R12.3-2026Apr21

Built-in NCT Tables (Logical Nodes)

The following table lists the NCT Table properties/attributes for logical nodes (case-sensitive).

No.
Table NameVendorDevice / Platform TypeDriverTechnical Description
1ARP TableAruba NetworksSD-WAN / WAN EdgeAruba OrchestratorCollects Address Resolution Protocol mappings from Aruba SD-WAN branch and campus devices managed via Aruba Orchestrator. Maps IP addresses to MAC addresses across WAN edges and SD-WAN overlays, supporting network path tracing and endpoint visibility in hybrid branch deployments. Resolves L2 adjacency for routed overlay and underlay interfaces. Enables detection of ARP conflicts and stale entries across distributed sites.
2ARP TableVMware AVI NetworksApplication Delivery ControllerAVICaptures ARP bindings learned by AVI (VMware Avi Load Balancer) Service Engines deployed in inline or one-arm mode. Reflects the IP-to-MAC resolution state for virtual services, pool members, and management interfaces. Critical for understanding how Avi reaches backend servers and validates Layer 2 reachability in east-west and north-south traffic paths within load-balanced application tiers.
3ARP TableBig Switch NetworksSDN Fabric ControllerBig SwitchCaptures ARP bindings across virtual and physical leaf switches managed by the Big Cloud Fabric controller. Reflects dynamic L2 resolution entries for tenant workloads and fabric endpoints. Enables path analytics by associating IP endpoints with physical or virtual switch ports, critical for verifying fabric connectivity and diagnosing endpoint reachability in BCF environments.
4ARP TableCheck PointNext-Gen FirewallCheckPoint R80 APICollects ARP cache entries from Check Point Security Gateways via the R80 management API. Maps IP-to-MAC resolution states for interfaces and adjacent hosts. Used to validate forwarding decisions, diagnose connectivity failures, and correlate firewall policy hits with physical endpoint identities. Supports L2 adjacency validation for firewall-to-router and firewall-to-server paths.
5ARP TableCiscoSDN Fabric (ACI)Cisco ACICaptures ARP bindings from the ACI fabric's endpoint database and leaf node ARP caches. Reflects IP-to-MAC resolution for endpoints connected to EPGs and bridge domains. ACI proxies ARP within bridge domains to minimize flood traffic; this table provides visibility into both proxy and direct ARP entries across the fabric, enabling endpoint tracking and path validation within ACI overlay networks.
6ARP TableCiscoNext-Gen Firewall (FTD)Cisco FMCCollects ARP cache entries from Firepower Threat Defense (FTD) devices managed by Firepower Management Center. Captures IP-to-MAC mappings at the firewall's interfaces, enabling correlation of security events with physical endpoints. Supports network path analysis in FTD-managed perimeter and segmentation environments, including validation of next-hop adjacency for firewall routing.
7ARP TableCisco MerakiCloud-Managed NetworkCisco MerakiRetrieves ARP cache data from Meraki MX security appliances and MS switches via the Meraki Dashboard API. Maps IP-to-MAC entries for local LAN segments, providing endpoint visibility across cloud-managed branch networks. Supports troubleshooting and validation of client connectivity in Meraki-managed sites, including VLAN-specific ARP isolation and cross-VLAN gateway resolution.
8ARP TableCitrix / NetScalerADC Management PlatformCitrix ADMCollects ARP entries from Citrix ADC (NetScaler) instances managed by Application Delivery Management. Reflects IP-to-MAC mappings for virtual IPs, backend servers, and management interfaces. Supports load balancer path analysis and validates L2 reachability between ADC instances and application backends, ensuring proper resolution for SNIP and MIP addresses.
9ARP TableCitrix SD-WANSD-WAN ApplianceCitrix SDWANCaptures ARP cache entries from Citrix SD-WAN appliances at branch, hub, and data center sites. Maps IP-to-MAC resolutions for WAN overlay and LAN-side interfaces, enabling underlay/overlay path correlation. Supports connectivity diagnostics across Citrix SD-WAN deployments, including validation of gateway ARP state on both WAN transport and LAN access links.
10ARP TableExtreme NetworksCloud-Managed Switch / APExtremeCloud IQCollects ARP bindings from Extreme Networks switches and access points managed via ExtremeCloud IQ cloud controller. Resolves IP-to-MAC for connected endpoints across campus and branch sites. Supports client tracking, network path visualization, and connectivity troubleshooting in Extreme-managed environments, with visibility into VLAN-specific ARP tables across managed switch fabric.
11ARP TableFortinetFortinet Management PlatformFortiManagerCollects ARP cache entries from FortiGate devices managed through FortiManager. Provides IP-to-MAC mapping for interfaces and adjacent network devices across distributed enterprise deployments. Supports policy correlation, endpoint tracking, and path verification in Fortinet-managed security and routing environments. Useful for validating adjacency in VDOM-segmented FortiGate deployments.
12ARP TableFortinetNGFW / UTM ApplianceFortinetFortiGateCaptures ARP entries directly from FortiGate firewalls via CLI or API. Maps IP addresses to MAC addresses for directly connected hosts and adjacent routers on all FortiGate interfaces and VDOMs. Enables hop-by-hop path tracing, validates next-hop adjacency for routing, and correlates security events with physical endpoints. Essential for troubleshooting firewall connectivity in perimeter and internal segmentation deployments.
13ARP TablePalo Alto NetworksNext-Gen FirewallPalo Alto PanoramaCollects ARP cache data from Palo Alto Networks firewalls managed by Panorama. Captures IP-to-MAC mappings at firewall data-plane interfaces across distributed deployments. Used for path verification, endpoint identification, and correlating security policy enforcement with physical network topology. Supports virtual system (vsys) aware endpoint tracking in multi-tenant Palo Alto deployments.
14ARP TableIvanti Pulse SecureVPN / Zero-Trust GatewayPulseSecure APICollects ARP bindings from Pulse Connect Secure (VPN gateway) and Pulse Policy Secure appliances. Maps IP-to-MAC for VPN tunnel endpoints and internal network interfaces, enabling visibility into remote access connectivity. Validates L2 reachability for VPN-connected clients and supports path analysis through Pulse VPN gateway architectures.
15ARP TableVMware VeloCloudSD-WAN EdgeVeloCloud SD-WANCaptures ARP cache entries from VeloCloud Edge devices at branch and data center sites. Resolves IP-to-MAC for LAN, WAN, and overlay interfaces, supporting overlay path analytics, underlay verification, and endpoint reachability analysis. Used to validate gateway ARP state for both internet and MPLS underlay links, as well as LAN-side default gateway resolution.
16ARP TableVersa NetworksSD-WAN / Multi-Tenant NFVVersa SD-WANCollects ARP entries from Versa FlexVNF appliances at branch and hub sites. Maps IP-to-MAC for tenant VRF interfaces and physical underlay connections. Used for SD-WAN path analysis, validating adjacency for application-aware routing, and diagnosing connectivity in multi-tenant Versa deployments, including per-VRF ARP isolation and underlay peer validation.
17ARP TableCisco ViptelaCisco SD-WAN EdgeViptela SD-WANCaptures ARP bindings from vEdge and cEdge routers in the Cisco SD-WAN fabric. Maps IP-to-MAC for service-side (LAN) and transport-side (WAN) interfaces, enabling full path visualization from site to site. Validates OMP overlay routes with physical L2 adjacency and supports per-color transport link ARP verification in Cisco SD-WAN environments.
18ARP TableVMwareVirtual Network (NSX-T)VMware NSX-TReflects ARP suppression entries and learned ARP bindings from the NSX-T distributed data plane. NSX-T uses ARP proxy and suppression to reduce broadcast flooding in overlay segments. Maps IP-to-MAC for virtual machines and containers attached to NSX-T logical segments, providing full east-west visibility into endpoint IP-MAC bindings across the NSX-T transport zone.
19AWS ELB Listener TableAmazon Web ServicesPublic Cloud (AWS)Amazon AWSCaptures configuration of listeners on Elastic Load Balancers (ALB, NLB, CLB) via the AWS API. Each listener defines a port/protocol combination and associated routing rules for inbound traffic. Used to analyze load balancer traffic entry points, validate protocol handling, and model traffic paths from clients to backend targets. Includes HTTPS listener SSL policy and certificate associations.
20AWS ELB Target Group TableAmazon Web ServicesPublic Cloud (AWS)Amazon AWSCollects target group configurations including registered targets (EC2, IP, Lambda), health check settings, and load balancing algorithms from AWS ELB. Models the backend server pool for each listener rule, enabling analysis of traffic distribution across application tiers and validation of health-based routing decisions. Captures deregistration delay and stickiness policy settings.
21AWS Endpoint Service TableAmazon Web ServicesPublic Cloud (AWS)Amazon AWSReflects PrivateLink endpoint service configurations created by service providers in AWS. Includes service names, availability zones, and acceptance settings for private connectivity. Models secure, private service consumption across VPCs without internet exposure, supporting PrivateLink topology analysis and validation of service endpoint visibility across VPC boundaries.
