadmin": 10, "aw": [1, 3, 4, 5, 7, 8, 9, 12, 13], "awai": 12, "az": [2, 5, 6, 8, 9, 10], "azur": [1, 3, 5, 7, 8, 13], "back": [2, 4, 5, 6, 8, 10, 11, 12], "backbon": 7, "backup": 12, "bar": [2, 10], "base": [3, 4, 5, 6, 8, 9, 10, 11, 12, 13], "bash": 11, "beahvior": 3, "bear": [2, 3, 6, 12], "becaus": [3, 5, 7, 8, 9, 10, 12], "becom": 8, "been": [3, 5, 6, 9, 10, 12, 13], "befor": [1, 2, 3, 5, 6, 9, 10, 11, 12], "begin": [2, 6, 9, 10], "behaviour": 9, "being": [6, 9, 10, 12], "belong": [3, 5, 9, 13], "below": [2, 3, 5, 6, 7, 8, 10, 11, 12, 15], "besid": 9, "best": [6, 12], "better": [8, 9], "between": [4, 6, 7, 8, 10, 11], "bgp": [3, 5, 12, 13], "bgpoverlan": [11, 12], "bidirect": [6, 7], "bill": [5, 13], "bit": [2, 12], "block": [2, 4, 5, 9], "blown": [1, 3, 4, 10], "blue": [3, 7], "bootcamp": 1, "bootstrap": [1, 10], "border": [3, 12], "both": [2, 3, 5, 6, 8, 9, 10, 12, 13], "bottom": [5, 6, 9], "branch": [7, 10, 11], "bring": 8, "browser": [1, 10], "build": [4, 6, 11], "bunch": 12, "bundl": 10, "busi": 8, "button": [2, 3, 4, 5, 6, 8, 9, 10, 11, 12, 13], "c6in": 6, "call": [1, 3, 5, 10], "can": [2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 15], "candid": 9, "cannot": 1, "capabl": [3, 8, 12], "care": 10, "carri": [3, 8], "case": 1, "cat": 11, "caus": [4, 9], "cd": 4, "center": [5, 13], "central": [2, 6, 12], "central1": [3, 5, 6, 7, 10, 11, 12, 13], "centralis": 6, "certif": 10, "cfg": 11, "challeng": 8, "chang": [2, 3, 4, 5, 6, 8, 9, 11, 12], "channel": 10, "check": [0, 2, 3, 6, 8, 9, 11, 12], "checkbox": 3, "chmod": 9, "choos": [3, 5, 8, 9, 10, 11], "chose": 5, "chrome": 1, "cidr": [2, 5, 9, 11, 12, 13], "circl": 6, "class": 1, "classic": 12, "classifi": [3, 5], "clean": 2, "clearli": [3, 6, 9], "click": [0, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15], "client": [1, 5, 8, 9, 12, 13], "clipboard": 4, "close": [4, 6, 12], "cloud": [0, 1, 2, 5, 7, 8, 10, 12, 13], "cluster": [6, 8, 12], "code": [4, 15], "collaps": 6, "color": [2, 7], "column": 5, "com": [9, 11], "comfort": 1, "command": [4, 5, 8, 9, 11, 12], "commit": [3, 5, 6, 9, 10], "commun": [3, 6, 7, 8, 10], "compar": 4, "complement": 4, "complet": [2, 3, 5, 6, 10, 11, 12], "complianc": 8, "compon": [3, 6], "compris": 6, "compromis": 12, "condit": [3, 5, 9], "conf": 11, "config": 8, "configur": [1, 2, 3, 4, 5, 9, 12], "confirm": [2, 3, 5, 6, 8, 10, 12], "conflict": 2, "congratul": 4, "connect": [4, 9], "consid": 12, "consol": [6, 8, 11], "construct": [1, 2, 8], "consum": [6, 9], "contact": [9, 10], "contain": [3, 4], "content": [4, 11], "continu": [2, 5, 9, 10], "control": [2, 3, 4, 8, 10, 11, 12, 14], "converg": 8, "coonfigur": 11, "copi": [4, 5, 9, 11], "copilot": [1, 2, 3, 4, 5, 9, 10, 11, 12, 13, 14], "core": 7, "corner": [2, 6, 8, 10], "corpor": 1, "correct": 9, "correctli": 12, "correspon": [5, 13], "correspond": [3, 4, 5, 6, 9, 10], "cost": [5, 9, 13], "costiq": [0, 1], "could": [6, 8, 9, 11], "cours": [9, 12], "cover": 1, "creat": [6, 7, 8, 10, 11, 12, 13], "creation": [1, 6, 7, 9, 10, 11, 12], "credenti": [2, 4, 8, 10, 12], "criteria": 5, "critic": 3, "csp": [3, 7, 9, 11], "ctrl": 4, "cumbersom": 6, "curl": [5, 9], "current": [3, 9, 10], "custom": [1, 7, 10], "customis": 7, "dai": 1, "dash": [6, 8], "dashboard": [6, 10], "data": [3, 4, 5, 9, 12], "databas": 5, "db": 12, "dc": [5, 6, 11, 12], "dcf": [5, 10], "deafultthreatgroup": 5, "decis": [4, 9, 12], "declar": 4, "decrypt": 3, "dedic": 1, "deem": 5, "default": [2, 3, 5, 6, 8, 9, 10, 11, 12], "defaultdenyal": [9, 10], "defin": [2, 3, 5, 7, 10, 12, 13], "delet": [3, 5, 9], "deliv": 12, "demonstr": [3, 5, 8, 9, 13], "deni": [3, 9, 10], "depend": 8, "depict": [2, 6, 7, 8, 11, 12], "deploi": [1, 2, 3, 4, 6, 10, 11, 12], "deploy": [2, 4, 5, 6, 11], "describ": 12, "design": [0, 1, 6, 14], "desir": [4, 7], "desktop": [1, 4, 12], "despit": 3, "destin": [3, 5, 8, 9, 10, 12], "detail": 8, "detect": 9, "determin": 5, "determinist": 8, "devic": [4, 11, 12], "diagnost": [5, 8, 11, 12, 13], "dictat": 6, "didn": 8, "differ": [2, 5, 6, 7, 8], "difficult": 6, "dig": 11, "direct": [3, 6], "directli": [3, 4, 7, 8], "directori": 4, "disabl": 8, "discov": [3, 5, 13], "dismiss": 10, "displai": 8, "disrupt": [8, 9], "distinct": 3, "distribut": [0, 1, 5, 9, 10], "dn": [6, 9, 10, 11], "do": [2, 3, 4, 5, 6, 7, 8, 9, 10, 12], "doc": 4, "document": 1, "doe": [1, 3, 4, 6, 8, 10, 11], "doesn": 10, "domain": [3, 9, 10], "don": [3, 6, 8], "done": 8, "dot": [5, 6, 9, 10, 12, 13], "down": [1, 2, 3, 5, 6, 7, 8, 9, 10, 12], "download": [0, 4, 8], "draft": [3, 5, 9, 10], "draw": [3, 11], "driven": [4, 11], "drop": [2, 3, 6, 8, 9, 10, 12], "due": [3, 9, 10, 11, 12], "dure": 3, "dynam": [3, 6], "e": [1, 2, 3, 6, 7, 9, 10, 11, 12], "each": [1, 2, 3, 6, 7, 8, 10, 11, 12], "earli": 10, "earlier": [8, 10, 12], "eas": 7, "easi": 11, "easili": 4, "east": [1, 4, 5, 7, 8, 9, 10, 12, 13], "east1": [5, 8], "east2": [3, 6, 8, 9], "ec2": [3, 5, 6, 8, 12], "echo": 3, "edg": [0, 1, 4, 5, 6, 11, 13], "edit": [5, 6, 7, 8, 10, 11, 12], "editig": 11, "effect": 9, "egress": [1, 3, 10], "eight": 2, "either": [6, 7, 11], "element": [4, 6], "email": 5, "embrac": 10, "employe": 1, "empti": [3, 5, 9, 12], "emul": 11, "enabl": [3, 4, 5, 7, 10, 12], "encompas": 3, "encrypt": [0, 1, 6, 11, 12], "end": [0, 1, 2, 5, 7, 8, 9, 10, 11, 12], "enforc": [3, 9, 10], "engin": 8, "eni": 8, "ensur": [3, 5, 6, 9], "enter": [3, 4, 5, 6, 8, 9, 10, 12], "enterpris": [3, 6, 7, 8], "entir": 8, "entri": [5, 9, 10], "environ": [3, 4, 6, 7, 9], "eod": 0, "equal": 12, "error": 10, "espn": 9, "essenti": 9, "establish": [3, 4, 6, 9, 11, 12], "etc": 11, "ethernet1": 10, "etho": 12, "evalu": 9, "even": 10, "everyth": 3, "evid": 3, "exact": 6, "exactli": 12, "exampl": [2, 11], "exchang": 12, "exclud": 3, "exclus": 9, "execut": [3, 4, 9, 12], "exercis": [0, 4], "exist": [2, 3, 6, 9, 10, 11, 12], "expand": [2, 3, 6, 8, 11, 12], "experi": [5, 6, 8, 10], "explicit": [3, 9], "explicitli": 4, "explor": [2, 4, 7, 9, 12], "export": 12, "extend": [7, 12], "extern": 11, "fabric": [3, 5, 7, 8, 9, 10, 11, 12], "facilit": 10, "fact": [3, 9], "fail": [3, 5, 8], "familiaris": 2, "far": 12, "fast": 8, "featur": [3, 7, 8, 11, 12], "fetch": 6, "few": 4, "field": [2, 3, 5, 9, 10, 11, 12], "fifteen": 6, "figur": 6, "file": [4, 10, 11], "fill": [8, 12], "filter": [2, 3, 5, 8, 9, 10, 11, 12], "final": [2, 3, 5, 6, 7, 8, 9, 10, 12, 13], "find": [4, 5, 6, 8, 9, 13], "finish": 4, "firefox": 1, "firenet": [1, 2], "firewal": [0, 1, 5, 7, 9, 11], "first": [3, 4, 5, 8, 9, 10, 11, 12], "flag": 3, "flat": [3, 7], "flexibl": 3, "flow": [8, 10, 12], "flowiq": [5, 8], "folder": [4, 10], "follow": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13], "footbal": 9, "foremost": [3, 5, 9, 12], "forget": [3, 5, 6, 8, 9, 10, 12], "format": 8, "forward": 8, "found": 9, "four": 2, "frequent": [5, 6], "fresh": 1, "fridai": [0, 1], "from": [1, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13], "full": [1, 3, 4, 6, 9, 10, 12], "function": [1, 2, 3, 8, 9, 10, 12], "furthermor": 9, "fw": 10, "g": 1, "garden": 8, "gatewai": [1, 2, 3, 4, 5, 9, 10, 11, 12, 14], "gather": 9, "gcp": [3, 5, 7, 8, 11, 12, 13], "gener": [3, 4, 8, 10], "get": [2, 5, 6, 8, 9, 10, 13], "githubusercont": 9, "give": [6, 12], "given": 1, "global": [2, 4, 5, 6], "go": [2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13], "goe": 8, "good": 9, "googl": 9, "got": [2, 3, 12], "grafana": 4, "granular": 9, "grayedout": 12, "green": [2, 3, 7, 8, 10, 11, 12], "greendfield": 9, "greenfield": [3, 5, 9, 10], "grei": [6, 10, 11], "group": [5, 7, 8, 9], "guarante": 9, "guid": [4, 6], "gw": [3, 6, 7, 8, 9, 10, 11], "ha": [2, 3, 4, 5, 6, 8, 9, 10, 12], "had": 10, "hand": [2, 3, 5, 6, 8, 9, 10, 12], "handl": 10, "happen": 6, "har": 12, "hardwar": 4, "have": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13], "heal": 8, "health": [6, 8], "help": [7, 8, 9], "henc": 10, "here": [2, 4, 7, 8, 11, 12], "hidden": [4, 5], "high": [0, 1, 6], "highest": 12, "highlight": 7, "hit": [2, 9, 10], "hoc": 3, "home": 4, "hop": [8, 12], "host": [4, 9, 11], "hour": 5, "hourglass": 2, "hover": 7, "how": [3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13], "howev": [3, 6, 9], "hpe": 6, "http": [4, 5, 9, 10], "hub": [3, 6, 7], "huge": 8, "hybrid": [8, 12], "hyperlink": 10, "i": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12], "iac": [0, 1], "icmp": 11, "icon": [2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13], "id": [3, 6], "identifi": [4, 5, 11], "igw": [2, 5, 9], "ikev2": 11, "imag": 10, "immedi": [2, 4, 5, 6, 9, 10, 11, 13], "impact": [3, 9], "implement": 7, "improv": 9, "inadvert": 9, "includ": [1, 6, 10, 14], "increasingli": 6, "inde": [6, 12], "indic": [6, 9, 10], "individu": 4, "inetutil": 12, "info": [2, 5, 7, 8, 10, 12, 13], "inform": [2, 4, 6, 8, 9], "infrastructur": [4, 6], "ingress": 10, "init": 4, "initi": [1, 3, 4, 5, 9, 10, 11], "inject": 