Perform crown jewel analysis to get insights about the possible reachability of your crown jewels due to lateral movements by an adversary. The reachability score gives an estimate of how far your crown jewels are from various entities and possibly how many lateral moves are required by an adversary to reach your crown jewels. Also, using crown jewels analysis, you get firewall rules suggestions to strengthen the security of your crown jewels assuming that the current state of flows is legitimate.

Prerequisites

Verify that you have added at least one crown jewel in VMware Aria Operations for Networks.

Procedure

  1. From left navigation page, click Plan & Assess > Crown Jewel Analysis.
  2. In the Crown Jewel Analysis window, select the crown jewels you want to analyze.
    Note: You can select up to 10 crown jewels for analysis.
  3. Select Scope and Duration for your analysis.
  4. Click Analyze.

Results

The Crown Jewels Analysis page shows the total connected entities to the crown jewels, reachability score, incoming flows, total incoming traffic, and so on.

You can toggle between topology view and grid view. Click Change view to toggle between grid view and topology view.

The reachability score gives an estimate of how far your crown jewels are from various entities and possibly how many lateral moves are required by an adversary to reach your crown jewels. For example, reachability score one estimates that the crown jewel is one step away from the entities at node level 1.

You can also generate a PDF version of the analysis report. Click the Generate VNA Report to generate a PDF version of the analysis report.