22AWS ENI Interface TableAmazon Web ServicesPublic Cloud (AWS)Amazon AWSCaptures all ENI (Elastic Network Interface) configurations across AWS accounts and regions. Each ENI represents a virtual NIC attached to EC2 instances, Lambda functions, or managed services. Includes IP addresses, MAC, security groups, and attachment details, providing the foundational layer for modeling AWS network paths and interface-level security group enforcement.
23AWS Firewall Policy TableAmazon Web ServicesPublic Cloud (AWS)Amazon AWSCollects AWS Network Firewall policy configurations, including stateless and stateful rule group associations, default actions, and logging settings. Provides visibility into centralized firewall enforcement points within VPCs, enabling analysis of allowed and denied traffic flows across the AWS network topology. Supports compliance validation for centralized firewall architectures.
24AWS Firewall Stateful Rule TableAmazon Web ServicesPublic Cloud (AWS)Amazon AWSCaptures stateful inspection rules within AWS Network Firewall rule groups. These rules define protocol, source/destination criteria, and actions for connection-tracked traffic. Enables deep inspection of allowed application-layer flows and supports compliance validation of east-west and north-south traffic policies. Includes Suricata-compatible rule strings for IDS/IPS-mode stateful inspection.
25AWS Firewall Stateless Rule TableAmazon Web ServicesPublic Cloud (AWS)Amazon AWSCollects stateless (packet-level) rules from AWS Network Firewall rule groups. These rules match on packet headers without connection tracking and define priority-ordered permit/deny actions. Used to model first-pass filtering of traffic before stateful inspection, analyzing basic ACL behavior and identifying default action handling in AWS firewall deployments.
26AWS NAT TableAmazon Web ServicesPublic Cloud (AWS)Amazon AWSCaptures NAT Gateway configurations including elastic IP associations, subnet placement, and connectivity state. NAT Gateways provide scalable outbound internet access for private subnet resources. Models outbound path translation in AWS, enabling analysis of egress routing for private workloads, validating NAT gateway availability zone coverage, and monitoring NAT bandwidth utilization.
27AWS Network ACL TableAmazon Web ServicesPublic Cloud (AWS)Amazon AWSCollects subnet-level access control list configurations with numbered inbound and outbound rules. Unlike security groups, NACLs are stateless and evaluate all traffic independently. Used to model subnet boundary policies, identify conflicting or overly permissive rules, and validate subnet-level traffic filtering. Supports compliance audits for defense-in-depth network segmentation in AWS VPCs.
28AWS Palo Alto Cloud NGFW FQDN TableAmazon Web ServicesPublic Cloud (AWS)Amazon AWSCaptures FQDN-based allow/deny list entries configured in Palo Alto Cloud NGFW deployments on AWS. These entries enable DNS-based policy enforcement for outbound traffic. Supports analysis of application-aware security policies that use domain names rather than static IP addresses, enabling dynamic policy scoping for SaaS and cloud service access.
29AWS Palo Alto Cloud NGFW Global Post Rules TableAmazon Web ServicesPublic Cloud (AWS)Amazon AWSReflects post-rulestack global security policies applied after local rules in Palo Alto Cloud NGFW on AWS. These rules enforce organization-wide security baselines and cleanup policies. Models the final enforcement layer in the Palo Alto policy evaluation chain for AWS traffic, ensuring consistent enterprise-wide security posture after tenant-specific rules are evaluated.
30AWS Palo Alto Cloud NGFW Global Pre Rules TableAmazon Web ServicesPublic Cloud (AWS)Amazon AWSCaptures pre-rulestack global policies evaluated before local rulestacks in Palo Alto Cloud NGFW on AWS. These rules enforce enterprise-wide security mandates that override local configurations. Models top-of-policy enforcement in distributed Palo Alto NGFW deployments on AWS, ensuring centrally managed policies take precedence over delegated local rulestack configurations.
31AWS Palo Alto Cloud NGFW Local Rulestack TableAmazon Web ServicesPublic Cloud (AWS)Amazon AWSCollects the full local rulestack configuration for Palo Alto Cloud NGFW instances deployed in AWS, including security rules, NAT rules, and associated objects for tenant-specific policy. Enables per-deployment policy analysis and validation of application-layer security. Supports compliance checks and shadow rule detection within individual AWS deployment rulestacks.
32AWS Palo Alto Cloud NGFW Prefix List TableAmazon Web ServicesPublic Cloud (AWS)Amazon AWSCaptures named prefix lists used as address objects within Palo Alto Cloud NGFW rule definitions on AWS. Prefix lists group IP ranges for reuse across multiple rules. Supports analysis of address-based policy objects and validates CIDR coverage in NGFW security policies, enabling audits of IP range scoping in cloud firewall configurations.
33AWS Route Dependency TableAmazon Web ServicesPublic Cloud (AWS)Amazon AWSModels routing dependencies between AWS constructs including VPCs, subnets, Transit Gateways, and VPN connections. Captures how route tables reference attachments and propagation sources, enabling end-to-end path analysis across complex multi-VPC architectures. Identifies potential routing loops, black-hole conditions, and missing propagation configurations in AWS network topologies.
34AWS Security Group TableAmazon Web ServicesPublic Cloud (AWS)Amazon AWSCollects all security group configurations including inbound and outbound rules across AWS accounts and VPCs. Security groups act as stateful virtual firewalls for EC2 and other resources. Enables modeling of micro-segmentation policies, analysis of overly permissive rules (0.0.0.0/0), and validation of east-west traffic controls. Supports compliance audits and least-privilege analysis in AWS environments.
35AWS Transit Gateway Attachments TableAmazon Web ServicesPublic Cloud (AWS)Amazon AWSCaptures all attachments to AWS Transit Gateways including VPC attachments, VPN connections, Direct Connect gateways, and peering connections. Models the hub topology of inter-VPC and hybrid connectivity. Enables analysis of TGW routing domains, ECMP configurations, and traffic flow paths across AWS regions and accounts in hub-and-spoke architectures.
36AWS Transit Gateway Route TableAmazon Web ServicesPublic Cloud (AWS)Amazon AWSCollects routing entries within TGW route domains, including static and propagated routes for each attachment. Central to modeling multi-VPC routing in AWS hub-and-spoke architectures, enabling full path analysis from source VPC through TGW to destination VPC or on-premises network. Supports analysis of route domain segmentation and blackhole route insertion.
37AWS Virtual Route TableAmazon Web ServicesPublic Cloud (AWS)Amazon AWSRepresents the effective routing view of AWS networking, combining VPC route tables, Transit Gateway routes, and VPN/Direct Connect propagated routes into a unified forwarding model. Used to calculate actual packet forwarding paths across AWS networks, including longest prefix matching and routing priority evaluation across all route sources.
38AWS VPC Peering TableAmazon Web ServicesPublic Cloud (AWS)Amazon AWSCaptures all VPC peering connection configurations, including requester and accepter VPC details, CIDR ranges, and connection status. Models peer-to-peer connectivity, detects overlapping CIDR issues, and validates route propagation for peered network paths. Includes cross-account and cross-region peering visibility, supporting full topology analysis of AWS VPC mesh architectures.
39AWS VPC Route TableAmazon Web ServicesPublic Cloud (AWS)Amazon AWSCollects the actual route table entries associated with each subnet in a VPC, including local routes, internet gateway routes, NAT gateway routes, and VPN/TGW propagated routes. Primary forwarding table for packet-level path analysis within AWS VPCs. Determines next-hop for all traffic leaving a subnet and is foundational for AWS network path computation.
40Azure AppGW Backend Pools TableMicrosoftPublic Cloud (Azure)Microsoft AzureCaptures the set of backend targets (VMs, IP addresses, FQDNs, or App Service endpoints) registered in each Application Gateway backend pool. Backend pools define the server groups to which Application Gateway routes application traffic. Models application tier composition and validates load balancing topology, including mixed backend types across different Azure services.
41Azure AppGW Http Setting TableMicrosoftPublic Cloud (Azure)Microsoft AzureCollects Application Gateway HTTP settings including backend port, protocol, cookie-based affinity, connection drain, and custom health probe associations. Defines how traffic is forwarded to backend pools. Used to analyze backend protocol handling and session persistence configuration, including HTTPS re-encryption settings for end-to-end SSL in Azure Application Gateway deployments.
42Azure AppGW Listener TableMicrosoftPublic Cloud (Azure)Microsoft AzureCaptures listener configurations on Azure Application Gateway including frontend IP, port, protocol (HTTP/HTTPS), and SSL certificate associations. Listeners define inbound traffic entry points for the gateway. Models the front-end exposure of applications and SSL termination policy for inbound application traffic, including multi-site hosting via host header matching.
43Azure AppGW Rule TableMicrosoftPublic Cloud (Azure)Microsoft AzureCollects routing rules that bind listeners to backend pools via HTTP settings in Azure Application Gateway. Rules can be basic (one-to-one) or path-based (URL routing). Models application traffic routing logic, enabling analysis of how inbound requests are distributed across backend application tiers based on URL path patterns.
