Types of networks
It is often helpful to use network examples as a starting point for planning your runZero implementation. This document breaks down a few standard network types and provides potential configurations for each. With that being said, every network has nuance, so it’s likely there will be some differences for your implementation.
This is a basic overview of how discovery will be done using Explorers and scanners. By default, one Explorer will be deployed with the goal of running discovery on as much of the network as possible. If needed, more Explorers can be added for areas the primary Explorer cannot get to. You can also use a scanner for offline environments where there is no internet connectivity.
SaaS company
Network characteristics
- Flat on-premises network for offices
- Multi-cloud environment
- Hybrid workforce remote and in office
Sample runZero implementation
- Explorers
- Corporate network Explorer that is able to get all on-premises network and cloud services private connectivity
- One Explorer per VPC that isn’t routable from on-premises networks
- Organizations
- Single organization
- Sites
- Primary corporate site
- One site per VPC
Large corporation
Network characteristics
- Corporate offices with many connected branches
- Multiple M&A transactions happening at any given time, onboarding new offices every year
- Multiple data centers for internal and externally-facing applications
Sample runZero implementation
- Explorers
- Corporate network Explorer that is able to get all on-premises networks
- One Explorer per site with low bandwidth or legacy firewalls, proxies, etc.
- One Explorer for each M&A transaction to understand new risks and keep data segmented
- Organizations
- Corporate assets
- One project per M&A transaction until the deal is complete and assets are merged
- Sites
- Primary corporate site
- Potentially separate sites if there is overlapping IP space in branch offices
Retail company
Network characteristics
- Flat on-premise network for corporate offices
- Data centers
- 100s of retail locations
Sample runZero implementation
- Explorers
- Corporate network Explorer that is able to get all on-premise networks
- One Explorer per retail location with low bandwidth or legacy firewalls, proxies, etc.
- One Explorer per data center
- Organizations
- Single organization
- Sites
- Primary corporate site
- One per retail site if they have overlapping IP space
Manufacturing company
Network characteristics
- Flat on-premise network for corporate offices
- OT environment is completely disconnected from the internet
- Field service agents VPN in from varying locations
Sample runZero implementation
- Explorers
- Corporate network Explorer that is able to get all on-premise networks
- Scanners
- Manufacturing plant that is not connected to the corporate networks
- Organizations
- Single organization
- Sites
- Primary corporate site
- One per OT site if there is overlapping IP space
Telecommunications company
Network characteristics
- Flat on-premise network for corporate offices
- Segmented data centers
- IoT devices scattered across the country
- Field service agents VPN in from varying locations
Sample runZero implementation
- Explorers
- Corporate network Explorer that is able to get all on-premise networks
- One for each segmented lab
- One for each data center
- Organizations
- Corporate network
- Production network
- One per lab
- Sites
- One primary site per organization
Managed security service provider
Network characteristics
- Many customers spinning up/down in engagements
- Mostly small, flat networks
- Some customers have OT environments that are sensitive
Sample runZero implementation
- Explorers
- One per customer
- Scanners
- Only needed for customers with offline networks
- Organizations
- Project per customer initially
- Promote project to organization for long-term use
- Sites
- One per customer but potentially multiple if a customer has overlapping IP space
Academic organization
Network characteristics
- Many buildings/networks spread around the campus with varying connectivity
- Multiple data centers managed by different departments
- Multiple labs for research and development that are disconnected from the rest of the network and the internet
Sample runZero implementation
- Explorers
- Main network Explorer that is able to get all on-premise networks
- One Explorer per building with low bandwidth or legacy firewalls, proxies, etc
- One Explorer per data center
- Scanners
- One for each disconnected lab
- Organizations
- Main assets
- One for each lab
- Sites
- One primary per organization but potentially multiple if buildings have overlapping IP space
Updated