9, "inner": 6, "input": 8, "insan": [1, 8], "insert": [2, 3, 4, 5, 9, 10, 12], "insid": [1, 2, 4, 5, 6, 9, 12], "insight": [1, 5, 9, 13], "inspect": [3, 5, 7, 10, 12], "instal": [1, 3, 9, 12], "instanc": [1, 3, 5, 6, 7, 8, 10, 11, 12], "instant": 9, "instanti": [6, 8], "instead": 11, "instructor": 5, "integr": 4, "intellig": 8, "intend": 1, "interconnect": 12, "interfac": [2, 4, 8, 10, 12], "internet": [2, 9, 10, 11], "interrupt": 8, "interv": 6, "introduc": 10, "introduct": 0, "intrus": 9, "invalid": 10, "investig": [3, 4], "invis": 9, "invok": [2, 8], "involv": [3, 11, 12], "io": 4, "ip": [1, 3, 5, 6, 7, 9, 10, 11, 12], "ipsec": [6, 11], "island": 4, "issu": [5, 9, 11], "its": [3, 5, 6, 8, 9, 10, 11, 12], "just": [2, 3, 6, 8, 10, 12], "keep": [8, 11], "kei": [3, 4, 10, 11], "kept": [3, 5, 13], "keyboard": [4, 12], "kibibyt": 12, "kind": [3, 8, 9, 10, 12], "kindli": 5, "knob": [3, 8, 9, 10, 12], "know": [4, 5, 9, 10], "knowledg": 0, "known": [5, 6, 8, 9], "lab11": 4, "lab6": 10, "lab7": 11, "lab8": 11, "lan": [11, 12], "land": 12, "laptop": [1, 9, 11], "larg": [6, 8], "larger": 4, "last": [3, 5, 8, 9], "latenc": 8, "later": [1, 7, 10], "latest": 4, "launch": [8, 9, 11, 12], "layer": [7, 9], "learn": [1, 5, 10, 12, 13], "least": [8, 9], "legend": 6, "length": 12, "less": 4, "lesson": 4, "let": [0, 2, 3, 4, 5, 8, 9, 11, 12, 13], "leverag": 3, "like": [3, 5, 6, 7, 8, 9, 10, 11, 12, 13], "likewis": [1, 3, 6, 7], "line": [4, 6, 8, 12], "link": [0, 8, 14], "list": [2, 3, 5, 6, 9, 10, 12], "littl": [2, 12], "live": [4, 9], "load": 10, "local": [3, 5, 9, 11, 12, 13], "locat": [3, 4, 6], "lock": 3, "log": [2, 3, 4, 5, 9, 10], "logic": [3, 7, 8], "login": [2, 4, 8, 10], "logo": 6, "long": 10, "look": [3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13], "lose": 4, "lost": 6, "lot": [4, 10], "love": 4, "lower": 3, "lunch": 4, "lx": 12, "lxtermin": 4, "mac": 4, "machin": [4, 5, 6, 9], "magic": 10, "mai": [1, 5, 6, 8, 10, 12], "main": 4, "maintain": [4, 5, 6], "major": 6, "make": [2, 4, 5, 6, 8, 9, 10], "malici": [1, 5, 9], "manag": [3, 6, 10, 11, 12], "mani": 5, "manifest": 4, "manipul": [10, 12], "manner": 11, "manual": [6, 11], "map": [2, 6, 10, 11, 12], "marketplac": 10, "master": 9, "match": [3, 10], "maximum": [6, 10], "mayb": 10, "mc": 4, "mcna": [0, 1, 3, 12], "mean": [4, 9, 10, 12], "meanwhil": 6, "mechan": 12, "medium": [5, 6, 8], "meet": 5, "mention": 1, "menu": [4, 7, 12], "mesh": [3, 4, 6], "messag": [2, 6, 9, 10, 12], "metadata": 5, "method": [3, 11], "metric": [3, 6, 8], "mgmt": 10, "micro": 4, "middl": 10, "might": [5, 6, 8, 10], "mind": [2, 3, 6, 8, 12], "minut": [2, 3, 4, 5, 6, 8, 10, 11, 12], "misconfigur": 6, "mod01": 0, "mod02": 0, "mod03": 0, "mod04": 0, "mod05": 0, "mod06": 0, "mod07": 0, "mod08": 0, "mod09": 0, "mod10": 0, "mod11": 0, "mod12": 0, "mod13": 0, "mod14": 0, "mod15": 0, "mod16": 0, "mod17": 0, "mode": [1, 8, 9], "modifi": [3, 8, 9], "modul": 4, "monitor": [2, 3, 5, 6, 8, 9, 10, 12], "more": [3, 4, 5, 8], "moreov": [2, 6, 9, 10], "move": [4, 5, 9, 13], "much": 12, "multi": [1, 6, 10, 12], "multicloud": [1, 4, 7], "multipl": [6, 12], "must": [1, 6, 10], "n": [5, 8], "n1": 6, "nacl": 8, "name": [2, 3, 4, 5, 6, 8, 9, 10, 11, 12], "namespac": 4, "nat": [3, 9, 11], "nativ": [6, 8, 9], "navig": [2, 4, 5, 6, 10], "nearbi": 3, "need": [4, 5, 6, 8, 9, 10, 11, 12], "neither": 7, "netflow": [5, 9, 12], "network": [0, 1, 11], "networkinsight": 0, "never": 3, "nevertheless": [9, 12], "new": [3, 4, 6, 7, 8, 10, 11, 12], "newli": 4, "next": [4, 5, 6, 8, 10], "ngfw": [3, 10], "nine": [6, 8], "node": 7, "non": [8, 9], "north": 10, "note": [3, 5, 10], "notic": [1, 2, 3, 4, 5, 6, 8, 9, 10, 11, 12], "notif": [2, 5, 12], "notifi": 12, "now": [3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13], "nslookup": 11, "number": [3, 6, 8, 11, 12], "o": [9, 11], "observ": [2, 9], "occur": [3, 7], "off": [3, 6, 8, 9, 12], "offici": 4, "ohio": 6, "ok": [3, 11], "onboard": 7, "onc": [2, 3, 4, 5, 6, 8, 10, 12], "one": [1, 2, 3, 5, 6, 8, 9, 10, 11, 12, 13], "onli": [3, 6, 7, 9, 10], "onprem": 11, "onprempartn": 11, "onward": 5, "open": [2, 3, 4, 6, 7, 12], "oper": 12, "opposit": 6, "optim": 9, "option": [5, 7, 9, 11, 12], "orchestr": [3, 10, 12], "order": [5, 6, 7, 8, 9, 10, 12], "oregon": 2, "org": 9, "other": [1, 3, 4, 6, 7, 8, 9, 10, 11], "otherwis": 1, "our": 4, "out": [3, 4, 5, 6, 8, 9, 11, 12, 13], "outboud": 1, "outcom": [3, 5, 8, 9, 10, 12], "outer": 6, "output": 9, "over": [4, 7, 11, 12], "overal": [3, 5, 6, 7, 8, 9, 10, 11, 12, 13], "overcom": 8, "overlap": [1, 2, 11], "overview": [8, 9, 12, 13], "own": [9, 12], "owner": 3, "pacif": 1, "packag": [1, 10, 12], "packet": 9, "page": [2, 4, 6, 8, 10], "pai": [1, 6], "pair": [6, 8], "palo": [1, 10], "paloalto": 10, "panel": 2, "parament": 10, "paramet": [3, 5, 6, 9, 10], "particular": 1, "partner": [1, 7, 10, 11], "partner1": 11, "pass": 10, "password": [2, 9, 10, 12], "past": [4, 10], "path": [3, 8, 9], "patient": [2, 6, 8, 10, 11], "pc": 1, "pdf": 8, "peer": [3, 12], "pencil": [5, 6, 7, 8, 9, 10], "pend": [6, 8], "per": [2, 6], "perfect": 4, "perfectli": 3, "perform": [0, 1, 6, 9], "period": [2, 5, 9], "permit": [1, 3, 5, 9, 10], "person": [1, 2, 3, 4, 5, 6, 11, 12, 15], "perspect": 12, "pictur": 15, "ping": [3, 5, 6, 7, 8, 10, 11, 12, 13], "pinpoint": [5, 9], "place": [3, 9, 11], "plan": 4, "plane": [3, 9, 12], "platform": [4, 6, 10], "pleas": [0, 1, 2, 3, 5, 6, 8, 10, 11, 12], "pod": [1, 2, 3, 4, 6, 7, 8, 9, 10, 11, 12], "point": [2, 3, 5, 6, 7, 8, 9], "polici": 3, "pop": [2, 3, 5, 6, 9, 10, 12], "popul": 10, "port": [1, 3, 8, 9, 10], "portal": [1, 2, 3, 4, 6, 9, 10, 11, 12], "possibl": [3, 9, 10], "postur": 9, "potenti": 9, "power": [6, 12], "practic": 6, "pre": [1, 6, 8, 10, 11], "preconfigur": 11, "prefer": [3, 12], "prefix": [6, 10], "prem": [6, 8, 10, 12], "premis": [7, 11], "prepar": [1, 4, 10], "prepend": 5, "preprovis": 6, "presenc": [6, 9, 10, 11, 12], "present": [3, 10], "press": 4, "prevent": 3, "preview": 3, "previou": [3, 4, 6, 8], "previous": [2, 4, 5, 8, 9, 12], "primari": 12, "privat": [2, 3, 6, 7, 8, 10, 11, 12], "proce": [3, 6, 9, 12], "proceed": [5, 6, 8], "process": [1, 4, 6, 12], "product": 6, "prof": 0, "program": [8, 10], "progress": [2, 5, 6, 10], "prometheu": 4, "prompt": [4, 10], "proofpoint": 5, "properli": 3, "properti": [6, 8], "propos": 4, "protect": 5, "protocol": [3, 5, 8, 9, 10, 12], "provid": [1, 4, 5, 6, 8, 9], "provis": [6, 10, 12], "psk": 11, "public": [2, 3, 6, 8, 9, 10, 11, 12], "public_ip": [6, 7], "publlic": 9, "pull": 7, "purpos": [2, 9], "pwd": 9, "queri": 9, "quickli": 4, "quit": 3, "rang": 2, "rate": [4, 12], "rather": 4, "raw": 9, "rbac": 0, "reach": [3, 9, 11, 12], "reachabl": [3, 7, 8], "read": 5, "readi": [10, 12], "real": 11, "reason": 3, "receiv": [4, 5, 10], "recipi": 5, "recommend": [3, 6], "reconverg": 8, "recreat": 10, "recurs": [8, 11], "red": [8, 10, 11], "reduc": 9, "redund": 12, "refer": [2, 3, 4, 5, 6, 7, 8, 9, 10, 11], "reflect": [2, 3, 6, 8, 11], "refresh": [2, 5, 6, 8, 9, 10, 11, 12], "regard": 12, "region": [1, 2, 3, 5, 6, 8, 12], "regist": 12, "registri": 4, "regularli": 5, "rel": [5, 13], "relat": [3, 10, 12], "relaunch": [3, 8, 12], "relev": [3, 7], "reli": [5, 6], "remain": [5, 8, 9, 13], "rememb": 10, "remot": [4, 11, 12], "remov": [0, 5, 8, 9], "repeat": [3, 5, 6, 8, 12, 13], "replac": [9, 11], "replace_with_spoke_gw_public_ip": 11, "repli": 3, "report": [5, 8], "repres": [6, 7], "reput": 5, "request": 9, "requir": [3, 4, 5, 7, 8, 10, 13], "rerout": 9, "resid": [5, 6, 8], "resili": 8, "resolv": 11, "resourc": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11], "respect": [6, 7, 8], "respons": 10, "rest": [3, 6, 12], "restart": 8, "restor": 2, "restrict": [1, 7], "result": [2, 6], "retest": [7, 8], "retriev": [6, 9, 10, 11], "return": 10, "reveal": 12, "reverifi": 8, "rfc": [8, 10], "rfc1918": [8, 9, 10], "rib": 6, "rid": 10, "righ": 3, "right": [1, 2, 3, 5, 6, 8, 9, 10, 12], "root": 9, "roughli": 10, "rout": [2, 3, 5, 7, 9, 11, 12, 13], "router": [1, 10, 11, 12], "row": [5, 10], "rtb": 8, "rule": 10, "run": [4, 5, 6, 8, 11, 12, 13], "safari": 1, "sake": 6, "same": [2, 3, 4, 5, 6, 8, 9, 10, 12], "save": [2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12], "scalabl": 8, "scale": 10, "scenario": [9, 11], "scope": 1, "scratch": 11, "screen": [10, 11, 12], "screenshot": [2, 5, 6, 8], "script": 11, "scroll": [8, 12], "sd": 12, "sdn": 12, "search": [2, 3, 5, 8, 9, 11, 12], "second": [6, 8, 10, 12], "section": [2, 3, 4, 5, 6, 8, 10, 11, 12], "secur": [0, 1, 3, 4, 5, 7, 8, 10], "see": [2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13], "seem": 12, "segment": [0, 1, 10, 12], "segreg": 7, "select": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 12, 13], "self": 10, "semplic": 6, "send": 5, "sens": 3, "sent": 3, "separ": [1, 3, 8], "seri": [1, 10], "server": [4, 6, 9], "servic": [2, 3, 