View network policy sets

This topic describes how to access and navigate the Network Policies page, review the policy sets detected in your security controls, and filter results to target specific entities.

Network Policies page

To open the Network Policies page, click the Network Policies icon on the left. By default, the page opens with All Entities selected and displays an overview of all your vendors and policy types.

Network policies tree

The network policies tree lets you drill down into individual virtual network types.

The network policies tree contains the following entities:

Security Control	Account Type		Virtual Network Type
Security Control	Icon	Type	Icon	Type
AWS SG		Account		VPC
Azure Azure NSG Azure Firewall		Subscription		VNet
Azure Azure NSG Azure Firewall		Subscription		Virtual Hub
Azure Firewall (classic)		Subscription		VNet
Google Cloud Firewall		Project		VPC

Network tree search bar

Use the network tree search bar to filter the tree and find entries quicker.

Search using partial or whole names of any of the following:

Vendors / Policy Types
Accounts / Subscriptions / Projects
Regions
VPCs / VNets / Virtual Hubs

Network policy sets

View network policy sets:

Click on an entity in the Network policies tree to see a list of matching policy sets on the right.

Azure policy sets include two tabs: Azure NSGs policies and Azure Firewall policies.

The Azure NSGs policies tab is disabled for Virtual Hubs because Virtual Hubs cannot have NSG policies.
The Azure Firewall policies tab is disabled when the Azure VNet does not have a firewall.

Azure Firewall (classic) has its own entry in the Network policies tree.

Google Cloud Firewall policy sets include two tabs:

Firewall Policies tab: Shows VPC Firewall and Network Firewall policy rules, as well as hierarchical rules from the Hierarchical Policies tab that are used by the VPC Firewall.

Note: All policies that impact the VPC are ordered in the list based on how traffic inspects the rule as it enters or exits the VPC.
Hierarchical Policies tab: Shows organization-level and folder-level firewall policies.

Search policy sets

In the Search Policy box above the list of policy sets, you can filter the displayed policy sets based on search entries.

For each type of security control, you can perform a search using partial or whole names based on the specific criteria listed in the table below:

Security Control Type	Search criteria
AWS SG	SG name
Azure NSG	NSG name
Azure Firewall	Firewall policy name
Google Cloud Firewall	VPC name
Google Cloud Hierarchical policy	Policy name

Filter displayed policy sets

You can filter displayed policy sets to see a more targeted display of the policy sets that interest you.

Each security control type has its own unique set of filters which you can use to refine the policy sets displayed.

Security Control Type	Available Filters
AWS SG	Accounts Regions VPCs Risks severity Cleanup view (View and manage unused rules. See Clean up policies.) Show risks (toggle) - Show / hide risk information
Azure NSG	Subscriptions Regions VNets Risks severity Cleanup view (View and manage unused rules. See Clean up policies.) Show risks (toggle) - Show / hide risk information
Azure Firewall	Subscriptions Regions VNets Risks severity Cleanup view (View and manage unused rules. See Clean up policies.) Show risks (toggle) - Show / hide risk information
Azure Firewall (classic)	Subscriptions Regions VNets Risks severity Show risks (toggle) - Show / hide risk information
Google Cloud	Projects VPCs Tip: Hover over a VPC in the dropdown to see a tooltip showing the project name, the project ID defined on the Google Cloud, and its VPC name. This is especially helpful when there are multiple VPCs with the same name. Regions Risks severity Show risks (toggle) - Show / hide risk information Show hierarchical rules (toggle) When activated (default), hierarchical rules used by the firewall are displayed above the firewall rules When disabled, only the firewall rules are shown