44Azure AppGW Translation TableMicrosoftPublic Cloud (Azure)Microsoft AzureCaptures URL rewrite rules and redirect configurations applied by Azure Application Gateway. These rules modify request/response headers or redirect traffic based on conditions. Enables visibility into application-layer traffic transformation within Azure gateway deployments, including header insertion, URL rewriting, and HTTP-to-HTTPS redirects.
45Azure Cloud NGFW PAN Additional Prefixes To Private Traffic Range TableMicrosoftPublic Cloud (Azure)Microsoft AzureCaptures additional custom private IP prefixes configured in Palo Alto Cloud NGFW deployments on Azure. Extends the default RFC 1918 private traffic classification for policy enforcement purposes. Used to model custom traffic categories in hybrid or multi-cloud environments where non-standard private ranges are used for Azure workloads.
46Azure Cloud NGFW PAN Destination Network Address Translation TableMicrosoftPublic Cloud (Azure)Microsoft AzureCaptures destination NAT rules configured in Palo Alto Cloud NGFW on Azure. DNAT rules translate inbound public IP addresses to private backend servers. Models inbound traffic flows through NAT, enabling analysis of service exposure and inbound traffic path in Azure-hosted Palo Alto firewall deployments with public-to-private IP translation.
47Azure Cloud NGFW PAN Local Rulestack Certificates TableMicrosoftPublic Cloud (Azure)Microsoft AzureCaptures SSL/TLS certificates associated with local rulestacks in Palo Alto Cloud NGFW on Azure. These certificates are used for SSL forward proxy and inbound inspection. Supports analysis of certificate-based security policies in cloud-native NGFW deployments, including certificate chain validation and expiry monitoring.
48Azure Cloud NGFW PAN Local Rulestack FQDN List TableMicrosoftPublic Cloud (Azure)Microsoft AzureCollects domain-based address objects used within Palo Alto Cloud NGFW local rulestacks on Azure. FQDN lists enable DNS-resolved dynamic policy matching. Models application-layer policy based on domain names rather than static IPs, supporting analysis of SaaS access controls and dynamic threat-feed-driven policy in Azure Palo Alto NGFW environments.
49Azure Cloud NGFW PAN Local Rulestack Prefix List TableMicrosoftPublic Cloud (Azure)Microsoft AzureCaptures named CIDR prefix lists used as address objects in Palo Alto NGFW local rulestacks on Azure. Prefix lists simplify policy management by grouping IP ranges. Enables analysis of IP-based policy scoping within tenant-specific Palo Alto NGFW rule definitions and validates CIDR coverage across rule objects.
50Azure Cloud NGFW PAN Local Rulestack Rules TableMicrosoftPublic Cloud (Azure)Microsoft AzureCollects the complete security rule set within local rulestacks configured for Palo Alto Cloud NGFW on Azure. Rules define application, source, destination, and action for tenant traffic. Enables end-to-end policy analysis and compliance validation for Azure-deployed Palo Alto NGFW, including rule ordering, shadow detection, and application identification coverage.
51Azure Cloud NGFW PAN Private Source NAT TableMicrosoftPublic Cloud (Azure)Microsoft AzureCaptures private SNAT rules configured in Palo Alto Cloud NGFW on Azure. Translates source IPs for east-west or internal traffic flows without using public IPs. Supports analysis of internal NAT behavior and traffic path modeling within Azure private networks using Palo Alto NGFW as a centralized NAT and inspection point.
52Azure Cloud NGFW PAN Source Network Address Translation TableMicrosoftPublic Cloud (Azure)Microsoft AzureCaptures all source NAT rules in Palo Alto Cloud NGFW deployments on Azure, including both public and private translations. SNAT rules modify source IPs for outbound or inter-segment traffic. Models outbound traffic transformation and supports egress path analysis in Azure Palo Alto NGFW environments, validating IP identity for outbound flows.
53Azure Firewall Application Rule Collection TableMicrosoftPublic Cloud (Azure)Microsoft AzureCaptures FQDN and URL-based application rules within Azure Firewall rule collections. These rules enforce Layer 7 outbound access controls based on destination domain names and protocols. Enables analysis of application-aware egress filtering policies enforced by Azure Firewall, including threat intelligence-based FQDN blocking and web categories.
54Azure Firewall DNAT Rule Collection TableMicrosoftPublic Cloud (Azure)Microsoft AzureCollects destination NAT rules that translate inbound traffic from public IPs to private backend resources via Azure Firewall. DNAT rules expose services hosted behind Azure Firewall. Models inbound service access through the firewall and supports analysis of NAT-based service publishing across Azure Firewall standard and premium tiers.
55Azure Firewall Network Rule Collection TableMicrosoftPublic Cloud (Azure)Microsoft AzureCaptures Layer 3/4 network rules defining allowed or denied traffic by IP, port, and protocol across Azure Firewall policy. Network rules enforce connectivity between subnets, VNets, and external networks. Central to modeling east-west and north-south traffic policy in Azure hub-and-spoke architectures, including forced-tunneling and inter-spoke traffic inspection.
56Azure LoadBalancer Backend Pools TableMicrosoftPublic Cloud (Azure)Microsoft AzureCaptures the set of backend NICs or IP addresses registered in each Azure Load Balancer backend pool. Backend pools define the target servers for load-balanced traffic flows. Models application tier composition and validates backend health and connectivity for Azure internal and public load balancers, including NIC-based and IP-based backend configurations.
57Azure LoadBalancer Inbound NAT Rules TableMicrosoftPublic Cloud (Azure)Microsoft AzureCollects direct port-forwarding rules that map specific frontend IP/port combinations to individual backend VMs. Enables direct access to specific VMs without load balancing. Models point-to-point NAT paths and is commonly used for management access to backend instances, including RDP and SSH port forwarding through Azure Load Balancer.
58Azure LoadBalancer Load Balancing Rules TableMicrosoftPublic Cloud (Azure)Microsoft AzureCaptures rules that distribute inbound traffic across backend pool members based on a hash algorithm. Each rule defines frontend IP/port, backend pool, health probe, and session persistence settings. Models the traffic distribution logic for Azure load-balanced application workloads, including HA ports configuration for NVA deployments.
59Azure LoadBalancer Outbound Rules TableMicrosoftPublic Cloud (Azure)Microsoft AzureCaptures outbound SNAT rules defining how backend pool members reach the internet using frontend IP addresses. Manages outbound port allocation and IP assignment for private instances requiring internet egress. Models outbound path translation in Azure network topologies, including SNAT port exhaustion risk analysis for high-connection workloads.
60Azure MSEE ARP TableMicrosoftPublic Cloud (Azure)Microsoft AzureCaptures ARP bindings at the Azure ExpressRoute edge routers (MSEE), reflecting IP-to-MAC resolution for ExpressRoute private and Microsoft peering connections. Critical for validating Layer 2 adjacency between on-premises CE routers and Azure MSEE, essential for ExpressRoute path analysis and BGP session establishment troubleshooting.
61Azure MSEE Route Summary TableMicrosoftPublic Cloud (Azure)Microsoft AzureProvides an aggregated view of routes exchanged via BGP on ExpressRoute circuits, summarizing prefixes received from and advertised to on-premises networks. Enables quick assessment of route exchange health across ExpressRoute peerings and validates routing coverage in hybrid Azure/on-premises deployments, including ECMP path availability.
62Azure MSEE Route TableMicrosoftPublic Cloud (Azure)Microsoft AzureCaptures the detailed BGP routing table at the Azure ExpressRoute edge, including all prefixes received from and sent to on-premises peers. Enables full path analysis for hybrid connectivity, route origin validation, AS path inspection, and detection of route leaks or prefix conflicts in ExpressRoute environments with multiple peerings.
63Azure NATGW NAT TableMicrosoftPublic Cloud (Azure)Microsoft AzureCaptures the translation state and IP pool configuration for Azure NAT Gateway deployments. Provides scalable outbound internet access for private subnet resources with deterministic IP assignment. Models outbound path translation, SNAT port allocation, and egress IP identity for Azure private workloads, including SNAT port utilization monitoring.
64Azure Private Endpoints TableMicrosoftPublic Cloud (Azure)Microsoft AzureCaptures all private endpoint configurations, mapping Azure PaaS services (Storage, SQL, Key Vault, etc.) to private IP addresses within VNets. Private endpoints eliminate public exposure of Azure services. Models private service access paths, enabling topology analysis of PrivateLink-based connectivity within Azure and validating DNS resolution for private endpoint FQDNs.
65Azure Route Server BGP Advertised Route TableMicrosoftPublic Cloud (Azure)Microsoft AzureCaptures routes that Azure Route Server advertises to connected NVA BGP peers. Route Server acts as a BGP route reflector in Azure. Models what routing information Azure is propagating to NVAs, essential for validating dynamic route exchange in NVA-based hub architectures and detecting prefix coverage gaps in advertised routes.
66Azure Route Server BGP Learned Route TableMicrosoftPublic Cloud (Azure)Microsoft AzureCollects routes received by Azure Route Server from NVA BGP peers. These learned routes are programmed into VNet route tables, enabling NVA-injected routes to influence Azure packet forwarding. Critical for validating NVA-driven routing in Azure hub-and-spoke and Virtual WAN architectures with third-party NVA route injection.