5, 8, 9], "session": [4, 8, 10, 11], "set": [3, 4, 5, 6, 8, 10, 11, 12], "sever": [3, 6], "sg": [3, 5, 9], "sh": 11, "share": [1, 5, 10, 11], "shift": 4, "should": [1, 3, 4, 5, 6, 9, 10, 13], "show": [3, 4, 5, 6, 8, 9, 10, 12, 13], "shown": [2, 5, 6, 7, 10], "shut": 8, "side": [2, 3, 5, 6, 8, 9, 10, 11, 12], "sidebar": 4, "sign": 10, "significantli": 10, "similar": [3, 7, 11, 12], "simpl": [4, 6], "simplic": 6, "simplifi": [4, 6, 10], "simultan": [8, 12], "sinc": [2, 7, 11], "singl": [1, 3, 6, 8, 9, 12], "sit": 9, "site": 11, "site2cloud": [0, 1, 7], "six": 6, "size": [5, 6, 8, 10], "slide": 0, "slider": 9, "slow": 10, "smartgroup": [3, 10], "smoothli": 3, "snat": [9, 10], "so": [1, 7], "softwar": 12, "sole": [3, 8, 9], "solid": [6, 8], "solut": [1, 3, 4, 7, 10, 12], "some": [1, 2, 4, 6, 8, 10, 12], "someth": 6, "soon": [0, 2, 6], "sourc": [3, 4, 5, 8, 9, 10], "south": 10, "space": [2, 10, 11], "special": [1, 6], "specialti": 5, "specif": [1, 9, 10], "specifi": 9, "speed": 8, "splash": 10, "spoke": [1, 2, 7, 9, 11], "spoke1": [2, 3, 5, 6, 7, 8, 9, 10, 11, 12, 13], "spoke2": [1, 3, 5, 6, 7, 8, 10, 13], "ssh": [1, 5, 6, 7, 8, 10, 11, 12], "ssl": 9, "stage": [6, 8], "standard": 6, "standard_b2m": 6, "standard_d3_v2": 10, "start": [2, 6, 9, 11], "stat": [4, 8], "state": [3, 4, 6, 8, 10], "statement": 4, "statemet": 4, "static": [6, 10, 11], "statist": 4, "statu": [2, 4, 6, 8, 11], "step": [1, 6, 8, 10], "still": [3, 8, 10, 12], "stop": [5, 8], "storag": 10, "stream": 10, "string": [10, 11], "strong": 10, "strongswan": 1, "student": [1, 6, 7, 9, 12], "studio": 4, "su": 9, "sub1": [2, 6], "subnet": [2, 3, 6, 8, 10, 11, 12, 13], "subscript": 10, "subsequ": [2, 6, 11, 12], "success": [3, 9, 10, 12], "successfulli": [2, 3, 5, 9, 10, 12], "sudo": [9, 11, 12], "suggest": 5, "summari": [5, 8], "support": 1, "sure": [2, 5, 6, 10], "suricata": [3, 9], "survei": 0, "swanctl": 11, "switch": 8, "symbol": [10, 11], "system": 9, "t": [3, 6, 8, 9, 10], "t2": [5, 6], "tab": [3, 5, 6, 7, 8, 9, 10, 11, 12, 13], "tabl": [2, 3, 5, 7, 8, 9, 10], "tag": [3, 5], "take": [2, 3, 6, 8, 10, 12], "taken": 10, "target": [9, 12], "task": [2, 6, 11, 12], "tcp": [3, 8], "technologi": 8, "templat": [2, 5, 10, 11, 12], "temporari": 8, "temporarili": 8, "term": 6, "termin": [3, 5, 6, 7, 11, 12, 13], "terraform": 1, "test": [1, 3, 5, 6, 7], "test1": [3, 5, 6, 7, 8, 9, 10, 11, 12], "test2": [3, 8, 9], "testmynid": 9, "tf": 4, "tfstate": 4, "tfvar": 4, "than": 4, "thank": [3, 9], "thei": [0, 2, 5, 12, 13], "them": [4, 6, 7], "therefor": [2, 3, 4, 5, 6, 9, 10, 12], "thi": [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14], "thing": 4, "thit": 3, "those": [3, 6, 8, 12], "threat": [3, 5], "threatgroup": 5, "threatguard": 5, "threatiq": [0, 1], "three": [3, 5, 6, 7, 9, 10, 12, 13], "threee": 12, "through": [2, 3, 6, 7, 8, 9, 10, 12], "throughout": 1, "throughput": 10, "thu": 12, "tier": 1, "time": [1, 2, 3, 5, 6, 7, 8, 9, 10, 12], "timer": [6, 8], "timestamp": [5, 9], "tl": 3, "tmnid": 9, "tmp": 9, "togeth": 0, "toggl": 5, "too": 10, "tool": 11, "top": [2, 3, 6, 8, 10, 12], "topologi": [3, 4, 12, 13], "topopologi": 6, "tor": 9, "torn": 1, "total": 6, "toward": [4, 8, 9, 10, 12, 13], "tracerout": 12, "traffic": [8, 10, 12, 13], "train": [0, 1], "trainer": 1, "transit": [0, 1, 2], "transit_gatewai": 4, "translat": 9, "transmit": 4, "tri": 9, "trigger": [2, 5], "troubl": 4, "troubleshoot": [6, 12], "trust": 4, "try": [3, 9, 10], "tunnel": [6, 8, 11], "turn": [3, 5, 8, 9, 10, 12], "turnkei": 10, "two": [3, 5, 6, 7, 8, 9, 10, 11, 12, 13], "type": [2, 5, 6, 9, 11, 12], "typic": [3, 11], "u": [1, 2, 3, 4, 5, 7, 8, 9, 10, 11, 12, 13], "udp": [9, 10], "ui": [2, 4, 5, 12], "ultim": 12, "unaffect": 9, "unattach": 8, "unchang": 3, "under": [5, 10, 12], "underlai": [2, 12], "underli": 8, "understand": [3, 9], "undoubtetli": 3, "uniqu": [3, 6, 10], "unless": [1, 7], "unmanag": 6, "unreach": 8, "until": [1, 3, 4, 10, 12], "untrust": 8, "unus": 5, "up": [2, 3, 5, 6, 9, 10, 11, 12], "updat": [5, 6, 11], "update_swanctl": 11, "upon": 9, "url": [2, 3, 8, 9, 10], "us": [1, 2, 4, 5, 6, 7, 8, 9, 10, 11, 12, 14], "user": [0, 2], "usernam": 10, "util": [5, 8, 13], "utilis": [1, 11], "v": 4, "valid": [1, 3, 5, 6], "valu": [2, 3, 5, 6, 9], "vari": 10, "variabl": 4, "vcn": [3, 6, 7, 8, 10], "vendor": 4, "veri": [3, 6, 9, 12], "verif": [2, 12], "verifi": [1, 5, 6, 7, 8, 9, 11, 12], "version": [4, 10], "via": [10, 12], "view": [2, 5, 6, 7, 9, 15], "virginia": [5, 8], "virtual": [5, 6, 9, 10, 11], "visibl": [8, 9, 12], "visual": 4, "vm": [1, 6, 7, 10, 12], "vnet": [1, 3, 5, 6, 7, 8, 9, 10, 11, 13], "vpc": [1, 3, 5, 6, 7, 9, 10, 11, 12, 13], "vpn": 0, "wa": [2, 3, 4, 5, 8, 9, 10, 11, 12], "wai": 5, "wait": [2, 5, 8, 10, 11, 12], "wall": 8, "wan": 12, "want": [2, 3, 9], "warn": 10, "watch": 9, "we": [4, 5, 6, 7, 8, 9, 10, 11], "web": [2, 5, 6, 8, 9, 10], "webgroup": 5, "websit": 9, "week": [0, 1], "welcom": 10, "well": [5, 7, 8], "were": [8, 10], "west": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 13], "west2": [2, 6], "what": [3, 4, 5, 6, 7, 8, 9, 11], "when": [4, 5, 6, 8, 10, 12], "where": [3, 4, 5, 8, 10], "wherea": [6, 12], "wherebi": [3, 9], "whether": [2, 3, 9], "which": [1, 4, 6, 9, 10], "while": [5, 6, 7, 10], "white": 2, "whole": 3, "whom": 9, "why": 8, "widget": [4, 12], "wikipedia": 9, "window": [2, 3, 4, 5, 6, 7, 8, 9, 10, 11], "within": [6, 8, 9, 10, 11, 12], "without": [3, 6, 7, 9, 10, 12], "wll": 9, "word": 1, "work": [3, 4, 5, 9, 10, 11, 13], "workflow": 11, "workload": [5, 6, 7], "workstat": [4, 5, 12, 13], "wortkstat": [5, 13], "would": [3, 5, 6, 7, 8, 9, 10, 11, 12, 13], "www": 9, "x": 9, "ye": 4, "yet": [3, 6, 8, 10, 12], "ym2v": 15, "york": [5, 11, 12], "you": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 15], "your": [1, 2, 4, 5, 6, 8, 9, 10, 11, 12, 14, 15], "yourself": 2, "zone": [2, 5, 6, 8, 9, 10], "zoom": 1}, "titles": ["PDFs", "Welcome to ACE Professional Lab", "Lab 1 - VPCs/VNets CREATION", "Lab 10 - DISTRIBUTED CLOUD FIREWALL", "Lab 11 - IAC & NETWORK INSIGHTS API", "Lab 9 - THREATIQ & COSTIQ", "Lab 2 - TRANSIT NETWORKING", "Lab 3 - NETWORK SEGMENTATION", "Lab 4 - HPE WITH ACTIVE MESH", "Lab 5 - CLOUD PERIMETER SECURITY (Secure Cloud Egress)", "Lab 6 - FIRENET", "Lab 7 - SITE2CLOUD", "Lab 8 - SECURE HIGH-PERFORMANCE DATACENTER EDGE", "Lab 9 - COSTIQ", "LOGOS-ICONS", "POD Portal"], "titleterms": {"": [11, 12], "1": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13], "10": 3, "11": 4, "2": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13], "3": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13], "4": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12], "5": [1, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12], "6": [3, 5, 6, 7, 8, 9, 10], "7": [3, 8, 9, 11], "8": 12, "9": [5, 13], "A": 5, "As": 12, "It": 12, "On": 11, "WITH": 8, "ac": 1, "access": 1, "activ": [3, 8], "activemesh": 8, "ad": [5, 9], "add": 3, "after": 8, "allow": 3, "an": [3, 5, 9], "api": 4, "architectur": [3, 9], "associ": [8, 12], "attach": [3, 4, 6, 7, 8, 12], "automat": 5, "aviatrix": [6, 7, 8], "aw": [2, 6], "azur": [2, 6, 10], "bad": 5, "befor": 8, "between": [3, 12], "bonu": 8, "bu1": 3, "bu2": 3, "build": 3, "cloud": [3, 6, 9, 11], "configur": [6, 7, 8, 10, 11], "connect": [3, 6, 7, 8, 10, 11, 12], "consol": 2, "control": 9, "copilot": [6, 7, 8], "costiq": [5, 13], "creat": [2, 3, 4, 5, 9], "creation": [2, 3], "datacent": 12, "db": 6, "dc": 13, "dcf": [3, 9], "deploi": 5, "deploy": 10, "descript": 4, "distribut": 3, "domain": [7, 8, 12], "drop": 5, "east": [3, 6], "east1": 3, "ec2": 9, "edg": 12, "edit": 9, "egress": 9, "enabl": [8, 9, 13], "encrypt": 8, "enforc": 5, "expect": 4, "explor": 6, "fabric": 6, "featur": 9, "firenet": 10, "firewal": [3, 10], "flightpath": 8, "flowiq": 12, "forc": 5, "from": [2, 3], "gatewai": [6, 7, 8], "gcp": [2, 6, 10], "gener": [5, 9, 11, 12], "get": 1, "group": 3, "gui": 5, "gw": [4, 12], "high": [8, 12], "hoc": [5, 9], "hpe": 8, "i": 13, "iac": 4, "icmp": 3, "icon": 14, "id": 9, "identifi": 9, "info": 6, "inform": 1, "initi": 6, "insid": [3, 10], "insight": 4, "inspect": 9, "instal": 10, "instanc": 9, "integr": 10, "inter": 3, "intra": 3, "introduct": 2, "keepal": 8, "lab": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13], "laptop": 3, "launch": 10, "link": 15, "logo": 14, "mesh": 8, "more": 12, "mtt": 3, "multi": 3, "multicloud": 6, "network": [3, 4, 6, 7, 8, 9, 10, 12], "new": [5, 9, 13], "object": [3, 5, 6, 7, 8, 9, 10, 11, 12, 13], "overview": [3, 5, 6, 7, 10, 11], "pan": 10, "path": 12, "pdf": 0, "peer": [4, 6, 8, 10], "perform": [8, 12], "perimet": 9, "pod": 15, "polici": [7, 10], "portal": 15, "prefac": 1, "prem": 11, "prepar": 9, "prepend": 12, "prerequisit": 1, "privat": 9, "profession": 1, "psf": 5, "pt": 8, "public": 5, "question": 8, "resid": 9, "result": 4, "rout": [6, 8, 10], "rtb": [5, 9], "rule": [3, 