Networking

Visualizing Your Global Network with AWS Network Manager - Centralized Topology and Health Management

Learn how to visualize the topology of your global network including Transit Gateways and VPNs, and verify connectivity with route analysis.

約 3 分で読めます

Overview of Network Manager

Network Manager is a service for centrally managing the topology and health of your global network. It provides visual insight into the connectivity relationships of Transit Gateways, Site-to-Site VPNs, and Direct Connect, and automatically detects network change events. Route analysis proactively identifies connectivity issues, and integration with Cloud WAN enables policy-based network management.

Topology and Route Analysis

When you create a global network and register a Transit Gateway, the connectivity relationships of attached VPCs, VPN connections, and Direct Connect are automatically displayed on the topology map. Route analysis simulates packet paths by specifying a source and destination, detecting route table misconfigurations and security group blocks. Network events automatically detect VPN tunnel state changes, BGP peer disconnections, and Transit Gateway attachment changes, sending notifications via EventBridge.

Integration with CloudWAN

Integrating AWS Cloud WAN with Network Manager enables centralized management of global network segmentation and routing through core network policies. Attachments (VPCs, VPNs, Direct Connect) are assigned to segments on a policy basis, controlling inter-segment communication permissions. The Network Manager dashboard provides real-time visualization of Cloud WAN core network topology, traffic volume per segment, and connection health. Network changes (new VPC attachments, route additions) are published as EventBridge events, serving as an audit trail for change management. Combined with Reachability Analyzer, you can pre-verify reachability from a specific source to a destination, preventing routing configuration errors. To comprehensively learn about network management configuration patterns, refer to technical books (Amazon).

Network Manager Pricing

Network Manager itself is free to use. Costs depend on the managed resources (Transit Gateway, Direct Connect, VPN). When using Cloud WAN, charges are based on the number of core network edge attachments and data processing volume. Peering attachments incur inter-region data transfer charges, so it is important to estimate inter-region traffic volume in advance. Network Manager's route analysis and topology visualization are available at no additional charge, directly contributing to network operations efficiency.

Summary

Network Manager is particularly effective in multi-region environments using Transit Gateways or VPNs. The topology map visualizes the overall connectivity picture, and route analysis detects unintended routing. By integrating with Cloud WAN and transitioning to policy-based network management, you can declaratively manage routing configurations and evaluate the impact of network changes in advance. Since it is free to use, it is recommended for all environments operating networks across multiple regions.

Related Services

AWS Network ManagerA service for centrally managing global networks and visualizing Transit Gateway and SD-WAN connectivityAWS Transit GatewayA network hub that connects multiple VPCs and on-premises networks in a hub-and-spoke topologyAWS Direct ConnectA service that provides a dedicated network connection between on-premises and AWS for stable, low-latency connectivity

Related Articles

Building a Hub-and-Spoke Network with AWS Transit Gateway - Multi-VPC Connectivity DesignConsolidate multiple VPCs and on-premises networks in a hub-and-spoke topology, establish security boundaries with route table isolation, and enable multi-region connectivity through peering.Building Dedicated Connections with AWS Direct Connect - Redundancy Design and Traffic ControlDesign redundant dedicated connections and connect to VPCs across multiple regions with Direct Connect Gateway. This article also covers bandwidth aggregation with LAG and MACsec encryption.Operating Hybrid Cloud with Amazon EVS - DR Site Construction and Burst CapacityLearn how to operate a hybrid cloud with Amazon EVS, including DR site construction, on-demand capacity bursting, and integration patterns with AWS services.

More on This Topic

Building a Service Mesh with AWS App Mesh - Controlling and Observing Microservice CommunicationLearn how to declaratively configure canary deployments, retry policies, and mTLS encryption using Envoy sidecars, and visualize service dependencies with X-Ray integration.Service Discovery with AWS Cloud Map - Dynamic Name Resolution for MicroservicesDynamically discover microservice endpoints using DNS-based and API-based approaches. Learn how to automate service registration and deregistration through integration with ECS and EKS.How CloudFront's 600+ PoPs Work - Anycast Routing and the Cache HierarchyLearn how CloudFront routes user requests to the nearest PoP using Anycast, the two-tier structure of edge locations and regional edge caches, and the design factors that determine cache hit rates.Dedicated Connection Design - Achieving Stable Private Network Connectivity with Direct ConnectLearn about dedicated connection design with AWS Direct Connect, including choosing between dedicated and hosted connections, redundancy configurations, and achieving stable private network connectivity through VPC integration.Building Dedicated Connections with AWS Direct Connect - Redundancy Design and Traffic ControlDesign redundant dedicated connections and connect to VPCs across multiple regions with Direct Connect Gateway. This article also covers bandwidth aggregation with LAG and MACsec encryption.Elastic IP Address Management and Design - Static IP Usage and Cost OptimizationLearn about Elastic IP allocation, EC2 association, cost implications of unused EIPs, and alternative approaches to consider.Why ELB Has Three Types - The Design Rationale Behind ALB, NLB, and CLBExplore why ALB, NLB, and CLB (Classic) coexist rather than being unified into a single service, examining OSI model layers, performance characteristics, and historical context.Global Network Optimization with AWS Global Accelerator - Low-Latency Delivery and FailoverLearn how to route traffic onto the AWS global network using Anycast IPs, design endpoint groups, and achieve failover through health checks.

Similar Articles and Services

AWS Network ManagerA service for centralized visualization and management of global networksBuilding a Hub-and-Spoke Network with AWS Transit Gateway - Multi-VPC Connectivity DesignConsolidate multiple VPCs and on-premises networks in a hub-and-spoke topology, establish security boundaries with route table isolation, and enable multi-region connectivity through peering.AWS Transit GatewayA service that interconnects multiple VPCs and on-premises networks in a hub-and-spoke topology, dramatically simplifying network architecture