Deploy Application Discovery
AlgoSec Application Discovery (AAD) is a module of AppViz. It enables you to discover business service flows directly from your network and import them into AppViz.
Application Discovery architecture
-
Application Discovery server:
- Maps the network topology based on the data collected from the sensor(s)
- Communicates with the ASMS in order to provide the business service(s) topology and get updates (on-going discovery)
-
Enables you to:
- Create and manage business services
- View the network topology map
- AAD administration
- Application Discovery sensors:
The Application Discovery installation provides a local AAD network sensor on the AAD server node, and AAD traffic log sensors on the Central Manager and on each Remote Agent defined in the system. Additional remote AAD network sensors can be installed to capture traffic outside of your ASMS subnet.
For details about the four types of Application Discovery sensors:
- Local AAD network sensor: Provided with the Application Discovery server. Collects traffic from your ASMS subnet, including statistical data, using Neflow/SFlow protocols, simulated/mirrored packets, or direct traffic inspection. For more details, see Traffic collection options.
- Remote AAD network sensors: Additional optional sensor devices can be installed outside of your ASMS subnet. They collect traffic from other subnets outside your ASMS subnet, including statistical data using Neflow/SFlow protocols, simulated/mirrored packets, or direct traffic inspection. For more details, see Deploy additional Application Discovery network sensors.
- AAD traffic log sensor: An AAD traffic log sensor is automatically installed wherever a syslog server is running on your system (Remote Agents and Central Manager). (Currently external syslog is not supported). Traffic log sensors get syslog traffic log records and process them into network flows. AAD traffic log sensors run automatically and require no configuration.
-
Azure traffic sensor: The Azure traffic sensor is installed wherever the Application Discovery Server is running on your system. Enables traffic data collection from Azure Traffic Analytics, which analyses Network Watcher flow logs to provide insights into traffic flow in your Azure cloud. For information about prerequisites and setup, see Set up the Azure Traffic Sensor.