5, 9], "s2c": 11, "secur": [9, 12], "segment": [7, 8], "servic": 13, "share": 13, "simul": 9, "site2cloud": 11, "smart": 3, "smartgroup": [5, 9], "spoke": [3, 4, 6, 8, 10, 12], "ssh": [3, 9], "start": [1, 8], "strongswan": 11, "subnet": [5, 9], "summari": 4, "templat": 8, "terraform": 4, "test": [8, 9, 10, 12], "than": 12, "threatiq": 5, "through": 4, "tier": 3, "topologi": [1, 5, 6, 7, 8, 9, 10, 11], "toward": [3, 5], "traffic": [3, 5, 9], "transit": [3, 4, 6, 7, 8, 10, 12], "trust": [3, 9], "u": 6, "valid": 4, "vendor": 10, "verif": [3, 5, 6, 7, 8, 10, 11], "verifi": [2, 3, 10], "view": 8, "vm": 3, "vnet": 2, "vpc": [2, 4, 8], "webgroup": 9, "welcom": 1, "where": 9, "within": 3, "workload": 9, "york": 13, "your": 3, "zero": [3, 9], "ztna": 9}}) \ No newline at end of file +Search.setIndex({"alltitles": {"1. Create VPCs, Transit GW, Spoke GW and Attachment through Terraform": [[4, "create-vpcs-transit-gw-spoke-gw-and-attachment-through-terraform"]], "1. General Objectives": [[11, "general-objectives"], [12, "general-objectives"]], "1. Introduction": [[2, "introduction"]], "1. Objective": [[3, "objective"], [5, "objective"], [6, "objective"], [7, "objective"], [8, "objective"], [9, "objective"], [10, "objective"], [13, "objective"]], "1. Preface": [[1, "preface"]], "1.1. Attachment between Edge and the Transit": [[12, "attachment-between-edge-and-the-transit"]], "2. Azure VNet": [[2, "azure-vnet"]], "2. CostIQ": [[13, "costiq"]], "2. Distributed Cloud Firewall Overview": [[3, "distributed-cloud-firewall-overview"]], "2. FireNet Overview (Firewall Network)": [[10, "firenet-overview-firewall-network"]], "2. High Performance Encryption and ActiveMesh": [[8, "high-performance-encryption-and-activemesh"]], "2. Multicloud Connectivity Overview": [[6, "multicloud-connectivity-overview"]], "2. Network Domain Association": [[12, "network-domain-association"]], "2. Network Segmentation Overview": [[7, "network-segmentation-overview"]], "2. Prerequisites": [[1, "prerequisites"]], "2. Site2Cloud Overview": [[11, "site2cloud-overview"]], "2. ThreatIQ Overview": [[5, "threatiq-overview"]], "2. Topology": [[9, "topology"]], "2. Validate": [[4, "validate"]], "2.1 Enable CostIQ": [[13, "enable-costiq"]], "2.1. Create Azure VNet": [[2, "create-azure-vnet"]], "3. AWS VPC": [[2, "aws-vpc"]], "3. Create Transit Peering": [[4, "create-transit-peering"]], "3. Edge: Connectivity Test": [[12, "edge-connectivity-test"]], "3. Getting Started with the labs": [[1, "getting-started-with-the-labs"]], "3. New York DC is the Shared Services": [[13, "new-york-dc-is-the-shared-services"]], "3. SSH to the EC2 instance in the Private Subnet": [[9, "ssh-to-the-ec2-instance-in-the-private-subnet"]], "3. Smart Groups Creation": [[3, "smart-groups-creation"]], "3. Topology": [[5, "topology"], [6, "topology"], [7, "topology"], [8, "topology"], [10, "topology"], [11, "topology"]], "3.1. Create AWS VPC": [[2, "create-aws-vpc"]], "3.1. Smart Group \u201cbu1\u201d": [[3, "smart-group-bu1"]], "3.2. Smart Group \u201cbu2\u201d": [[3, "smart-group-bu2"]], "3.2. Verify from AWS Console": [[2, "verify-from-aws-console"]], "3.3. Connectivity verification (ICMP)": [[3, "connectivity-verification-icmp"]], "3.4. Connectivity verification (SSH)": [[3, "connectivity-verification-ssh"]], "4. Access Information": [[1, "access-information"]], "4. Configuration": [[7, "configuration"], [10, "configuration"], [11, "configuration"]], "4. DCF Rules Creation": [[3, "dcf-rules-creation"]], "4. Edge: FlowIQ": [[12, "edge-flowiq"]], "4. Egress Control": [[9, "egress-control"]], "4. GCP VPC": [[2, "gcp-vpc"]], "4. High Performance Encryption Configuration": [[8, "high-performance-encryption-configuration"]], "4. IAC Summary": [[4, "iac-summary"]], "4. Initial configuration": [[6, "initial-configuration"]], "4. PSF": [[5, "psf"]], "4.1 Deploy the PSF": [[5, "deploy-the-psf"]], "4.1 Enable the Egress Control": [[9, "enable-the-egress-control"]], "4.1. Aviatrix Transit Gateways": [[6, "aviatrix-transit-gateways"], [7, "aviatrix-transit-gateways"]], "4.1. Azure Transit to Spoke Peering": [[10, "azure-transit-to-spoke-peering"]], "4.1. Build a Zero Trust Network Architecture": [[3, "build-a-zero-trust-network-architecture"]], "4.1. CoPilot View before starting": [[8, "copilot-view-before-starting"]], "4.1. Create GCP VPC": [[2, "create-gcp-vpc"]], "4.1. Site2Cloud Connection (Cloud to On-Prem)": [[11, "site2cloud-connection-cloud-to-on-prem"]], "4.1.1.Transit Gateway in AWS US-EAST-2": [[6, "transit-gateway-in-aws-us-east-2"]], "4.2 Inspect the Private RTB": [[9, "inspect-the-private-rtb"]], "4.2 Network Domains": [[7, "network-domains"]], "4.2 RTB verification": [[5, "rtb-verification"]], "4.2 Site2Cloud Connection - StrongSwan\u2019s configuration": [[11, "site2cloud-connection-strongswan-s-configuration"]], "4.2. Aviatrix Spoke Gateways": [[6, "aviatrix-spoke-gateways"]], "4.2. Create an intra-rule that allows ICMP inside bu1": [[3, "create-an-intra-rule-that-allows-icmp-inside-bu1"]], "4.2. Create an intra-rule that allows ICMP inside bu2": [[3, "create-an-intra-rule-that-allows-icmp-inside-bu2"]], "4.2. PAN Firewall Deployment": [[10, "pan-firewall-deployment"]], "4.2. Transit-Spoke Attachment": [[8, "transit-spoke-attachment"]], "4.2.1. Spoke Gateway in AWS": [[6, "spoke-gateway-in-aws"]], "4.2.2. Spoke Gateway in Azure": [[6, "spoke-gateway-in-azure"]], "4.2.3. Spoke Gateway in GCP": [[6, "spoke-gateway-in-gcp"]], "4.3 Generate Traffic": [[9, "generate-traffic"]], "4.3. CoPilot View after Transit-Spoke Attachment": [[8, "copilot-view-after-transit-spoke-attachment"]], "4.3. Explore the Cloud Fabric": [[6, "explore-the-cloud-fabric"]], "4.3. Firewall Configuration": [[10, "firewall-configuration"]], "4.4 Aviatrix Spoke to Transit Gateways Attachments": [[6, "aviatrix-spoke-to-transit-gateways-attachments"]], "4.4 Enable DCF": [[9, "enable-dcf"]], "4.4. Firewall Vendor Integration": [[10, "firewall-vendor-integration"]], "4.4. Transit Peerings Configuration": [[8, "transit-peerings-configuration"]], "4.4.1 Identify the subnet where the private workload resides": [[9, "identify-the-subnet-where-the-private-workload-resides"]], "4.4.1. Spoke to Transit Attachment in AWS": [[6, "spoke-to-transit-attachment-in-aws"]], "4.4.1. Transit Peerings Verification": [[8, "transit-peerings-verification"]], "4.4.2 Create an Ad-Hoc SmartGroup": [[9, "create-an-ad-hoc-smartgroup"]], "4.4.2 Spoke to Transit Attachment in Azure": [[6, "spoke-to-transit-attachment-in-azure"]], "4.4.3 Create a new Rule": [[9, "create-a-new-rule"]], "4.4.3. Spoke to Transit Attachment in GCP": [[6, "spoke-to-transit-attachment-in-gcp"]], "4.5. CoPilot Verification of Spoke-Transit Attachments": [[6, "copilot-verification-of-spoke-transit-attachments"]], "4.5. Verify Routes Installed on Firewall": [[10, "verify-routes-installed-on-firewall"]], "4.6. FireNet Policy": [[10, "firenet-policy"]], "4.6. Multicloud Transit Peerings": [[6, "multicloud-transit-peerings"]], "4.6.1. AWS and Azure": [[6, "aws-and-azure"]], "4.6.2 Azure and GCP": [[6, "azure-and-gcp"]], "4.6.3. GCP and AWS": [[6, "gcp-and-aws"]], "5. - Network Insights API": [[4, "network-insights-api"]], "5. A new SmartGroup for the Public Subnet": [[5, "a-new-smartgroup-for-the-public-subnet"]], "5. Edge: \u201cIt\u2019s more than a Spoke GW\u201d\u201d": [[12, "edge-it-s-more-than-a-spoke-gw"]], "5. Enforcement": [[5, "enforcement"]], "5. High Performance Encryption Verification": [[8, "high-performance-encryption-verification"]], "5. Lab Topology": [[1, "lab-topology"]], "5. S2C - Verification": [[11, "s2c-verification"]], "5. Verification": [[3, "verification"], [6, "verification"], [10, "verification"]], "5. Verification of Segment Attachments": [[7, "verification-of-segment-attachments"]], "5. ZTNA - Zero Trust Network Architecture": [[9, "ztna-zero-trust-network-architecture"]], "5.1 Create a New WebGroup": [[9, "create-a-new-webgroup"]], "5.1 Create an Ad-Hoc SmartGroup": [[5, "create-an-ad-hoc-smartgroup"]], "5.1 Edge: As-Path Prepend": [[12, "edge-as-path-prepend"]], "5.1 Generate traffic towards the \u201cBad Guy\u201d": [[5, "id1"]], "5.1. Automatic enforcement: \u201cforce-drop\u201d": [[5, "automatic-enforcement-force-drop"]], "5.1. CoPilot Verification": [[7, "copilot-verification"]], "5.1. CoPilot Verification of the VPC Peerings(Transit-Transit and Spoke-Transit)": [[8, "copilot-verification-of-the-vpc-peerings-transit-transit-and-spoke-transit"]], "5.1. Inside Azure": [[10, "inside-azure"]], "5.1. Verification of Transit Peerings on CoPilot(Cloud Fabric)": [[6, "verification-of-transit-peerings-on-copilot-cloud-fabric"]], "5.1. Verify SSH traffic from your laptop to bu1": [[3, "verify-ssh-traffic-from-your-laptop-to-bu1"]], "5.1.1 Launch connectivity test": [[10, "launch-connectivity-test"]], "5.2 Create a new Rule": [[5, "create-a-new-rule"]], "5.2 Generate