# 6.2 Network Topology
#### π Overview
The **Network Topology** module offers a visual and interactive map of your entire internet-facing infrastructure. It illustrates the relationships between your domains, IP addresses, technologies, ports, and vulnerabilities in real-time β enabling you to understand your **attack surface as a connected structure**, not just a list.
> π§ Think of this as a **cybersecurity radar** that shows how all your digital assets are linked, and where your weaknesses may lie.
***
#### 𧩠What It Displays
**𧱠Nodes:**
Each node represents an entity in your infrastructure:
* Domain or subdomain (e.g., `app.yourcompany.com`)
* IP Address
* Open port or protocol (e.g., 443/HTTPS, 21/FTP)
* Technology in use (e.g., PHP, MySQL, WordPress)
* Associated vulnerability (if found)
**π Connections:**
Lines between nodes show direct associations such as:
* Domains resolving to IPs
* IPs running services on specific ports
* Ports linked to technologies or risk factors
**π¨ Node Indicators:**
Each node is color-coded based on its type or threat level:
* π΅ Domain
* π IP Address
* π΄ Critical Vulnerability
* π‘ High Risk
* π’ Safe
* β« Unknown/Other
***
#### π₯οΈ Interactive Features
* **Zoom & Pan** β Explore the map freely or fit to screen
* **Filter Nodes** β Search by domain, IP, or vulnerability
* **Layout Options** β Switch between graph models (e.g., CoSE, Circle, Grid)
* **Export** β Download your topology as a PNG for reports or auditing
* **Node Detail Panel** β Click any node to view:
* Associated ports
* Technologies
* Resolved IP
* Detected vulnerabilities
***
#### π οΈ Why It Matters
Traditional asset lists canβt show **how things are connected** β and attackers exploit relationships.
This view helps you:
* Detect exposed nodes with shared risk
* Identify forgotten or shadow systems still reachable
* Spot single points of failure or shared infrastructure risk
* Understand potential **pivot paths** in case of breach
***
#### π Example Scenarios
| Use Case | What You Can Discover |
| ---------------------------------- | --------------------------------------------- |
| A vulnerable service on shared IP | Multiple domains exposed through one IP |
| A forgotten subdomain still active | Visualized next to your main infrastructure |
| A non-SSL port open to internet | See it linked under an insecure protocol node |
| A legacy PHP app next to new stack | Legacy risk adjacent to modern services |
***
#### βοΈ Best Practices
| Action | Why It Matters |
| -------------------------------- | -------------------------------------------------- |
| Review the topology weekly | Spot new or unauthorized connections |
| Export before change deployments | Compare before/after network footprint |
| Investigate isolated nodes | May indicate misconfigurations or forgotten assets |
| Monitor for red nodes | Indicates confirmed vulnerabilities |
***
> π― The Network Topology module turns your digital surface into a **visual map of risk**. Not only will you see whatβs online β youβll see whatβs connected, and what needs to be secured.
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.shieldsguard.com/getting-started/6.-asset-management/6.2-network-topology.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.