67Azure Route Server BGP Peers TableMicrosoftPublic Cloud (Azure)Microsoft AzureCaptures BGP peer configurations associated with Azure Route Server, including NVA peer IP addresses, ASN, and session state. Provides visibility into the BGP peering fabric between Azure Route Server and NVA devices, enabling session health monitoring and routing adjacency validation for NVA-based SD-WAN and firewall deployments.
68Azure VHub Effective Route TableMicrosoftPublic Cloud (Azure)Microsoft AzureCaptures the computed routing table as applied to connected spokes and gateways from a Virtual WAN hub. Includes routes from all sources: static, propagated, and BGP-learned. Used for end-to-end path analysis across Azure Virtual WAN topologies, validating actual packet-forwarding behavior and identifying routing conflicts in Virtual WAN hub configurations.
69Azure VHub Route TableMicrosoftPublic Cloud (Azure)Microsoft AzureCaptures the configured route tables within Azure Virtual WAN hubs, including static routes and propagation settings for connected VNets and branches. Route tables define routing policy applied to traffic flowing through the Virtual WAN hub, enabling analysis of hub-based routing segmentation and traffic steering for east-west and branch traffic.
70Azure VNet Network Security Groups TableMicrosoftPublic Cloud (Azure)Microsoft AzureCaptures NSG rule configurations for all NSGs in a VNet, including inbound and outbound rules with priority, protocol, port, and source/destination definitions. NSGs provide subnet and NIC-level stateless packet filtering. Models micro-segmentation and network access control in Azure environments, supporting rule priority conflict analysis and compliance audits.
71Azure VNet Peering TableMicrosoftPublic Cloud (Azure)Microsoft AzureCaptures all VNet-to-VNet peering configurations, including peered VNet IDs, address spaces, and settings like gateway transit and use of remote gateways. Models peer-to-peer connectivity and validates routing reachability across peered networks. Includes cross-subscription and cross-region peering visibility for full Azure network topology analysis.
72Azure VNet Route TableMicrosoftPublic Cloud (Azure)Microsoft AzureCaptures user-defined route (UDR) configurations applied to subnets within Azure VNets. UDRs override default Azure routing to steer traffic through NVAs, firewalls, or custom next-hops. Primary basis for modeling traffic steering policy in Azure network topologies, including forced tunneling and internet breakout configurations.
73Azure VNG BGP Advertised Route TableMicrosoftPublic Cloud (Azure)Microsoft AzureCaptures routes that Azure Virtual Network Gateway advertises to on-premises or peer BGP neighbors via VPN or ExpressRoute. Provides visibility into what Azure is announcing to connected networks, enabling validation of route distribution and detection of misconfigured or missing prefixes in hybrid connectivity scenarios.
74Azure VNG BGP Learned Route TableMicrosoftPublic Cloud (Azure)Microsoft AzureCollects routes received by Azure VPN/ExpressRoute Gateway from BGP peers. Represents on-premises or peer network prefixes being imported into Azure. Enables analysis of hybrid routing, validation of prefix advertisement from on-premises, and detection of routing convergence issues in Azure VPN and ExpressRoute deployments.
75Azure VNG BGP Peering TableMicrosoftPublic Cloud (Azure)Microsoft AzureCaptures BGP peering session details for Azure Virtual Network Gateway, including peer IP, ASN, and session state for VPN and ExpressRoute connections. Provides visibility into the BGP control plane for hybrid Azure connectivity, enabling adjacency health monitoring and BGP session validation for both active/active and active/standby gateway configurations.
76Azure VNIC Effective Route TableMicrosoftPublic Cloud (Azure)Microsoft AzureCaptures the computed forwarding table applied to a specific virtual NIC, combining system routes, UDRs, BGP-learned routes, and NSG-filtered paths. Represents the actual routing behavior for a VM's network interface. Essential for per-VM path analysis and troubleshooting connectivity issues, providing the ground truth forwarding view for individual Azure VM instances.
77Azure VPN GW BGP Advertised Route TableMicrosoftPublic Cloud (Azure)Microsoft AzureCaptures routes being advertised by the Azure VPN Gateway to on-premises VPN peers via BGP. Provides visibility into Azure-side route distribution for site-to-site VPN connections, enabling validation of prefix coverage and detection of missing or incorrect route advertisements in Azure S2S VPN deployments.
78Azure VPN GW BGP Learned Route TableMicrosoftPublic Cloud (Azure)Microsoft AzureCollects on-premises prefixes received by the Azure VPN Gateway from BGP-enabled VPN peers. Represents the on-premises network visibility within Azure. Supports hybrid path analysis and validation of on-premises route propagation into the Azure routing fabric, including detection of missing prefixes from on-premises BGP neighbors.
79BGP Advertised Route TableAruba NetworksSD-WAN / WAN EdgeAruba OrchestratorCaptures BGP prefixes advertised by Aruba branch and WAN edge devices to their BGP peers via Aruba Orchestrator. Provides visibility into routing information distributed by Aruba-managed devices, enabling validation of route propagation in hybrid WAN and campus environments and verifying that expected prefixes are being announced.
80BGP Advertised Route TableCheck PointNext-Gen FirewallCheckPoint R80 APICaptures BGP prefixes advertised by Check Point Security Gateways to their routing peers. Check Point gateways can participate in BGP for dynamic routing in perimeter and internal segmentation deployments. Enables analysis of route distribution from firewall cluster nodes and validates BGP policy for prefix filtering.
81BGP Advertised Route TableGoogle Cloud PlatformPublic Cloud (GCP)Google CloudCaptures routes advertised by Google Cloud Routers to connected peers via BGP, including on-premises networks via Cloud Interconnect or Cloud VPN. Models Google's contribution to hybrid routing, enabling validation of prefix advertisement from GCP into on-premises or multi-cloud environments and detecting route origin issues.
82BGP Advertised Route TableMicrosoftPublic Cloud (Azure)Microsoft AzureCaptures all routes advertised by Azure routing components (VPN Gateway, ExpressRoute Gateway, Route Server) to BGP peers. Provides a unified view of Azure-originated route advertisements into hybrid and multi-cloud topologies, enabling route coverage analysis and detection of missing or conflicting prefix advertisements.
83BGP Route TableCisco MerakiCloud-Managed NetworkCisco MerakiCaptures BGP routing entries on Meraki MX appliances configured with BGP peering. Meraki MX supports BGP for site-to-site routing with SD-WAN overlays or upstream routers. Enables analysis of dynamic routing behavior in cloud-managed branch deployments, including BGP next-hop validation and prefix acceptance from upstream ISP or MPLS providers.
84Contract TableCiscoSDN Fabric (ACI)Cisco ACICaptures inter-EPG communication contracts defining allowed traffic flows between endpoint groups. ACI contracts are the primary access control mechanism, replacing traditional ACLs with policy-based segmentation. Enables analysis of whitelist-based connectivity policies, security group permissions, and east-west traffic authorization in ACI fabrics, including provider/consumer contract relationships.
85Control Connections TableCisco ViptelaCisco SD-WAN EdgeViptela SD-WANCaptures the state of DTLS/TLS control plane sessions between vEdge/cEdge routers and SD-WAN controllers (vSmart, vBond, vManage). Reflects the operational health of SD-WAN fabric orchestration. Essential for verifying control plane connectivity and diagnosing SD-WAN fabric issues, including detecting controller connectivity failures and certificate validation problems.
86COOP Endpoint TableCiscoSDN Fabric (ACI)Cisco ACICaptures endpoint records distributed by the Council of Oracle Protocol (COOP) from leaf nodes to spine nodes. COOP synchronizes endpoint location information (IP-to-MAC-to-port mapping) across the ACI fabric's spine proxy. Used for fabric-wide endpoint tracking and overlay forwarding path analysis, validating that endpoints are correctly registered in the spine proxy database.
87Endpoint TableBig Switch NetworksSDN Fabric ControllerBig SwitchCaptures registered endpoints within the Big Cloud Fabric, including VMs and physical hosts connected to virtual or physical leaf switches. Maps endpoint identities (IP, MAC) to fabric attachment points (switch, port, VLAN). Used for endpoint location tracking and traffic path computation in BCF environments across multi-tenant overlay networks.
88Enterprise Route TableVMware VeloCloudSD-WAN EdgeVeloCloud SD-WANCaptures routes aggregated at the enterprise level across all VeloCloud Edge deployments, including LAN prefixes, overlay routes, and BGP-learned routes. Represents the full routing view within a VeloCloud SD-WAN organization, enabling path analysis from any site to any destination including MPLS, internet, and overlay paths.
89EPG Contract TableCiscoSDN Fabric (ACI)Cisco ACICaptures the association between Endpoint Groups and their consumed or provided contracts within the ACI policy model. Maps which EPGs communicate via which contracts, enabling analysis of allowed communication paths between application tiers. Validates segmentation policy in ACI multi-tier deployments and identifies unauthorized or missing contract relationships.