traffic towards the \u201cBad Guy\u201d": [[5, "generate-traffic-towards-the-bad-guy"]], "5.2. Azure to GCP": [[10, "azure-to-gcp"]], "5.2. CoPilot Verification of HPE": [[8, "copilot-verification-of-hpe"]], "5.2. Verification of Transit Peerings on CoPilot (Topology)": [[6, "verification-of-transit-peerings-on-copilot-topology"]], "5.2. Verify ICMP within bu1 and from bu1 towards bu2": [[3, "verify-icmp-within-bu1-and-from-bu1-towards-bu2"]], "5.3. Route Info DB": [[6, "route-info-db"]], "5.3. Verify SSH within bu1": [[3, "verify-ssh-within-bu1"]], "5.4. Add a rule that allows SSH in bu1": [[3, "add-a-rule-that-allows-ssh-in-bu1"]], "5.4. Connectivity": [[6, "connectivity"]], "5.4. SSH to VM in bu2": [[3, "ssh-to-vm-in-bu2"]], "5.5. Verify ICMP traffic within bu2": [[3, "verify-icmp-traffic-within-bu2"]], "5.6. Inter-rule from bu2 to bu1": [[3, "inter-rule-from-bu2-to-bu1"]], "6. ActiveMesh": [[8, "activemesh"]], "6. Connection Policy": [[7, "connection-policy"]], "6. CostIQ": [[5, "costiq"]], "6. East-1 and the Multi-Tier Transit": [[3, "east-1-and-the-multi-tier-transit"]], "6. Edit the Egress-Rule": [[9, "edit-the-egress-rule"]], "6.1 Activation of the MTT": [[3, "activation-of-the-mtt"]], "6.1 Apply a change on an existing rule": [[9, "apply-a-change-on-an-existing-rule"]], "6.1. CoPilot Verification of ActiveMesh": [[8, "copilot-verification-of-activemesh"]], "6.1. Verification of Connection Policy": [[7, "verification-of-connection-policy"]], "6.1.1 Test the modified rule": [[9, "test-the-modified-rule"]], "6.2 Smart Group \u201ceast1\u201d": [[3, "smart-group-east1"]], "6.2. Connectivity test of ActiveMesh (Pt.1)": [[8, "connectivity-test-of-activemesh-pt-1"]], "6.2.1 Enable Segmentation": [[8, "enable-segmentation"]], "6.2.2. Associate Aviatrix Spoke to the Network Domain": [[8, "associate-aviatrix-spoke-to-the-network-domain"]], "6.3 Create an inter-rule that allows ICMP from bu2 towards east1": [[3, "create-an-inter-rule-that-allows-icmp-from-bu2-towards-east1"]], "6.3. Connectivity test of ActiveMesh (Pt.2)": [[8, "connectivity-test-of-activemesh-pt-2"]], "6.4 Verify connectivity between bu2 and east1": [[3, "verify-connectivity-between-bu2-and-east1"]], "7. FlightPath": [[8, "flightpath"]], "7. IDS": [[9, "ids"]], "7. Spoke to Spoke Attachment": [[3, "spoke-to-spoke-attachment"]], "7.1 Create a New Rule": [[9, "id1"]], "7.1 Creating a Spoke to Spoke Attachment": [[3, "creating-a-spoke-to-spoke-attachment"]], "7.2 Prepare the simulator": [[9, "prepare-the-simulator"]], "7.3 Test the New Rule and the IDS feature": [[9, "test-the-new-rule-and-the-ids-feature"]], "Bonus questions": [[8, "bonus-questions"]], "Description": [[4, "description"], [4, "id3"]], "Expected Results": [[4, "expected-results"], [4, "id2"]], "Gateway Keepalive Templates": [[8, "gateway-keepalive-templates"]], "LOGOS-ICONS": [[14, null]], "Lab 1 - VPCs/VNets CREATION": [[2, null]], "Lab 10 - DISTRIBUTED CLOUD FIREWALL": [[3, null]], "Lab 11 - IAC & NETWORK INSIGHTS API": [[4, null]], "Lab 2 - TRANSIT NETWORKING": [[6, null]], "Lab 3 - NETWORK SEGMENTATION": [[7, null]], "Lab 4 - HPE WITH ACTIVE MESH": [[8, null]], "Lab 5 - CLOUD PERIMETER SECURITY (Secure Cloud Egress)": [[9, null]], "Lab 6 - FIRENET": [[10, null]], "Lab 7 - SITE2CLOUD": [[11, null]], "Lab 8 - SECURE HIGH-PERFORMANCE DATACENTER EDGE": [[12, null]], "Lab 9 - COSTIQ": [[13, null]], "Lab 9 - THREATIQ & COSTIQ": [[5, null]], "Link": [[15, "link"]], "PDFs": [[0, null]], "POD Portal": [[15, null]], "Transitive Routing": [[8, "transitive-routing"]], "Validate": [[4, "id1"], [4, "id4"]], "Welcome to ACE Professional Lab": [[1, null]]}, "docnames": ["docs/PDFs", "docs/home", "docs/lab1", "docs/lab10", "docs/lab11", "docs/lab12", "docs/lab2", "docs/lab3", "docs/lab4", "docs/lab5", "docs/lab6", "docs/lab7", "docs/lab8", "docs/lab9", "docs/logos-icons", "docs/pod"], "envversion": {"sphinx": 62, "sphinx.domains.c": 3, "sphinx.domains.changeset": 1, "sphinx.domains.citation": 1, "sphinx.domains.cpp": 9, "sphinx.domains.index": 1, "sphinx.domains.javascript": 3, "sphinx.domains.math": 2, "sphinx.domains.python": 4, "sphinx.domains.rst": 2, "sphinx.domains.std": 2, "sphinx.ext.intersphinx": 1}, "filenames": ["docs/PDFs.md", "docs/home.md", "docs/lab1.md", "docs/lab10.md", "docs/lab11.md", "docs/lab12.md", "docs/lab2.md", "docs/lab3.md", "docs/lab4.md", "docs/lab5.md", "docs/lab6.md", "docs/lab7.md", "docs/lab8.md", "docs/lab9.md", "docs/logos-icons.md", "docs/pod.md"], "indexentries": {}, "objects": {}, "objnames": {}, "objtypes": {}, "terms": {"": [2, 3, 4, 5, 6, 8, 9, 10, 13], "0": [2, 3, 4, 5, 8, 9, 10, 11, 12, 13], "0xtf": 9, "10": [2, 5, 8, 9, 10, 12, 13], "100": [8, 11, 12], "105": 1, "12": [2, 3, 5], "129": 10, "149": 8, "15": 10, "16": [1, 2, 5, 8, 10, 11, 12, 13], "168": [2, 3, 10, 11], "172": [2, 8, 11, 12], "1918": [8, 9, 10], "192": [2, 3, 10, 11], "1a": [5, 8], "1b": 8, "1x": 6, "20": [6, 10], "200": 11, "22": [1, 2, 3], "225": 12, "23": 3, "24": [2, 5, 8, 11, 12], "26": 6, "27": 9, "28": 5, "2a": [6, 9], "2x": [2, 6], "30": [8, 12], "32": 5, "3x": 6, "40": [5, 13], "443": 8, "5": 2, "50": 3, "53": [9, 10], "6": [4, 12], "60": 5, "63": [1, 10], "64512": 3, "64513": 12, "64514": 12, "64515": 3, "7": [1, 10], "71": 1, "8": [1, 3, 5, 11], "9": [1, 4, 10], "A": 8, "AS": [3, 12], "As": [2, 6, 8], "At": [1, 3, 6, 7, 8, 9, 10], "Be": [6, 8, 11], "By": [1, 4, 5], "For": [6, 11, 12], "If": [1, 3, 5, 6, 8, 9, 10, 12, 13], "In": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12], "It": [2, 3, 6, 8], "Its": 11, "NOT": [2, 3, 6, 8, 9], "No": [3, 5, 9, 12], "ON": [9, 10, 11], "OR": 3, "Of": [9, 12], "On": [3, 4, 5, 6, 8, 9, 10, 12], "TO": [3, 8], "The": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12], "Then": [2, 3, 5, 6, 7, 8, 9, 10, 11, 12], "There": 12, "These": [1, 4, 5, 6, 8], "To": [1, 3, 6, 8], "With": [4, 9], "abl": [1, 3, 6, 7, 8, 9, 10], "about": [2, 4, 5, 8, 10, 11, 12], "abov": [3, 4, 5, 6], "absenc": [3, 9], "absolut": [5, 13], "ac": 0, "access": [7, 10, 12, 15], "accomplish": [10, 12], "accord": 3, "account": [2, 5, 6], "achiev": [3, 8, 11], "across": [3, 7], "action": [3, 5, 6, 8, 9, 10, 11, 13], "activ": [4, 9, 10, 11], "activemesh": [0, 1], "actual": 8, "ad": [3, 4], "add": [5, 9, 10, 11], "addit": [1, 2, 3, 5, 6, 8, 9, 10, 12], "addition": 6, "addr": 10, "address": [5, 6, 9, 10, 11, 12], "adjust": 6, "admin": [2, 10], "administr": 12, "adopt": 3, "advanc": 3, "advertis": [5, 12, 13], "affect": 3, "aforement": [5, 9, 13], "aft": 3, "after": [3, 4, 5, 6, 7, 9, 10, 11, 12, 13], "afternoon": 1, "afterward": [2, 5, 6, 9, 12], "again": [2, 3, 4, 5, 6, 8, 9, 10, 12], "aggress": 6, "aid": 1, "aka": [1, 3, 7, 8, 10], "akin": 6, "alert": 5, "algorithm": 8, "alia": 5, "aliv": 8, "all": [2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13], "alloc": [3, 6], "allow": [4, 9, 10, 12], "almost": [2, 9, 10], "along": [8, 12], "alreadi": [3, 4, 6, 10, 11, 12], "also": [2, 3, 4, 5, 8, 9, 12], "alt": 4, "altern": [2, 9], "although": [3, 10, 12], "alto": [1, 10], "alwai": [2, 3, 6, 7], "among": [3, 6, 7], "an": [1, 2, 4, 6, 8, 10, 11, 12], "ani": [3, 5, 6, 8, 9, 10, 11, 12, 13], "anoth": [3, 4, 5, 11, 12], "anyth": 9, "anywher": [3, 9, 10], "api": [0, 1, 10], "app": 4, "appear": 6, "appiq": 8, "appli": [3, 4, 5, 7, 8, 10, 12], "applic": [2, 5, 13], "approach": 9, "appropri": [7, 8], "approv": 4, "approxim": 3, "apt": 12, "ar": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12], "arc": 7, "architectur": [6, 7], "arrow": [3, 5, 9], "ask": [1, 3, 9, 12], "asn": [3, 12], "assess": 4, "asset": [2, 5, 9], "assign": [2, 3, 8, 10, 11], "assocci": 12, "associ": [5, 7, 9, 10, 13], "assum": 2, "attach": [1, 2, 5, 10], "attachemnt": 12, "attack": 9, "attempt": [8, 9], "attent": [1, 6], "attribut": 12, "authent": 10, "authet": 11, "author": [4, 9], "auto": [4, 8, 10], "autom": 4, "automat": [8, 9, 10, 11], "avail": [1, 2, 4, 5, 6, 8, 9, 11, 12], "aviatrix": [1, 2, 3, 4, 5, 9, 10, 11, 12, 14], "aviatrixlab": 11, "aviatrixsystem": 4, "avod": 3, "avx": 10, "avxadmin": 10, "aw": [1, 3, 4, 5, 7, 8, 9, 12, 13], "awai": 12, "az": [2, 5, 6, 8, 9, 10], "azur": [1, 3, 5, 7, 8, 13], "back": [2, 4, 5, 6, 8, 10, 11, 12], "backbon": 7, "backup": 12, "bar": [2, 10], "base": [3, 4, 5, 6, 8, 9, 10, 11, 12, 13], "bash": 11, "beahvior": 3, "bear": [2, 3, 6, 12], "becaus": [3, 5, 7, 8, 9, 10, 12], "becom": 8, "been": [3, 5, 6, 9, 10, 12, 13], "befor": [1, 2, 3, 5, 6, 9, 10, 11, 12], "begin": [2, 6, 9, 10], "behaviour": 9, "being": [6, 9, 10, 12], "belong": [3, 5, 9, 13], "below": [2, 3, 5, 6, 7, 8, 10, 11, 12, 15], "besid": 9, "best": [6, 12], "better": [8, 9], "between": [4, 6, 7, 8, 10, 11], "bgp": [3, 5, 12, 13], "bgpoverlan": [11, 12], "bidirect": [6, 7], "bill": [5, 13], "bit": [2, 12], "block": [2, 4, 5, 9], "blown": [1, 3, 4, 10], "blue": [3, 7], "bootcamp": 1, "bootstrap": [1, 10], "border": [3, 