About Secured Networking and Security Services

Aviatrix enables you to embed security in the network rather than attach security to the network. As you build and grow your network, you simultaneously define the monitoring and security rules you intend your network to enforce. The secured networking and security service options are discussed in this section.

Options to have a secured network at the network reachability level, such as network segmentation and Distributed Cloud Firewall (DCF), are discussed in the following topics:

Network Segmentation: shows how network domains can or cannot communicate with each other and ability to configure network segmentation for inter-VPC/VNet connectivity (reachability). See Network Segmentation.
Distributed Cloud Firewall: provides granular network security policy enforcement for distributed applications in the cloud. The Aviatrix platform is aware of the native cloud constructs across its managed multicloud networks; this awareness allows the platform to dynamically protect distributed applications as your environments evolve. See Secure Networking with Distributed Cloud Firewall.

Options for security services that further increase the security posture of your networks are discussed in the following topics:

ThreatIQ: provides ability to monitor security threats in your Aviatrix cloud network. See Blocking Known Threat IP Traffic using ThreatIQ.

ThreatIQ is only visible if you configured the feature prior to Controller version 7.2.4820. In Controller version 7.2.4820 and above, the use of ThreatGroups in conjunction with DCF is recommended.

Anomaly Detection: provides continuous network behavior analysis on your cloud workloads for detecting unusual behaviors or anomalies in the network. See Detecting Network Anomalies using Network Behavior Analytics.
Geoblocking: provides ability to block IP traffic coming into and coming from a country. See Blocking Traffic from Countries using Geoblocking.

Geoblocking is only visible if you configured the feature prior to Controller version 7.2.4820. In version 7.2.4820 and above, the use of GeoGroups in conjunction with DCF is recommended.

See this link for information about inserting firewalls into your Aviatrix-managed network: Configuring Transit FireNet.