90External EPG Mapping TableCiscoSDN Fabric (ACI)Cisco ACICaptures External Bridge Domain and External Routed Network EPG configurations, mapping external IP subnets to ACI policy domains. External EPGs define how traffic from outside the fabric is classified into policy constructs. Enables path analysis for north-south traffic between external networks and ACI workloads, validating L3Out configuration and prefix classification.
91FHRP TableCisco ViptelaCisco SD-WAN EdgeViptela SD-WANCaptures First Hop Redundancy Protocol (HSRP/VRRP) state on Cisco SD-WAN WAN edges at branch sites. Reflects active/standby gateway state for LAN-side hosts. Enables analysis of gateway failover behavior and validates redundant default gateway configuration, including tracking active vs. standby WAN edge roles for LAN-connected clients.
92Filter TableCiscoSDN Fabric (ACI)Cisco ACICaptures filter entries defining the Layer 4 match criteria (protocol, source/destination port) used within ACI contracts. Filters are the atomic building blocks of ACI security policy. Enables detailed analysis of what traffic is permitted or denied by ACI contracts, supporting policy audit and compliance validation for east-west micro-segmentation in ACI.
93Global Endpoint TableCiscoSDN Fabric (ACI)Cisco ACIReflects the fabric-wide endpoint database maintained by spine nodes, aggregating all known endpoints with their IP, MAC, EPG, and physical attachment information. Provides a unified view of all active endpoints across the ACI fabric, enabling full-fabric path computation, endpoint lifecycle tracking, and detection of duplicate IP or MAC entries in the ACI endpoint database.
94Google Cloud NAT Mapping TableGoogle Cloud PlatformPublic Cloud (GCP)Google CloudCaptures active Cloud NAT translation entries for Google Cloud Router-associated NAT gateways. Maps internal VM source IPs and ports to external NAT IP and port allocations. Supports analysis of outbound connectivity paths for private Google Cloud VMs and validates SNAT port pool utilization and NAT gateway capacity planning.
95Google Cloud Router BGP Sessions TableGoogle Cloud PlatformPublic Cloud (GCP)Google CloudCaptures BGP peering session state for Cloud Routers, including peer IP, ASN, and session status for Cloud Interconnect and Cloud VPN connections. Provides visibility into the BGP control plane for Google's hybrid connectivity solutions, enabling adjacency health monitoring and session diagnostics for multi-path hybrid routing.
96Google Cloud Router VLAN Attachment TableGoogle Cloud PlatformPublic Cloud (GCP)Google CloudCaptures VLAN attachment configurations for Cloud Interconnect circuits in Google Cloud. VLAN attachments define the Layer 2 connection between Google's network and customer on-premises equipment. Models the physical and logical attachment topology for dedicated and partner interconnect deployments, including bandwidth allocation and pairing key associations.
97Google Cloud VPN Tunnels TableGoogle Cloud PlatformPublic Cloud (GCP)Google CloudCaptures VPN tunnel configurations for Classic and HA VPN gateways in Google Cloud. Includes local/remote gateway IPs, IKE configurations, traffic selectors, and tunnel status. Models site-to-site VPN connectivity between Google Cloud and on-premises or multi-cloud environments, including HA VPN redundancy and dynamic routing via BGP.
98Google Dedicated Interconnect Physical Connections TableGoogle Cloud PlatformPublic Cloud (GCP)Google CloudCaptures the physical port and facility details for dedicated interconnect circuits between Google's colocation facilities and customer networks. Reflects circuit capacity, connection state, and assigned ports. Models the physical underlay of hybrid connectivity for large-scale Google Cloud deployments requiring dedicated bandwidth.
99Google Dedicated Interconnect VLAN Attachment TableGoogle Cloud PlatformPublic Cloud (GCP)Google CloudCaptures VLAN-level logical connections for dedicated interconnect circuits, including VLAN IDs, bandwidth allocations, and associated Cloud Router configurations. Models the Layer 2-to-3 boundary for dedicated interconnect, enabling analysis of VLAN segmentation and routing policy for hybrid paths requiring dedicated private connectivity.
100Google Firewall Policies TableGoogle Cloud PlatformPublic Cloud (GCP)Google CloudCaptures hierarchical firewall policy configurations applied at the organization, folder, or VPC level in Google Cloud. Firewall policies allow centralized management of network access controls across multiple projects. Enables analysis of inherited and delegated firewall rules across Google Cloud's resource hierarchy, supporting enterprise-wide security governance.
101Google Firewall Rules TableGoogle Cloud PlatformPublic Cloud (GCP)Google CloudCollects all VPC firewall rules configured in Google Cloud projects, including ingress and egress rules with source/destination tags, service accounts, and CIDR-based matching. Google Cloud firewall rules are stateful and applied at the VM instance level. Models east-west and north-south access controls for GCP workloads, supporting micro-segmentation analysis.
102Google Load Balancer Backend TableGoogle Cloud PlatformPublic Cloud (GCP)Google CloudCaptures backend service and instance group configurations for Google Cloud load balancers. Includes backend VM groups, health check associations, capacity settings, and balancing modes. Models the server pool composition for GCP load balancers and validates backend health and traffic distribution, including managed instance group auto-scaling integration.
103Google Load Balancer Forwarding Rules TableGoogle Cloud PlatformPublic Cloud (GCP)Google CloudCaptures forwarding rule configurations that define the frontend IP, port, and protocol for Google Cloud load balancers. Forwarding rules are the entry points for load-balanced traffic. Models the traffic entry topology for GCP applications and maps frontend IPs to backend services across global and regional load balancer types.
104Google Load Balancer Host and Path Rules TableGoogle Cloud PlatformPublic Cloud (GCP)Google CloudCaptures URL map configurations defining host-based and path-based routing for Google Cloud HTTP(S) load balancers. These rules direct traffic to different backend services based on URL patterns. Enables analysis of application traffic routing logic in GCP Layer 7 load balancing deployments, supporting multi-service routing and traffic splitting.
105Google Partner Interconnect Physical Connections TableGoogle Cloud PlatformPublic Cloud (GCP)Google CloudCaptures physical connectivity details for partner interconnect circuits, reflecting the service provider's connection to Google's network. Models the physical underlay of partner-mediated hybrid connectivity without requiring customer colocation at Google facilities. Includes partner service provider, bandwidth, and connection state.
106Google Partner Interconnect VLAN Attachment TableGoogle Cloud PlatformPublic Cloud (GCP)Google CloudCaptures VLAN attachment configurations for partner interconnect circuits, including VLAN IDs, bandwidth tiers, and pairing keys. Models the Layer 2 logical connections through a partner provider to Google Cloud, enabling analysis of partner interconnect topology for hybrid path analysis and bandwidth management.
107Google VPC DNS TableGoogle Cloud PlatformPublic Cloud (GCP)Google CloudCaptures Cloud DNS zone and record configurations within Google Cloud VPCs, including private DNS zones, peering zones, and forwarding zones. DNS configuration directly influences service discovery and traffic routing. Enables analysis of DNS-based service resolution paths and validates DNS configuration for GCP workloads including private zone inheritance.
108Google VPC Endpoint Group TableGoogle Cloud PlatformPublic Cloud (GCP)Google CloudCaptures network endpoint group (NEG) configurations in Google Cloud, including GCE VM NEGs, serverless NEGs, Private Service Connect NEGs, and internet NEGs. NEGs are the flexible backend building blocks for GCP load balancers. Models heterogeneous backend topologies in GCP applications including containers, serverless, and hybrid targets.
109Google VPC Instance Group Members TableGoogle Cloud PlatformPublic Cloud (GCP)Google CloudCaptures individual VM instances within managed and unmanaged instance groups in Google Cloud. Maps VMs to their containing groups with health and status information. Enables analysis of compute group composition and validates instance availability for load-balanced applications, including auto-healing and auto-scaling state visibility.
110Google VPC Instance Group TableGoogle Cloud PlatformPublic Cloud (GCP)Google CloudCaptures managed and unmanaged instance group configurations in Google Cloud, including group size, template, and associated autoscaling policies. Instance groups are the primary compute backend for GCP load balancers and managed deployments. Models compute cluster topology for application path analysis and capacity planning.
111Google VPC Peerings TableGoogle Cloud PlatformPublic Cloud (GCP)Google CloudCaptures VPC network peering configurations in Google Cloud, including peer network IDs, active state, and route exchange settings. Models peer-to-peer connectivity topology and validates route exchange for peered GCP networks. Supports analysis of transitive peering restrictions and custom route import/export policies in GCP VPC mesh architectures.
112Google VPC PSC Endpoints TableGoogle Cloud PlatformPublic Cloud (GCP)Google CloudCaptures Private Service Connect (PSC) endpoint configurations in Google Cloud VPCs, mapping private endpoints to Google-managed or partner services. PSC endpoints provide private access to services without internet exposure. Models private service access paths in GCP, analogous to AWS PrivateLink, supporting endpoint topology analysis.