12], "both": [2, 3, 5, 6, 8, 9, 10, 12, 13], "bottom": [5, 6, 9], "branch": [7, 10, 11], "bring": 8, "browser": [1, 10], "build": [4, 6, 11], "bunch": 12, "bundl": 10, "busi": 8, "button": [2, 3, 4, 5, 6, 8, 9, 10, 11, 12, 13], "c6in": 6, "call": [1, 3, 5, 10], "can": [2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 15], "candid": 9, "cannot": 1, "capabl": [3, 8, 12], "care": 10, "carri": [3, 8], "case": 1, "cat": 11, "caus": [4, 9], "cd": 4, "center": [5, 13], "central": [2, 6, 12], "central1": [3, 5, 6, 7, 10, 11, 12, 13], "centralis": 6, "certif": 10, "cfg": 11, "challeng": 8, "chang": [2, 3, 4, 5, 6, 8, 11, 12], "channel": 10, "check": [0, 2, 3, 6, 8, 9, 11, 12], "checkbox": 3, "chmod": 9, "choos": [3, 5, 8, 9, 10, 11], "chose": 5, "chrome": 1, "cidr": [2, 5, 9, 11, 12, 13], "circl": 6, "class": 1, "classic": 12, "classifi": [3, 5], "clean": 2, "clearli": [3, 6, 9], "click": [0, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15], "client": [1, 5, 8, 9, 12, 13], "clipboard": 4, "close": [4, 6, 12], "cloud": [0, 1, 2, 5, 7, 8, 10, 12, 13], "cluster": [6, 8, 12], "code": [4, 15], "collaps": 6, "color": [2, 7], "column": 5, "com": [9, 11], "comfort": 1, "command": [4, 5, 8, 9, 11, 12], "commit": [3, 5, 6, 9, 10], "commun": [3, 6, 7, 8, 10], "compar": 4, "complement": 4, "complet": [2, 3, 5, 6, 10, 11, 12], "complianc": 8, "compon": [3, 6], "compris": 6, "compromis": 12, "condit": [3, 5, 9], "conf": 11, "config": 8, "configur": [1, 2, 3, 4, 5, 9, 12], "confirm": [2, 3, 5, 6, 8, 10, 12], "conflict": 2, "congratul": 4, "connect": [4, 9], "consid": 12, "consol": [6, 8, 11], "construct": [1, 2, 8], "consum": [6, 9], "contact": [9, 10], "contain": [3, 4], "content": [4, 11], "continu": [2, 5, 9, 10], "control": [2, 3, 4, 8, 10, 11, 12, 14], "converg": 8, "coonfigur": 11, "copi": [4, 5, 9, 11], "copilot": [1, 2, 3, 4, 5, 9, 10, 11, 12, 13, 14], "core": 7, "corner": [2, 6, 8, 10], "corpor": 1, "correct": 9, "correctli": 12, "correspon": [5, 13], "correspond": [3, 4, 5, 6, 9, 10], "cost": [5, 9, 13], "costiq": [0, 1], "could": [6, 8, 9, 11], "cours": [9, 12], "cover": 1, "creat": [6, 7, 8, 10, 11, 12, 13], "creation": [1, 6, 7, 9, 10, 11, 12], "credenti": [2, 4, 8, 10, 12], "criteria": 5, "critic": 3, "csp": [3, 7, 9, 11], "ctrl": 4, "cumbersom": 6, "curl": [5, 9], "current": [3, 9, 10], "custom": [1, 7, 10], "customis": 7, "dai": 1, "dash": [6, 8], "dashboard": [6, 10], "data": [3, 4, 5, 9, 12], "databas": 5, "db": 12, "dc": [5, 6, 11, 12], "dcf": [5, 10], "deafultthreatgroup": 5, "decis": [4, 9, 12], "declar": 4, "decrypt": 3, "dedic": 1, "deem": 5, "default": [2, 3, 5, 6, 8, 9, 10, 11, 12], "defaultdenyal": [9, 10], "defin": [2, 3, 5, 7, 10, 12, 13], "delet": [3, 5, 9], "deliv": 12, "demonstr": [3, 5, 8, 9, 13], "deni": [3, 9, 10], "depend": 8, "depict": [2, 6, 7, 8, 11, 12], "deploi": [1, 2, 3, 4, 6, 10, 11, 12], "deploy": [2, 4, 5, 6, 11], "describ": 12, "design": [0, 1, 6, 14], "desir": [4, 7], "desktop": [1, 4, 12], "despit": 3, "destin": [3, 5, 8, 9, 10, 12], "detail": 8, "detect": 9, "determin": 5, "determinist": 8, "devic": [4, 11, 12], "diagnost": [5, 8, 11, 12, 13], "dictat": 6, "didn": 8, "differ": [2, 5, 6, 7, 8], "difficult": 6, "dig": 11, "direct": [3, 6], "directli": [3, 4, 7, 8], "directori": 4, "disabl": 8, "discov": [3, 5, 13], "dismiss": 10, "displai": 8, "disrupt": [8, 9], "distinct": 3, "distribut": [0, 1, 5, 9, 10], "dn": [6, 9, 10, 11], "do": [2, 3, 4, 5, 6, 7, 8, 9, 10, 12], "doc": 4, "document": 1, "doe": [1, 3, 4, 6, 8, 10, 11], "doesn": 10, "domain": [3, 9, 10], "don": [3, 6, 8], "done": 8, "dot": [5, 6, 9, 10, 12, 13], "down": [1, 2, 3, 5, 6, 7, 8, 9, 10, 12], "download": [0, 4, 8], "draft": [3, 5, 9, 10], "draw": [3, 11], "driven": [4, 11], "drop": [2, 3, 6, 8, 9, 10, 12], "due": [3, 9, 10, 11, 12], "dure": 3, "dynam": [3, 6], "e": [1, 2, 3, 6, 7, 9, 10, 11, 12], "each": [1, 2, 3, 6, 7, 8, 10, 11, 12], "earli": 10, "earlier": [8, 10, 12], "eas": 7, "easi": 11, "easili": 4, "east": [1, 4, 5, 7, 8, 9, 10, 12, 13], "east1": [5, 8], "east2": [3, 6, 8, 9], "ec2": [3, 5, 6, 8, 12], "echo": 3, "edg": [0, 1, 4, 5, 6, 11, 13], "edit": [5, 6, 7, 8, 10, 11, 12], "editig": 11, "effect": 9, "egress": [1, 3, 10], "eight": 2, "either": [6, 7, 11], "element": [4, 6], "email": 5, "embrac": 10, "employe": 1, "empti": [3, 5, 9, 12], "emul": 11, "enabl": [3, 4, 5, 7, 10, 12], "encompas": 3, "encrypt": [0, 1, 6, 11, 12], "end": [0, 1, 2, 5, 7, 8, 9, 10, 11, 12], "enforc": [3, 9, 10], "engin": 8, "eni": 8, "ensur": [3, 5, 6, 9], "enter": [3, 4, 5, 6, 8, 9, 10, 12], "enterpris": [3, 6, 7, 8], "entir": 8, "entri": [5, 9, 10], "environ": [3, 4, 6, 7, 9], "eod": 0, "equal": 12, "error": 10, "espn": 9, "essenti": 9, "establish": [3, 4, 6, 9, 11, 12], "etc": 11, "ethernet1": 10, "etho": 12, "evalu": 9, "even": 10, "everyth": [3, 9], "evid": 3, "exact": 6, "exactli": 12, "exampl": [2, 11], "exchang": 12, "exclud": 3, "exclus": 9, "execut": [3, 4, 9, 12], "exercis": [0, 4], "exist": [2, 3, 6, 10, 11, 12], "expand": [2, 3, 6, 8, 11, 12], "experi": [5, 6, 8, 10], "explicit": [3, 9], "explicitli": 4, "explor": [2, 4, 7, 9, 12], "export": 12, "extend": [7, 12], "extern": 11, "fabric": [3, 5, 7, 8, 9, 10, 11, 12], "facilit": 10, "fact": [3, 9], "fail": [3, 5, 8], "familiaris": 2, "far": 12, "fast": 8, "featur": [3, 7, 8, 11, 12], "fetch": 6, "few": 4, "field": [2, 3, 5, 9, 10, 11, 12], "fifteen": 6, "figur": 6, "file": [4, 10, 11], "fill": [8, 12], "filter": [2, 3, 5, 8, 9, 10, 11, 12], "final": [2, 3, 5, 6, 7, 8, 9, 10, 12, 13], "find": [4, 5, 6, 8, 9, 13], "finish": 4, "firefox": 1, "firenet": [1, 2], "firewal": [0, 1, 5, 7, 9, 11], "first": [3, 4, 5, 8, 9, 10, 11, 12], "flag": 3, "flat": [3, 7], "flexibl": 3, "flow": [8, 10, 12], "flowiq": [5, 8], "folder": [4, 10], "follow": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13], "footbal": 9, "foremost": [3, 5, 9, 12], "forget": [3, 5, 6, 8, 9, 10, 12], "format": 8, "forward": 8, "found": 9, "four": 2, "frequent": [5, 6], "fresh": 1, "fridai": [0, 1], "from": [1, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13], "full": [1, 3, 4, 6, 9, 10, 12], "function": [1, 2, 3, 8, 9, 10, 12], "furthermor": 9, "fw": 10, "g": 1, "garden": 8, "gatewai": [1, 2, 3, 4, 5, 9, 10, 11, 12, 14], "gather": 9, "gcp": [3, 5, 7, 8, 11, 12, 13], "gener": [3, 4, 8, 10], "get": [2, 5, 6, 8, 9, 10, 13], "githubusercont": 9, "give": [6, 12], "given": 1, "global": [2, 4, 5, 6], "go": [2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13], "goe": 8, "good": 9, "googl": 9, "got": [2, 3, 12], "grafana": 4, "granular": 9, "grayedout": 12, "green": [2, 3, 7, 8, 10, 11, 12], "greendfield": 9, "greenfield": [3, 5, 9, 10], "grei": [6, 10, 11], "group": [5, 7, 8, 9], "guarante": 9, "guid": [4, 6], "gw": [3, 6, 7, 8, 9, 10, 11], "ha": [2, 3, 4, 5, 6, 8, 9, 10, 12], "had": 10, "hand": [2, 3, 5, 6, 8, 9, 10, 12], "handl": 10, "happen": 6, "har": 12, "hardwar": 4, "have": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13], "heal": 8, "health": [6, 8], "help": [7, 8, 9], "henc": 10, "here": [2, 4, 7, 8, 11, 12], "hidden": [4, 5], "high": [0, 1, 6], "highest": 12, "highlight": 7, "hit": [2, 9, 10], "hoc": 3, "home": 4, "hop": [8, 12], "host": [4, 9, 11], "hour": 5, "hourglass": 2, "hover": 7, "how": [3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13], "howev": [3, 6, 9], "hpe": 6, "http": [4, 5, 9, 10], "hub": [3, 6, 7], "huge": 8, "hybrid": [8, 12], "hyperlink": 10, "i": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12], "iac": [0, 1], "icmp": 11, "icon": [2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13], "id": [3, 6], "identifi": [4, 5, 11], "igw": [2, 5, 9], "ikev2": 11, "imag": 10, "immedi": [2, 4, 5, 6, 9, 10, 11, 13], "impact": [3, 9], "implement": 7, "improv": 9, "inadvert": 9, "includ": [1, 6, 10, 14], "increasingli": 6, "inde": [6, 12], "indic": [6, 9, 10], "individu": 4, "inetutil": 12, "info": [2, 5, 7, 8, 10, 12, 13], "inform": [2, 4, 6, 8, 9], "infrastructur": [4, 6], "ingress": 10, "init": 4, "initi": [1, 3, 4, 5, 9, 10, 11], "inject": 9, "inner": 6, "input": 8, "insan": [1, 8], "insert": [2, 3, 4, 5, 9, 10, 12], "insid": [1, 2, 4, 5, 6, 9, 12], "insight": [1, 5, 9, 13], "inspect": [3, 5, 7, 10, 12], "instal": [1, 3, 9, 12], "instanc": [1, 3, 5, 6, 7, 8, 10, 11, 12], "instant": 9, "instanti": [6, 8], "instead": 11, "instructor": 5, "integr": 4, "intellig": 8, "intend": 1, "interconnect": 12, "interfac": [2, 4, 8, 10, 12], "internet": [2, 9, 10, 11], "interrupt": 8, "interv": 6, "introduc": 10, "introduct": 0, "intrus": 9, "invalid": 10, "investig": [3, 4], "invis": 9, "invok": [2, 8], "involv": [3, 11, 12], "io": 4, "ip": [1, 3, 5, 6, 7, 9, 10, 11, 12], "ipsec": [6, 11], "island": 4, "issu": [5, 9, 11], "its": [3, 5, 6, 8, 9, 10, 11, 12], "just": [2, 3, 6, 8, 10, 12], "keep": [8, 11], "kei": [3, 4, 10, 11], "kept": [3, 5, 13], "keyboard": [4, 12], "kibibyt": 