Getting Started with the Illumio Console

Within All Policies > Application Polices and the Cloud > Application > Policy tab, Illumio Console now indicates if a rule in a policy has a conflict with another rule in the policy. If there is a conflict, a warning information icon displays at the end of the row for that rule. A conflicted rule means that there are rules for your application that contradict each other. For example, someone else may have written an Allow rule that will permit traffic that you do not want to allow, and this rule is overriding the Deny rule that you want to enforce.

When you click the icon, the Conflicted Rules pane displays the reference rule that you clicked at the top of the pane, and provides more information about the rule conflicts for the application:

A new View Inherited Rules button has been added to Illumio Console. This feature allows you to see organization policies and application policies rules that apply to the application you are viewing. If an application has inherited rules, a View Inherited Rules button displays in the top-right corner of the Application Policies page for that application, with a badge that displays the number of inherited rules. This feature allows you to see other applications that have written rules that allow them to communicate with your application. For example, the Inherited Rules page for your CRM application could show you that the Finance application has an outbound rule that allows it to communicate to your CRM application.

To view inherited rules: 

Note that if users do not have the appropriate role to view inherited rules, when they click the View Inherited Rules button, the application will display the Cloud Dashboard page.

The Provisioning errors button is available in the All Policies, Organization Policies, and Application Policies tabs. If you attempted to provision a policy but the policy did not successfully provision, click Provisioning errors to display the Provisioning errors page. This page provides more information about the application and organization policies that didn't provision and displays the cloud, the name and ID, the status, and the modification date for the policies that failed to provision.

Illumio Console now allows you to view Illumio Cloud and Illumio Core resources on the map regardless of whether or not these resources have traffic. Hover over the button in the interaction panel to switch between the display modes.

Illumio Console now allows you to hover over a resource and add filter criteria from the context menu. This feature is available on the Traffic page and on the Traffic tab within the Map page. For example, within the Traffic table, if you want to search for traffic that uses TCP 443 as the service, hover over 443 TCP to select Port and/or Protocol as the type. Next, select Service is from the context menu to add 443 TCP to the Service field as a filter. If you want to add to your query so that it excludes traffic from the uswest2 region, hover over a Cloud resource in the Destination column, hover over uswest2, and then select Source is not from the context menu to exclude traffic from that region from your search.

The context menu filters function similarly within the Map page except that you would click a traffic link between Cloud resources and then hover over the resource in the Traffic tab to begin adding values to include or exclude from your query.

The query filters that display in the context menu depend on which operators you select from the More menu and whether or not you select Show Exclusion Filters.

You can filter by the Account ID, Resource Type, Region, and Cloud/Data Center categories.

User preferences and settings are now maintained across sessions within Illumio Console. Previously, when users logged out of the application, their settings were lost, but the information is now stored on the server side in k-v pairs.