Aviatrix CoPilot Features

This section provides an overview of Aviatrix CoPilot key features.

The expected page load time in the CoPilot UI is less than 10 seconds. If you see significantly slower behavior, contact Support for assistance.

CostIQ

The CostIQ feature provides detailed traffic distribution analysis for your cost centers, including traffic flowing to shared-service resource hosts by Cloud Account, by Cost Center, by VPC/VNet, and by Gateway.

Distributed Cloud Firewall (DCF)

Aviatrix Distributed Cloud Firewall embeds Layer 4-7 network security on top of the Aviatrix Cloud Networking Platform infrastructure. Advanced security capabilities include Layer 4 visibility and rule enforcement; URL/domain name filtering; geographical filtering (GeoGroups); threat detection (ThreatGroups); transparent MITM decryption; and Advanced Threat Detection with Suricata. Intra-VPC/VNet segmentation can be enabled on VPCs/VNets to enforce greater granular segmentation policies.

Prior to Controller version 7.2.4820, ThreatIQ and Geoblocking were used for geographical filtering and threat detection.

Groups

Aviatrix provides a number of group types for organizing and managing resources. The groups are:

  • SmartGroups: reusable constructs or objects that can be queried against to support various Aviatrix features. Aviatrix features that use SmartGroups include CostIQ cost reporting and DCF.

  • ThreatGroups: Default group of threat IPs to use in DCF rules.

  • GeoGroups: select countries or define custom GeoGroups to use in DCF rules.

  • WebGroups: create groups of URLs or domains to use in egress DCF rules.

ThreatIQ

The ThreatIQ feature enables you to monitor for security threats from malicious sites, set alerts when threats are detected, and block threat-IP associated traffic from well-known threat IP addresses.

If you did not use ThreatIQ prior to Controller version 7.2.4820, Aviatrix recommends using groups and Distributed Cloud Firewall rules to monitor and handle threats.

Topology Map

The Topology map provides a visual representation of deployed networks, gateways, instances, and gateway connections. The dynamic map provides an accurate and up to date layout of your multicloud network topology. The map has full search of managed resources. You can select the nodes of gateways in the map and run diagnostics from those gateways directly from the maps page.

FlowIQ

The FlowIQ feature provides detailed application traffic flow analysis, a global heat map showing traffic trends, and robust filter capability for showing traffic by multiple properties including native Coud Service Provider tags.

Cloud Routes

The Cloud Routes feature provides detailed searchable routing tables across cloud providers. You can view all routing information for managed resources spanning your Aviatrix transit network, including resources across clouds (multicloud) and on-prem (for external/Site2Cloud connections). For multicloud, cloud engineers can view the information in a central place without having to log in to each individual cloud provider console.

Alert Notifications

The Alert Notifications feature enables alerts on the status of managed cloud resources across clouds and policies for triggering alerts based on telemetry data and multiple metrics.

AppIQ

The AppIQ feature provides comprehensive reports to analyze network paths between any two cloud instances. For each instance, an analysis of its network traffic, network domain settings, and route table configurations help to reveal any problems with the network path between the two instances.

You can enable AppIQ to show potential SAP applications (by well-known SAP service port) to facilitate running the AppIQ report against any SAP instances in your environment.

CoPilot Feature Summary

The table below summarizes CoPilot features and provides links to associated documentation.

CoPilot Key Feature Description

Network Health Monitor (Dashboard)

Real-time cloud network resource inventory and status.

Monitoring Inventory and Status of Managed Resources

Dynamic Topology Map

Accurate, multicloud network topology, layout control, and full search of managed resources.

Gaining Visibility into Your Network Topology

FlowIQ

Detailed application traffic flow analysis, global heat map and trends, and filter traffic by native Cloud tags.

Gaining Visibility into Your Traffic Flows

CostIQ

Detailed traffic distribution analysis for your cost centers, including traffic flowing to shared-service resource hosts by Cloud Account, by Cost Center, by VPC/VNet, and by Gateway.

Monitoring the Costs of your Business Units

Cloud Routes

Detailed searchable routing tables across cloud providers.

Troubleshooting Routing Issues in Your Aviatrix-Managed Network

Notifications

Alerts on the status of managed cloud resources across clouds with policies for triggering alerts based on telemetry data and other metrics.

Notifications (Alerts) about Network Events

AppIQ

Comprehensive reports to analyze network path between any two cloud instances.

Troubleshooting Application Connectivity Issues with AppIQ

ThreatIQ

Monitor for security threats from malicious sites, set alerts when threats are detected, and block threat-IP associated traffic.

Only visible if you configured ThreatIQ prior to Controller version 7.2.4820.

Inventory Reports

Create detailed reports showing your inventory of managed resources in a single cloud or across all clouds in your multicloud network.

Aviatrix Reports Reference

Network Behavior Analytics (Anomalies)

Alert on anomalies detected that deviate from the custom routine traffic patterns of your own cloud workloads.

Detecting Network Anomalies using Network Behavior Analytics

Network Segmentation

Network segmentation for inter-VPC/VNet connectivity (reachability) of your Aviatrix multicloud transit.

Network Segmentation

Distributed Cloud Firewall

Embedded security to support desired application reachability.

Groups

Configure SmartGroups, ThreatGroups, GeoGroups, and WebGroups to be used in Distributed Cloud Firewall rules.

About Groups

Geoblocking

Block IP traffic coming into and coming from a country.

Only visible if you configured Geoblocking prior to Controller version 7.2.4820.

Egress Control

Use Distributed Cloud Firewall with WebGroups to configure your Egress traffic.

Audit

Audit history of account users that made changes to your Aviatrix managed networks.

Viewing Users that made Changes to Your Network

For new features introduced in each CoPilot release, see our what’s new page.

What’s New in CoPilot