12, "kind": [3, 8, 9, 10, 12], "kindli": 5, "knob": [3, 8, 9, 10, 12], "know": [4, 5, 9, 10], "knowledg": 0, "known": [5, 6, 8, 9], "lab11": 4, "lab6": 10, "lab7": 11, "lab8": 11, "lan": [11, 12], "land": 12, "laptop": [1, 9, 11], "larg": [6, 8], "larger": 4, "last": [3, 5, 8, 9], "latenc": 8, "later": [1, 7, 10], "latest": 4, "launch": [8, 9, 11, 12], "layer": [7, 9], "learn": [1, 5, 10, 12, 13], "least": [8, 9], "legend": 6, "length": 12, "less": 4, "lesson": 4, "let": [0, 2, 3, 4, 5, 8, 9, 11, 12, 13], "leverag": 3, "like": [3, 5, 6, 7, 8, 9, 10, 11, 12, 13], "likewis": [1, 3, 6, 7], "line": [4, 6, 8, 12], "link": [0, 8, 14], "list": [2, 3, 5, 6, 9, 10, 12], "littl": [2, 12], "live": [4, 9], "load": 10, "local": [3, 5, 9, 11, 12, 13], "locat": [3, 4, 6], "lock": 3, "log": [2, 3, 4, 5, 9, 10], "logic": [3, 7, 8], "login": [2, 4, 8, 10], "logo": 6, "long": 10, "look": [3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13], "lose": 4, "lost": 6, "lot": [4, 10], "love": 4, "lower": 3, "lunch": 4, "lx": 12, "lxtermin": 4, "mac": 4, "machin": [4, 5, 6, 9], "magic": 10, "mai": [1, 5, 6, 8, 10, 12], "main": 4, "maintain": [4, 5, 6], "major": 6, "make": [2, 4, 5, 6, 8, 9, 10], "malici": [1, 5, 9], "manag": [3, 6, 10, 11, 12], "mani": 5, "manifest": 4, "manipul": [10, 12], "manner": 11, "manual": [6, 11], "map": [2, 6, 10, 11, 12], "marketplac": 10, "master": 9, "match": [3, 10], "maximum": [6, 10], "mayb": 10, "mc": 4, "mcna": [0, 1, 3, 12], "mean": [4, 9, 10, 12], "meanwhil": 6, "mechan": 12, "medium": [5, 6, 8], "meet": 5, "mention": 1, "menu": [4, 7, 12], "mesh": [3, 4, 6], "messag": [2, 6, 9, 10, 12], "metadata": 5, "method": [3, 11], "metric": [3, 6, 8], "mgmt": 10, "micro": 4, "middl": 10, "might": [5, 6, 8, 10], "mind": [2, 3, 6, 8, 12], "minut": [2, 3, 4, 5, 6, 8, 10, 11, 12], "misconfigur": 6, "mod01": 0, "mod02": 0, "mod03": 0, "mod04": 0, "mod05": 0, "mod06": 0, "mod07": 0, "mod08": 0, "mod09": 0, "mod10": 0, "mod11": 0, "mod12": 0, "mod13": 0, "mod14": 0, "mod15": 0, "mod16": 0, "mod17": 0, "mode": [1, 8, 9], "modifi": [3, 8], "modul": 4, "monitor": [2, 3, 5, 6, 8, 9, 10, 12], "more": [3, 4, 5, 8], "moreov": [2, 6, 9, 10], "move": [4, 5, 9, 13], "much": 12, "multi": [1, 6, 10, 12], "multicloud": [1, 4, 7], "multipl": [6, 12], "must": [1, 6, 10], "n": [5, 8], "n1": 6, "nacl": 8, "name": [2, 3, 4, 5, 6, 8, 9, 10, 11, 12], "namespac": 4, "nat": [3, 9, 11], "nativ": [6, 8, 9], "navig": [2, 4, 5, 6, 10], "nearbi": 3, "need": [4, 5, 6, 8, 9, 10, 11, 12], "neither": 7, "netflow": [5, 9, 12], "network": [0, 1, 11], "networkinsight": 0, "never": 3, "nevertheless": [9, 12], "new": [3, 4, 6, 7, 8, 10, 11, 12], "newli": 4, "next": [4, 5, 6, 8, 10], "ngfw": [3, 10], "nine": [6, 8], "node": 7, "non": [8, 9], "north": 10, "note": [3, 5, 10], "notic": [1, 2, 3, 4, 5, 6, 8, 9, 10, 11, 12], "notif": [2, 5, 12], "notifi": 12, "now": [3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13], "nslookup": 11, "number": [3, 6, 8, 11, 12], "o": [9, 11], "observ": [2, 9], "occur": [3, 7], "off": [3, 6, 8, 9, 12], "offici": 4, "ohio": 6, "ok": [3, 11], "onboard": 7, "onc": [2, 3, 4, 5, 6, 8, 10, 12], "one": [1, 2, 3, 5, 6, 8, 9, 10, 11, 12, 13], "onli": [3, 6, 7, 9, 10], "onprem": 11, "onprempartn": 11, "onward": 5, "open": [2, 3, 4, 6, 7, 12], "oper": 12, "opposit": 6, "optim": 9, "option": [5, 7, 9, 11, 12], "orchestr": [3, 10, 12], "order": [5, 6, 7, 8, 9, 10, 12], "oregon": 2, "org": 9, "other": [1, 3, 4, 6, 7, 8, 9, 10, 11], "otherwis": 1, "our": 4, "out": [3, 4, 5, 6, 8, 9, 11, 12, 13], "outboud": 1, "outcom": [3, 5, 8, 9, 10, 12], "outer": 6, "output": 9, "over": [4, 7, 11, 12], "overal": [3, 5, 6, 7, 8, 9, 10, 11, 12, 13], "overcom": 8, "overlap": [1, 2, 11], "overview": [8, 9, 12, 13], "own": [9, 12], "owner": 3, "pacif": 1, "packag": [1, 10, 12], "packet": 9, "page": [2, 4, 6, 8, 10], "pai": [1, 6], "pair": [6, 8], "palo": [1, 10], "paloalto": 10, "panel": 2, "parament": 10, "paramet": [3, 5, 6, 9, 10], "particular": 1, "partner": [1, 7, 10, 11], "partner1": 11, "pass": 10, "password": [2, 9, 10, 12], "past": [4, 10], "path": [3, 8, 9], "patient": [2, 6, 8, 10, 11], "pc": 1, "pdf": 8, "peer": [3, 12], "pencil": [5, 6, 7, 8, 9, 10], "pend": [6, 8], "per": [2, 6], "perfect": 4, "perfectli": 3, "perform": [0, 1, 6, 9], "period": [2, 5, 9], "permit": [1, 3, 5, 9, 10], "person": [1, 2, 3, 4, 5, 6, 11, 12, 15], "perspect": 12, "pictur": 15, "ping": [3, 5, 6, 7, 8, 10, 11, 12, 13], "pinpoint": [5, 9], "place": [3, 9, 11], "plan": 4, "plane": [3, 9, 12], "platform": [4, 6, 10], "pleas": [0, 1, 2, 3, 5, 6, 8, 10, 11, 12], "pod": [1, 2, 3, 4, 6, 7, 8, 9, 10, 11, 12], "point": [2, 3, 5, 6, 7, 8, 9], "polici": 3, "pop": [2, 3, 5, 6, 9, 10, 12], "popul": 10, "port": [1, 3, 8, 9, 10], "portal": [1, 2, 3, 4, 6, 9, 10, 11, 12], "possibl": [3, 9, 10], "postur": 9, "potenti": 9, "power": [6, 12], "practic": 6, "pre": [1, 6, 8, 10, 11], "preconfigur": 11, "prefer": [3, 12], "prefix": [6, 10], "prem": [6, 8, 10, 12], "premis": [7, 11], "prepar": [1, 4, 10], "prepend": 5, "preprovis": 6, "presenc": [6, 9, 10, 11, 12], "present": [3, 10], "press": 4, "prevent": 3, "preview": 3, "previou": [3, 4, 6, 8], "previous": [2, 4, 5, 8, 9, 12], "primari": 12, "privat": [2, 3, 6, 7, 8, 10, 11, 12], "proce": [3, 6, 9, 12], "proceed": [5, 6, 8], "process": [1, 4, 6, 12], "product": 6, "prof": 0, "program": [8, 10], "progress": [2, 5, 6, 10], "prometheu": 4, "prompt": [4, 10], "proofpoint": 5, "properli": 3, "properti": [6, 8], "propos": 4, "protect": 5, "protocol": [3, 5, 8, 9, 10, 12], "provid": [1, 4, 5, 6, 8, 9], "provis": [6, 10, 12], "psk": 11, "public": [2, 3, 6, 8, 9, 10, 11, 12], "public_ip": [6, 7], "publlic": 9, "pull": 7, "purpos": [2, 9], "pwd": 9, "queri": 9, "quickli": 4, "quit": 3, "rang": [2, 9], "rate": [4, 12], "rather": 4, "raw": 9, "rbac": 0, "reach": [3, 9, 11, 12], "reachabl": [3, 7, 8], "read": 5, "readi": [10, 12], "real": 11, "reason": 3, "receiv": [4, 5, 10], "recipi": 5, "recommend": [3, 6], "reconverg": 8, "recreat": 10, "recurs": [8, 11], "red": [8, 10, 11], "reduc": 9, "redund": 12, "refer": [2, 3, 4, 5, 6, 7, 8, 9, 10, 11], "reflect": [2, 3, 6, 8, 11], "refresh": [2, 5, 6, 8, 9, 10, 11, 12], "regard": 12, "region": [1, 2, 3, 5, 6, 8, 12], "regist": 12, "registri": 4, "regularli": 5, "rel": [5, 13], "relat": [3, 10, 12], "relaunch": [3, 8, 12], "relev": [3, 7], "reli": [5, 6], "remain": [5, 8, 9, 13], "rememb": 10, "remot": [4, 11, 12], "remov": [0, 5, 8, 9], "repeat": [3, 5, 6, 8, 12, 13], "replac": [9, 11], "replace_with_spoke_gw_public_ip": 11, "repli": 3, "report": [5, 8], "repres": [6, 7, 9], "reput": 5, "request": 9, "requir": [3, 4, 5, 7, 8, 10, 13], "rerout": 9, "resid": [5, 6, 8], "resili": 8, "resolv": 11, "resourc": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11], "respect": [6, 7, 8], "respons": 10, "rest": [3, 6, 12], "restart": 8, "restor": 2, "restrict": [1, 7], "result": [2, 6], "retest": [7, 8], "retriev": [6, 9, 10, 11], "return": 10, "reveal": 12, "reverifi": 8, "rfc": [8, 9, 10], "rfc1918": [8, 9, 10], "rib": 6, "rid": 10, "righ": 3, "right": [1, 2, 3, 5, 6, 8, 9, 10, 12], "root": 9, "roughli": 10, "rout": [2, 3, 5, 7, 9, 11, 12, 13], "router": [1, 10, 11, 12], "row": [5, 10], "rtb": 8, "rule": 10, "run": [4, 5, 6, 8, 11, 12, 13], "safari": 1, "sake": 6, "same": [2, 3, 4, 5, 6, 8, 9, 10, 12], "save": [2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12], "scalabl": 8, "scale": 10, "scenario": [9, 11], "scope": 1, "scratch": 11, "screen": [10, 11, 12], "screenshot": [2, 5, 6, 8], "script": 11, "scroll": [8, 12], "sd": 12, "sdn": 12, "search": [2, 3, 5, 8, 9, 11, 12], "second": [6, 8, 10, 12], "section": [2, 3, 4, 5, 6, 8, 10, 11, 12], "secur": [0, 1, 3, 4, 5, 7, 8, 10], "see": [2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13], "seem": 12, "segment": [0, 1, 10, 12], "segreg": 7, "select": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 12, 13], "self": 10, "semplic": 6, "send": 5, "sens": 3, "sent": 3, "separ": [1, 3, 8], "seri": [1, 10], "server": [4, 6, 9], "servic": [2, 3, 5, 8, 9], "session": [4, 8, 10, 11], "set": [3, 4, 5, 6, 8, 10, 11, 12], "sever": [3, 6], "sg": [3, 5, 9], "sh": 11, "share": [1, 5, 10, 11], "shift": 4, "should": [1, 3, 4, 5, 6, 9, 10, 13], "show": [3, 4, 5, 6, 8, 9, 10, 12, 13], "shown": [2, 5, 6, 7, 10], "shut": 8, "side": [2, 3, 5, 6, 8, 9, 10, 11, 12], "sidebar": 4, "sign": 10, "significantli": 10, "similar": [3, 7, 11, 12], "simpl": [4, 6], "simplic": 6, "simplifi": [4, 6, 10], "simultan": [8, 12], "sinc": [2, 7, 11], "singl": [1, 3, 6, 8, 9, 12], "sit": 9, "site": 11, "site2cloud": [0, 1, 7], "six": 6, "size": [5, 6, 8, 10], "slide": 0, "slider": 9, "slow": 10, "smartgroup": [3, 10], "smoothli": 3, "snat": [9, 10], "so": [1, 7], "softwar": 12, "sole": [3, 8, 9], "solid": [6, 8], "solut": [1, 3, 4, 7, 10, 12], "some": [1, 2, 4, 6, 8, 10, 12], "someth": 6, "soon": [0, 