113Google VPC Routes TableGoogle Cloud PlatformPublic Cloud (GCP)Google CloudCaptures all routes in Google Cloud VPC routing tables, including default routes, static routes, peering routes, and BGP-learned dynamic routes. Primary forwarding basis for GCP path analysis. Determines next-hop for traffic from any VM to any destination within or outside the VPC, including priority-based route selection and tag-based route scoping.
114Google VPC Subnets TableGoogle Cloud PlatformPublic Cloud (GCP)Google CloudCaptures subnet configurations within Google Cloud VPCs, including CIDR ranges, region, secondary IP ranges (for GKE), and Private Google Access settings. Defines the IP addressing and network segmentation within GCP. Foundational for path and addressing analysis, including alias IP range validation for container workloads.
115Handoff Assignments TableVMware VeloCloudSD-WAN EdgeVeloCloud SD-WANCaptures the configuration of how VeloCloud Gateways hand off traffic to MPLS or internet underlay networks, including BGP session parameters and route exchange with carrier networks. Models the WAN provider integration points in VeloCloud deployments, enabling analysis of gateway-to-carrier routing and underlay prefix exchange.
116Interface Group TableBig Switch NetworksSDN Fabric ControllerBig SwitchCaptures logical groupings of physical and virtual switch interfaces used for policy application within Big Cloud Fabric. Interface groups simplify policy attachment to multiple ports. Models the fabric's interface topology and is used to analyze how physical ports are organized for tenant workload connectivity and traffic policy enforcement.
117IPsec VPN TableCheck PointNext-Gen FirewallCheckPoint R80 APICaptures site-to-site VPN tunnel configurations and state from Check Point Security Gateways. Includes encryption domains, IKE phase settings, tunnel status, and SA lifetime information. Models VPN topology between Check Point gateways and remote peers, enabling path analysis for encrypted inter-site traffic and detection of mismatched tunnel configurations.
118IPsec VPN Table[Real-time]Aruba NetworksSD-WAN / WAN EdgeAruba OrchestratorCaptures live state of IPsec VPN tunnels managed by Aruba Orchestrator, including tunnel status, SA lifetimes, and traffic statistics. Real-time designation indicates dynamic polling from device state rather than configuration. Enables active monitoring of VPN health, session visibility, and rapid diagnosis of VPN connectivity failures in Aruba-managed WAN environments.
119IPsec VPN Table[Real-time]Cisco MerakiCloud-Managed NetworkCisco MerakiCaptures live IPsec tunnel state from Meraki MX appliances, including AutoVPN spoke-to-hub and third-party VPN tunnel status. Real-time data reflects current connectivity rather than configured intent. Enables monitoring of VPN fabric health across cloud-managed Meraki branch deployments, including per-site tunnel health in hub-spoke AutoVPN topologies.
120IPsec VPN Table[Real-time]VMware VeloCloudSD-WAN EdgeVeloCloud SD-WANCaptures live state of IPsec tunnels used for third-party VPN connections from VeloCloud Edges. Complements the SD-WAN overlay mesh with visibility into static IPsec peer connectivity. Real-time data enables active monitoring of hybrid VPN fabric health in VMware SD-WAN environments with third-party device integration.
121IPsec VPN Table[Real-time]Versa NetworksSD-WAN / Multi-Tenant NFVVersa SD-WANCaptures live IPsec tunnel state from Versa FlexVNF appliances, including phase 1/2 SA status and traffic counters for encrypted WAN links. Real-time collection reflects current operational state. Enables monitoring of Versa SD-WAN encrypted overlay tunnel health, including per-VRF tunnel status in multi-tenant Versa deployments.
122IPsec VPN Table[Real-time]Cisco ViptelaCisco SD-WAN EdgeViptela SD-WANCaptures live IPsec/GRE tunnel state from vEdge and cEdge routers, including BFD liveness and SA status for data plane tunnels in Cisco SD-WAN. Real-time collection reflects current fabric health. Enables per-tunnel granularity monitoring of Cisco SD-WAN encrypted overlay connectivity, including color-specific tunnel health.
123Kubernetes Ingress Rule TableKubernetes / CNCFContainer OrchestrationKubernetes ClusterCaptures Ingress resource rules from Kubernetes clusters, defining host-based and path-based HTTP/HTTPS routing to backend services. Ingress rules configure Layer 7 routing policy for external access to cluster workloads. Models application traffic entry paths into Kubernetes and is used for service reachability analysis across Ingress controller implementations.
124Kubernetes Ingress Virtual Route TableKubernetes / CNCFContainer OrchestrationKubernetes ClusterCaptures computed virtual routing entries derived from Ingress resources, reflecting how Ingress controllers translate Ingress rules into actual forwarding decisions. Provides the operational routing view for Kubernetes Ingress, enabling path analysis from external clients through the Ingress controller to backend pods and services.
125Kubernetes Node Port TableKubernetes / CNCFContainer OrchestrationKubernetes ClusterCaptures NodePort service configurations in Kubernetes clusters, including service port, node port allocation, and target pod port mappings. NodePort services expose cluster workloads on all node IPs at a static port. Models external access paths via node-level port forwarding and validates direct node access to services from external clients.
126Kubernetes Node Virtual Route TableKubernetes / CNCFContainer OrchestrationKubernetes ClusterCaptures per-node routing entries used for pod network connectivity, including pod CIDR assignments and CNI-managed routes. Reflects how pods on different nodes communicate across the cluster network fabric. Models the L3 routing topology within Kubernetes node networks for east-west path analysis, including CNI overlay and underlay routes.
127Kubernetes Service Backend TableKubernetes / CNCFContainer OrchestrationKubernetes ClusterCaptures the endpoint slices and backend pod IPs associated with each Kubernetes Service. Maps services to their current healthy pod backends based on label selectors and readiness state. Enables analysis of runtime service-to-pod binding, validating that traffic directed to a service reaches the correct application instances after pod scheduling changes.
128Kubernetes Service Virtual Route TableKubernetes / CNCFContainer OrchestrationKubernetes ClusterCaptures the virtual IP (ClusterIP) routing entries maintained by kube-proxy or eBPF-based CNI for Kubernetes Services. Reflects how ClusterIP traffic is DNAT'd to backend pod IPs. Models the service mesh routing layer within Kubernetes and enables path tracing from service VIP to actual pod endpoints across all nodes.
129Logical Router TableBig Switch NetworksSDN Fabric ControllerBig SwitchCaptures logical router configurations within Big Cloud Fabric, including tenant VRFs, routing protocols, and interface attachments. Big Switch logical routers provide L3 routing between tenant segments. Models the L3 topology of the BCF overlay and enables inter-segment path analysis within multi-tenant deployments, including tenant route isolation.
130MAC TableCiscoSDN Fabric (ACI)Cisco ACICaptures the L2 forwarding table entries from ACI leaf nodes, mapping MAC addresses to physical ports and EPG bindings. ACI builds this table through both data-plane learning and COOP distribution. Enables L2 path analysis within ACI bridge domains and validates physical endpoint attachment to the fabric, including VM MAC tracking across vPC ports.
131MAC TableCisco MerakiCloud-Managed NetworkCisco MerakiCaptures MAC address-to-port mappings from Meraki MS switches via the Dashboard API. Reflects L2 forwarding state for connected clients and devices. Enables endpoint location tracking, L2 path analysis, and troubleshooting of connectivity issues in Meraki-managed campus and branch deployments, including per-VLAN MAC table isolation.
132MAC TableCitrix / NetScalerADC Management PlatformCitrix ADMCaptures MAC address forwarding entries from Citrix ADC instances managed through Application Delivery Management. Maps MAC addresses to ADC interfaces, enabling L2 visibility around load balancer data paths. Supports troubleshooting of ARP and L2 forwarding issues in Citrix ADC-managed traffic paths, including VLAN-tagged interface MAC tables.
133MAC TableCitrix SD-WANSD-WAN ApplianceCitrix SDWANCaptures MAC address-to-interface mappings from Citrix SD-WAN appliances. Reflects L2 forwarding state for LAN-connected devices behind SD-WAN WAN edges. Enables endpoint location identification and L2 path analysis in Citrix SD-WAN branch network deployments, including per-VLAN interface MAC tracking.
134MAC TableFortinetFortinet Management PlatformFortiManagerCaptures MAC forwarding entries from FortiGate and FortiSwitch devices managed through FortiManager. Maps MAC addresses to physical interfaces and VLANs across Fortinet-managed network environments. Enables L2 path tracing and endpoint location tracking in Fortinet enterprise deployments, including per-VDOM and per-interface MAC table visibility.
135MAC TablePalo Alto NetworksNext-Gen FirewallPalo Alto PanoramaCaptures MAC address-to-interface mappings from Palo Alto Networks firewalls managed by Panorama. Reflects the L2 forwarding state seen by each firewall, enabling correlation of security events with physical endpoint locations. Supports L2 adjacency validation in Palo Alto-managed perimeter and segmentation environments.
136MAC TableCommScope RuckusWireless ControllerRuckus SmartZoneCaptures MAC address-to-AP-port associations for wireless clients connected to Ruckus access points managed by SmartZone. Maps wireless endpoint MAC addresses to their access point and SSID context. Enables wireless client location tracking and L2 path analysis in Ruckus-managed enterprise wireless deployments, including roaming client tracking.