2, 6], "sourc": [3, 4, 5, 8, 9, 10], "south": 10, "space": [2, 10, 11], "special": [1, 6], "specialti": 5, "specif": [1, 9, 10], "specifi": 9, "speed": 8, "splash": 10, "spoke": [1, 2, 7, 9, 11], "spoke1": [2, 3, 5, 6, 7, 8, 9, 10, 11, 12, 13], "spoke2": [1, 3, 5, 6, 7, 8, 10, 13], "ssh": [1, 5, 6, 7, 8, 10, 11, 12], "ssl": 9, "stage": [6, 8], "standard": 6, "standard_b2m": 6, "standard_d3_v2": 10, "start": [2, 6, 9, 11], "stat": [4, 8], "state": [3, 4, 6, 8, 10], "statement": 4, "statemet": 4, "static": [6, 10, 11], "statist": 4, "statu": [2, 4, 6, 8, 11], "step": [1, 6, 8, 10], "still": [3, 8, 10, 12], "stop": [5, 8], "storag": 10, "stream": 10, "string": [10, 11], "strong": 10, "strongswan": 1, "student": [1, 6, 7, 9, 12], "studio": 4, "su": 9, "sub1": [2, 6], "subnet": [2, 3, 6, 8, 10, 11, 12, 13], "subscript": 10, "subsequ": [2, 6, 11, 12], "success": [3, 9, 10, 12], "successfulli": [2, 3, 5, 9, 10, 12], "sudo": [9, 11, 12], "suggest": 5, "summari": [5, 8], "support": 1, "sure": [2, 5, 6, 10], "suricata": [3, 9], "survei": 0, "swanctl": 11, "switch": 8, "symbol": [10, 11], "system": 9, "t": [3, 6, 8, 9, 10], "t2": [5, 6], "tab": [3, 5, 6, 7, 8, 9, 10, 11, 12, 13], "tabl": [2, 3, 5, 7, 8, 9, 10], "tag": [3, 5], "take": [2, 3, 6, 8, 10, 12], "taken": 10, "target": [9, 12], "task": [2, 6, 11, 12], "tcp": [3, 8], "technologi": 8, "templat": [2, 5, 10, 11, 12], "temporari": 8, "temporarili": 8, "term": 6, "termin": [3, 5, 6, 7, 11, 12, 13], "terraform": 1, "test": [1, 3, 5, 6, 7], "test1": [3, 5, 6, 7, 8, 9, 10, 11, 12], "test2": [3, 8, 9], "testmynid": 9, "tf": 4, "tfstate": 4, "tfvar": 4, "than": 4, "thank": [3, 9], "thei": [0, 2, 5, 12, 13], "them": [4, 6, 7], "therefor": [2, 3, 4, 5, 6, 9, 10, 12], "thi": [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14], "thing": 4, "thit": 3, "those": [3, 6, 8, 12], "threat": [3, 5], "threatgroup": 5, "threatguard": 5, "threatiq": [0, 1], "three": [3, 5, 6, 7, 9, 10, 12, 13], "threee": 12, "through": [2, 3, 6, 7, 8, 9, 10, 12], "throughout": 1, "throughput": 10, "thu": 12, "tier": 1, "time": [1, 2, 3, 5, 6, 7, 8, 9, 10, 12], "timer": [6, 8], "timestamp": [5, 9], "tl": 3, "tmnid": 9, "tmp": 9, "togeth": 0, "toggl": 5, "too": 10, "tool": 11, "top": [2, 3, 6, 8, 10, 12], "topologi": [3, 4, 12, 13], "topopologi": 6, "tor": 9, "torn": 1, "total": 6, "toward": [4, 8, 9, 10, 12, 13], "tracerout": 12, "traffic": [8, 10, 12, 13], "train": [0, 1], "trainer": 1, "transit": [0, 1, 2], "transit_gatewai": 4, "translat": 9, "transmit": 4, "tri": 9, "trigger": [2, 5], "troubl": 4, "troubleshoot": [6, 12], "trust": 4, "try": [3, 9, 10], "tunnel": [6, 8, 11], "turn": [3, 5, 8, 9, 10, 12], "turnkei": 10, "two": [3, 5, 6, 7, 8, 9, 10, 11, 12, 13], "type": [2, 5, 6, 9, 11, 12], "typic": [3, 11], "u": [1, 2, 3, 4, 5, 7, 8, 9, 10, 11, 12, 13], "udp": [9, 10], "ui": [2, 4, 5, 12], "ultim": 12, "unaffect": 9, "unattach": 8, "unchang": 3, "under": [5, 10, 12], "underlai": [2, 12], "underli": 8, "understand": [3, 9], "undoubtetli": 3, "uniqu": [3, 6, 10], "unless": [1, 7], "unmanag": 6, "unreach": 8, "until": [1, 3, 4, 10, 12], "untrust": 8, "unus": 5, "up": [2, 3, 5, 6, 9, 10, 11, 12], "updat": [5, 6, 11], "update_swanctl": 11, "upon": 9, "url": [2, 3, 8, 9, 10], "us": [1, 2, 4, 5, 6, 7, 8, 9, 10, 11, 12, 14], "user": [0, 2], "usernam": 10, "util": [5, 8, 13], "utilis": [1, 11], "v": 4, "valid": [1, 3, 5, 6], "valu": [2, 3, 5, 6, 9], "vari": 10, "variabl": 4, "vcn": [3, 6, 7, 8, 10], "vendor": 4, "veri": [3, 6, 9, 12], "verif": [2, 12], "verifi": [1, 5, 6, 7, 8, 9, 11, 12], "version": [4, 10], "via": [10, 12], "view": [2, 5, 6, 7, 9, 15], "virginia": [5, 8], "virtual": [5, 6, 9, 10, 11], "visibl": [8, 9, 12], "visual": 4, "vm": [1, 6, 7, 10, 12], "vnet": [1, 3, 5, 6, 7, 8, 9, 10, 11, 13], "vpc": [1, 3, 5, 6, 7, 9, 10, 11, 12, 13], "vpn": 0, "wa": [2, 3, 4, 5, 8, 9, 10, 11, 12], "wai": 5, "wait": [2, 5, 8, 10, 11, 12], "wall": 8, "wan": 12, "want": [2, 3, 9], "warn": 10, "watch": 9, "we": [4, 5, 6, 7, 8, 9, 10, 11], "web": [2, 5, 6, 8, 9, 10], "webgroup": 5, "websit": 9, "week": [0, 1], "welcom": 10, "well": [5, 7, 8], "were": [8, 10], "west": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 13], "west2": [2, 6], "what": [3, 4, 5, 6, 7, 8, 9, 11], "when": [4, 5, 6, 8, 10, 12], "where": [3, 4, 5, 8, 10], "wherea": [6, 12], "wherebi": [3, 9], "whether": [2, 3, 9], "which": [1, 4, 6, 9, 10], "while": [5, 6, 7, 10], "white": 2, "whole": 3, "whom": 9, "why": 8, "widget": [4, 12], "wikipedia": 9, "window": [2, 3, 4, 5, 6, 7, 8, 9, 10, 11], "within": [6, 8, 9, 10, 11, 12], "without": [3, 6, 7, 9, 10, 12], "wll": 9, "word": 1, "work": [3, 4, 5, 9, 10, 11, 13], "workflow": 11, "workload": [5, 6, 7], "workstat": [4, 5, 12, 13], "wortkstat": [5, 13], "would": [3, 5, 6, 7, 8, 9, 10, 11, 12, 13], "www": 9, "x": 9, "ye": 4, "yet": [3, 6, 8, 10, 12], "ym2v": 15, "york": [5, 11, 12], "you": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 15], "your": [1, 2, 4, 5, 6, 8, 9, 10, 11, 12, 14, 15], "yourself": 2, "zone": [2, 5, 6, 8, 9, 10], "zoom": 1}, "titles": ["PDFs", "Welcome to ACE Professional Lab", "Lab 1 - VPCs/VNets CREATION", "Lab 10 - DISTRIBUTED CLOUD FIREWALL", "Lab 11 - IAC & NETWORK INSIGHTS API", "Lab 9 - THREATIQ & COSTIQ", "Lab 2 - TRANSIT NETWORKING", "Lab 3 - NETWORK SEGMENTATION", "Lab 4 - HPE WITH ACTIVE MESH", "Lab 5 - CLOUD PERIMETER SECURITY (Secure Cloud Egress)", "Lab 6 - FIRENET", "Lab 7 - SITE2CLOUD", "Lab 8 - SECURE HIGH-PERFORMANCE DATACENTER EDGE", "Lab 9 - COSTIQ", "LOGOS-ICONS", "POD Portal"], "titleterms": {"": [11, 12], "1": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13], "10": 3, "11": 4, "2": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13], "3": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13], "4": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12], "5": [1, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12], "6": [3, 5, 6, 7, 8, 9, 10], "7": [3, 8, 9, 11], "8": 12, "9": [5, 13], "A": 5, "As": 12, "It": 12, "On": 11, "WITH": 8, "ac": 1, "access": 1, "activ": [3, 8], "activemesh": 8, "ad": [5, 9], "add": 3, "after": 8, "allow": 3, "an": [3, 5, 9], "api": 4, "appli": 9, "architectur": [3, 9], "associ": [8, 12], "attach": [3, 4, 6, 7, 8, 12], "automat": 5, "aviatrix": [6, 7, 8], "aw": [2, 6], "azur": [2, 6, 10], "bad": 5, "befor": 8, "between": [3, 12], "bonu": 8, "bu1": 3, "bu2": 3, "build": 3, "chang": 9, "cloud": [3, 6, 9, 11], "configur": [6, 7, 8, 10, 11], "connect": [3, 6, 7, 8, 10, 11, 12], "consol": 2, "control": 9, "copilot": [6, 7, 8], "costiq": [5, 13], "creat": [2, 3, 4, 5, 9], "creation": [2, 3], "datacent": 12, "db": 6, "dc": 13, "dcf": [3, 9], "deploi": 5, "deploy": 10, "descript": 4, "distribut": 3, "domain": [7, 8, 12], "drop": 5, "east": [3, 6], "east1": 3, "ec2": 9, "edg": 12, "edit": 9, "egress": 9, "enabl": [8, 9, 13], "encrypt": 8, "enforc": 5, "exist": 9, "expect": 4, "explor": 6, "fabric": 6, "featur": 9, "firenet": 10, "firewal": [3, 10], "flightpath": 8, "flowiq": 12, "forc": 5, "from": [2, 3], "gatewai": [6, 7, 8], "gcp": [2, 6, 10], "gener": [5, 9, 11, 12], "get": 1, "group": 3, "gui": 5, "gw": [4, 12], "high": [8, 12], "hoc": [5, 9], "hpe": 8, "i": 13, "iac": 4, "icmp": 3, "icon": 14, "id": 9, "identifi": 9, "info": 6, "inform": 1, "initi": 6, "insid": [3, 10], "insight": 4, "inspect": 9, "instal": 10, "instanc": 9, "integr": 10, "inter": 3, "intra": 3, "introduct": 2, "keepal": 8, "lab": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13], "laptop": 3, "launch": 10, "link": 15, "logo": 14, "mesh": 8, "modifi": 9, "more": 12, "mtt": 3, "multi": 3, "multicloud": 6, "network": [3, 4, 6, 7, 8, 9, 10, 12], "new": [5, 9, 13], "object": [3, 5, 6, 7, 8, 9, 10, 11, 12, 13], "overview": [3, 5, 6, 7, 10, 11], "pan": 10, "path": 12, "pdf": 0, "peer": [4, 6, 8, 10], "perform": [8, 12], "perimet": 9, "pod": 15, "polici": [7, 10], "portal": 15, "prefac": 1, "prem": 11, "prepar": 9, "prepend": 12, "prerequisit": 1, "privat": 9, "profession": 1, "psf": 5, "pt": 8, "public": 5, "question": 8, "resid": 9, "result": 4, "rout": [6, 8, 10], "rtb": [5, 9], "rule": [3, 5, 9], "s2c": 11, "secur": [9, 12], "segment": [7, 8], "servic": 13, "share": 13, "simul": 9, "site2cloud": 11, "smart": 3, "smartgroup": [5, 9], "spoke": [3, 4, 6, 8, 10, 12], "ssh": [3, 9], "start": [1, 8], "strongswan": 11, "subnet": [5, 9], "summari": 4, "templat": 8, "terraform": 4, "test": [8, 9, 10, 12], "than": 12, "threatiq": 5, "through": 4, "tier": 3, "topologi": [1, 5, 6, 7, 8, 9, 10, 11], "toward": [3, 5], "traffic": [3, 5, 9], "transit": [3, 4, 6, 7, 8, 10, 12], "trust": [3, 9], "u": 6, "valid": 4, "vendor": 10, "verif": [3, 5, 6, 7, 8, 10, 11], "verifi": [2, 3, 10], "view": 8, "vm": 3, "vnet": 2, "vpc": [2, 4, 8], "webgroup": 9, "welcom": 1, "where": 9, "within": 3, "workload": 9, "york": 13, "your": 3, "zero": [3, 9], "ztna": 9}}) \ No newline at end of file