137MAC TableVersa NetworksSD-WAN / Multi-Tenant NFVVersa SD-WANCaptures MAC address forwarding entries from Versa FlexVNF appliances at branch and hub sites. Maps MAC addresses to tenant VRF interfaces and physical underlay ports. Enables L2 endpoint tracking and path analysis at the LAN edge of Versa SD-WAN deployments, including per-tenant VRF L2 table isolation.
138MAC TableVMwareVirtual Network (NSX-T)VMware NSX-TCaptures MAC address bindings in the NSX-T overlay network, including virtual machine MAC addresses mapped to transport node host TEPs. NSX-T uses a distributed control plane to synchronize MAC learning. Models the L2 fabric of NSX-T logical segments and enables VM-to-VM path analysis with MAC-level forwarding visibility.
139MAC TableVMwareVirtualization PlatformVMware vCenterCaptures MAC address-to-virtual switch port mappings for VMs managed by vCenter. Maps VM MAC addresses to their virtual switch (vSwitch/dvSwitch), portgroup, and host context. Enables visibility into the virtual L2 network layer for vCenter-managed workloads, including MAC address conflict detection in virtual environments.
140NAT TableCheck PointNext-Gen FirewallCheckPoint R80 APICaptures static, dynamic, and hide NAT rule configurations from Check Point Security Gateways. NAT rules define address translation for traffic traversing the firewall. Models inbound and outbound NAT topology, enabling analysis of translated traffic paths and IP identity transformation through Check Point firewalls, including NAT rule priority and conflict analysis.
141NAT TableCitrix / NetScalerADC Management PlatformCitrix ADMCaptures NAT configuration from Citrix ADC instances, including LSNAT, SNAT, and VIP-based NAT rules managed through ADM. NAT is central to ADC load balancing and traffic management. Models address translation at the ADC layer and enables path analysis for translated application traffic flows, including RNAT and mapped IP configurations.
142NAT TableVMwareVirtual Network (NSX-T)VMware NSX-TCaptures NAT rules configured on NSX-T Tier-0 and Tier-1 logical routers, including SNAT, DNAT, reflexive NAT, and no-SNAT rules. NSX-T NAT provides micro-segmentation-aware address translation in the overlay. Models east-west and north-south NAT within NSX-T logical topologies, including per-gateway NAT rule isolation.
143NDP TableAruba NetworksCloud Wireless ControllerAruba CentralCaptures IPv6 Neighbor Discovery Protocol bindings from Aruba switches and APs managed via Aruba Central. NDP resolves IPv6 addresses to MAC addresses, analogous to ARP in IPv4. Enables IPv6 endpoint tracking and L2 adjacency validation in Aruba Central-managed IPv6-capable campus networks, including router advertisement tracking.
144NDP TableAruba NetworksSD-WAN / WAN EdgeAruba OrchestratorCaptures IPv6 NDP bindings from WAN edge devices managed by Aruba Orchestrator. Maps IPv6 addresses to MAC addresses for overlay and underlay interfaces. Enables IPv6 path analysis and adjacency verification in Aruba SD-WAN environments with IPv6 connectivity, including dual-stack interface NDP validation.
145NDP TableVMware AVI NetworksApplication Delivery ControllerAVICaptures IPv6 Neighbor Discovery entries from Avi Service Engines in AVI Networks (VMware Avi Load Balancer) deployments. Maps IPv6-to-MAC for virtual service endpoints and pool members. Enables IPv6 path validation and L2 adjacency analysis for IPv6-addressed application delivery infrastructure.
146NDP TableBig Switch NetworksSDN Fabric ControllerBig SwitchCaptures IPv6 NDP bindings learned by Big Cloud Fabric switches for tenant workloads using IPv6. Maps IPv6 addresses to MAC addresses across fabric leaf nodes. Enables IPv6 endpoint tracking and path analysis within BCF multi-tenant environments supporting dual-stack and IPv6-only workloads.
147NDP TableCiscoSDN Fabric (ACI)Cisco ACICaptures IPv6 Neighbor Discovery entries in the ACI fabric's endpoint database. ACI applies NDP suppression in bridge domains similar to ARP suppression, reducing IPv6 control plane floods. Maps IPv6 endpoints to physical attachment points and EPGs within the ACI overlay, supporting dual-stack endpoint tracking.
148NDP TableCisco MerakiCloud-Managed NetworkCisco MerakiCaptures IPv6 NDP cache entries from Meraki MX and MS devices via the Dashboard API. Maps IPv6-to-MAC for clients and adjacent devices. Enables IPv6 endpoint identification and adjacency verification in Meraki-managed cloud branch environments supporting IPv6 or dual-stack client connectivity.
149NDP TableExtreme NetworksCloud-Managed Switch / APExtremeCloud IQCaptures IPv6 NDP bindings from Extreme Networks switches and APs managed via ExtremeCloud IQ. Maps IPv6 addresses to MAC addresses for connected endpoints. Enables IPv6 client tracking and path analysis in Extreme-managed campus and branch network environments with IPv6 or dual-stack deployments.
150NDP TableFortinetFortinet Management PlatformFortiManagerCaptures IPv6 NDP cache entries from FortiGate devices managed through FortiManager. Maps IPv6-to-MAC for directly connected hosts and routing neighbors. Enables IPv6 adjacency validation and endpoint identification in Fortinet-managed IPv6 network environments, including per-VDOM NDP table visibility.
151NDP TableFortinetNGFW / UTM ApplianceFortinetFortiGateCaptures IPv6 NDP entries directly from FortiGate firewalls via CLI or API. Maps IPv6 addresses to MAC addresses for connected hosts and routing peers. Enables hop-by-hop IPv6 path analysis, validates IPv6 next-hop adjacency, and correlates IPv6 security events with physical endpoints across FortiGate interfaces.
152NDP TableJuniper NetworksAI-Driven WirelessJuniper Mist APICaptures IPv6 NDP bindings from Juniper switches and APs managed via the Mist cloud platform. Maps IPv6-to-MAC for connected wireless and wired endpoints. Enables IPv6 endpoint tracking and L2 adjacency analysis in Juniper Mist-managed enterprise campus deployments with AI-driven insight correlation.
153NDP TablePalo Alto NetworksNext-Gen FirewallPalo Alto PanoramaCaptures IPv6 NDP cache entries from Palo Alto firewalls managed by Panorama. Maps IPv6 addresses to MAC addresses at firewall interfaces. Enables IPv6 endpoint identification and adjacency verification for Palo Alto-managed security enforcement in IPv6-enabled network environments.
154NDP TableCommScope RuckusWireless ControllerRuckus SmartZoneCaptures IPv6 NDP bindings for wireless clients connected to Ruckus APs managed by SmartZone. Maps client IPv6 addresses to MAC and AP context. Enables wireless IPv6 endpoint tracking and validates IPv6 connectivity for clients in Ruckus SmartZone-managed enterprise wireless networks with IPv6 support.
155NDP TableVMwareVirtual Network (NSX-T)VMware NSX-TCaptures IPv6 NDP bindings in the NSX-T overlay, including VM IPv6 addresses mapped to MAC and transport node context. NSX-T applies NDP suppression on IPv6 logical segments. Enables IPv6 endpoint tracking within NSX-T virtual networks and supports IPv6 east-west path analysis for dual-stack workloads.
156NDP TableVMwareVirtualization PlatformVMware vCenterCaptures IPv6 NDP mappings for VMs managed by vCenter, associating VM IPv6 addresses with MAC and virtual switch ports. Enables IPv6 endpoint visibility in vCenter-managed virtual environments and supports IPv6 path tracing through the virtual network infrastructure for dual-stack VM deployments.
157NSX-T DFW Policy TableVMwareVirtual Network (NSX-T)VMware NSX-TCaptures Distributed Firewall policy configurations in VMware NSX-T, including security policy sections, rule order, scope, and enforcement points. The DFW is applied at the vNIC level of each VM, enabling micro-segmentation independent of physical network topology. Models the zero-trust security fabric in NSX-T environments, supporting policy audit and compliance validation.
158NSX-T Firewall Rules TableVMwareVirtual Network (NSX-T)VMware NSX-TCaptures individual DFW and Gateway Firewall rule entries in VMware NSX-T, including source, destination, service, action, and applied-to scope. Defines allowed and denied traffic at VM-level granularity. Enables complete policy analysis and compliance validation for east-west segmentation in NSX-T environments, including rule conflict and shadow detection.
159NSX-T Gateway HA TableVMwareVirtual Network (NSX-T)VMware NSX-TCaptures high availability state for NSX-T Tier-0 and Tier-1 gateway instances, including active/standby node assignment and HA mode configuration (active/active or active/standby). Gateway HA ensures routing continuity for north-south traffic. Enables monitoring of gateway failover state and validating redundancy in NSX-T routing deployments.
160NSX-T Gateway Policy TableVMwareVirtual Network (NSX-T)VMware NSX-TCaptures gateway firewall policy configurations for Tier-0 and Tier-1 gateways in VMware NSX-T. Gateway firewall rules control north-south traffic at the perimeter of the NSX-T overlay. Models traffic access controls enforced at routing boundaries between the NSX-T overlay and physical networks, including intra-tier gateway security.
161NSX-T Gateway Route TableVMwareVirtual Network (NSX-T)VMware NSX-TCaptures routing entries on NSX-T Tier-0 and Tier-1 gateways, including connected, static, and BGP-learned routes. Tier-0 gateways peer with physical infrastructure via BGP; Tier-1 gateways provide tenant-level routing. Models north-south and east-west routing decisions in the NSX-T overlay with per-gateway routing table visibility.
162NSX-T Groups TableVMwareVirtual Network (NSX-T)VMware NSX-TCaptures security group (NSX-T Group) definitions, including membership criteria based on VM tags, IP sets, MAC sets, or segment ports. Groups are the primary policy scoping construct in NSX-T DFW. Enables analysis of dynamic group membership, validating that workloads are correctly included in intended security perimeters as VMs are provisioned or moved.
163NSX-T LB APP Profile TableVMwareVirtual Network (NSX-T)VMware NSX-TCaptures Layer 7 application profile configurations for NSX-T load balancers, including persistence profiles (cookie, source IP), connection settings, and SSL passthrough configuration. App profiles define application-specific behavior for load-balanced services. Models session handling and application-aware traffic processing in NSX-T LB deployments.
164NSX-T LB Pool TableVMwareVirtual Network (NSX-T)VMware NSX-TCaptures load balancer pool configurations in VMware NSX-T, including pool members (VMs/IPs), load balancing algorithm, health monitors, and active/passive member settings. Pools define the backend server groups for NSX-T virtual servers. Models application tier composition and validates backend availability for NSX-T-native load balancing.
165NSX-T LB Virtual Service TableVMwareVirtual Network (NSX-T)VMware NSX-TCaptures virtual server configurations for NSX-T load balancers, including virtual IP, port, protocol, application profile, and associated pool binding. Virtual services define the frontend entry points for load-balanced applications within the NSX-T overlay. Models L4-L7 service exposure in NSX-T environments with per-tenant VIP visibility.
166NSX-T Segment MAC TableVMwareVirtual Network (NSX-T)VMware NSX-TCaptures MAC address bindings for endpoints connected to NSX-T logical segments. Maps VM MAC addresses to their segment binding and host transport node. Models the L2 forwarding state within NSX-T overlay segments and enables MAC-level path analysis for east-west traffic in the virtual network, including cross-segment MAC isolation.
167NSX-T Segment Neighbor TableVMwareVirtual Network (NSX-T)VMware NSX-TCaptures ARP and NDP bindings for endpoints on NSX-T logical segments, including IP-to-MAC mappings learned via ARP suppression or direct resolution. Provides L3 adjacency visibility within NSX-T segments and supports hop-by-hop path analysis for IP traffic between workloads in the NSX-T overlay fabric.
168NSX-T Service TableVMwareVirtual Network (NSX-T)VMware NSX-TCaptures service object definitions within the NSX-T policy framework, including protocol/port combinations used as match criteria in DFW and Gateway Firewall rules. Services define the traffic types controlled by NSX-T policy. Enables analysis of service-level policy granularity and validates protocol/port coverage in NSX-T security policies.
169NSX-T Tunnel Endpoint TableVMwareVirtual Network (NSX-T)VMware NSX-TCaptures the VXLAN/GENEVE tunnel endpoint (TEP) configurations for NSX-T transport nodes (ESXi hosts, KVM, Bare Metal). TEPs are the encapsulation endpoints for the NSX-T overlay fabric. Models the underlay-to-overlay binding, essential for full-path analysis of traffic flowing through the NSX-T transport zone including VTEP IP assignments.
170NSX-T Virtual Machine TableVMwareVirtual Network (NSX-T)VMware NSX-TCaptures VM inventory and NSX-T context for all virtual machines managed by NSX-T, including VM-to-segment attachment, security group membership, and logical port assignment. Bridges vCenter compute topology with NSX-T network policy context, enabling policy-aware VM path analysis and inventory-driven security group validation.
171Policy TableCheck PointNext-Gen FirewallCheckPoint R80 APICaptures the full security policy rulebase from Check Point Security Management, including access rules, source/destination zones, services, and actions across all policy layers. Check Point policies are layered and ordered. Enables complete firewall policy analysis, rule shadowing detection, and compliance validation for Check Point-managed security environments.
172Policy TableCisco MerakiCloud-Managed NetworkCisco MerakiCaptures Layer 3/7 firewall rules and group policies from Meraki MX appliances via the Dashboard API. Policies define allowed and blocked traffic for Meraki network segments. Enables analysis of cloud-managed security policy across Meraki branch deployments, including per-SSID wireless policy and group policy rule analysis.
173Route Learned TableAruba NetworksSD-WAN / WAN EdgeAruba OrchestratorCaptures dynamically learned routes (BGP, OSPF, static redistribution) on Aruba SD-WAN edge devices as observed by Orchestrator. Unlike the configured route table, reflects the operational routing state derived from route learning processes. Enables validation of dynamic routing convergence in Aruba SD-WAN topologies and detection of route learning failures.
174Route TableAruba NetworksSD-WAN / WAN EdgeAruba OrchestratorCaptures the full routing table from Aruba WAN edge appliances managed by Orchestrator, including static and dynamic routes for both overlay and underlay network paths. Central to SD-WAN path computation, enabling analysis of traffic forwarding decisions across the Aruba SD-WAN fabric, including per-VRF routing table isolation.
175Route TableVMware AVI NetworksApplication Delivery ControllerAVICaptures routing entries from Avi Service Engines, including default routes and static routes configured for traffic forwarding. Avi uses routing for management plane connectivity and for reaching backend servers and clients. Enables path analysis in single-arm and inline Avi SE deployments, validating next-hop reachability for virtual service traffic.
176Route TableBig Switch NetworksSDN Fabric ControllerBig SwitchCaptures L3 routing entries from Big Cloud Fabric logical routers, including static and dynamic routes within tenant VRFs. BCF's SDN-based routing is centrally computed and distributed to hardware forwarding elements. Models tenant-level routing topology and enables inter-segment path analysis in BCF multi-tenant environments.
177Route TableCheck PointNext-Gen FirewallCheckPoint R80 APICaptures the IP routing table from Check Point Security Gateways, including static, connected, and dynamic routes across all routing daemon (Gaia OS) sources. Check Point gateways participate in network routing alongside security enforcement. Enables firewall path analysis, validates routing state for policy enforcement, and diagnoses connectivity through gateway clusters.
178Route TableCiscoSDN Fabric (ACI)Cisco ACICaptures L3 routing entries from ACI border leaf nodes and L3Out configurations, including routes leaked from tenant VRFs to external networks. ACI routes are computed by APIC and distributed to leaf nodes. Models north-south routing in ACI environments and enables path analysis for external network connectivity via L3Outs.
179Route TableCiscoNext-Gen Firewall (FTD)Cisco FMCCaptures routing table entries from Firepower Threat Defense appliances managed by FMC, including static and dynamic routes on all routed interfaces. FTD participates in network routing at the perimeter alongside security enforcement. Enables path analysis for traffic traversing FTD firewalls and validates routing state for policy enforcement.
180Route TableCisco MerakiCloud-Managed NetworkCisco MerakiCaptures routing table entries from Meraki MX appliances, including static routes, AutoVPN overlay routes, and BGP-learned routes. Enables analysis of branch-to-branch and site-to-cloud routing decisions in Meraki SD-WAN deployments and validates WAN path selection for application traffic across AutoVPN mesh topologies.
181Route TableCitrix / NetScalerADC Management PlatformCitrix ADMCaptures routing entries from Citrix ADC (NetScaler) instances managed through Application Delivery Management. ADC instances use routing for SNIP reachability and backend server connectivity. Enables path analysis for ADC-managed application traffic and validates routing to backend server pools and client-facing networks.
182Route TableCitrix SD-WANSD-WAN ApplianceCitrix SDWANCaptures routing entries from Citrix SD-WAN appliances including static, OSPF, and BGP routes for both LAN and WAN segments. Citrix SD-WAN performs intelligent path selection based on routing and application policies. Enables analysis of SD-WAN routing decisions and branch-to-branch path computation across Citrix-managed WAN topologies.
183Route TableExtreme NetworksCloud-Managed Switch / APExtremeCloud IQCaptures IP routing entries from Extreme Networks switches managed via ExtremeCloud IQ. Includes static and OSPF routes for inter-VLAN routing and uplink connectivity. Enables path analysis for campus and branch networks managed through the Extreme cloud management platform, validating L3 forwarding state for managed devices.
184Route TableFortinetFortinet Management PlatformFortiManagerCaptures routing table entries from FortiGate devices managed through FortiManager, including static, connected, and BGP/OSPF dynamic routes across all VDOMs. FortiGate participates in enterprise routing alongside security enforcement. Enables full path analysis for traffic traversing Fortinet-managed networks and validates routing correctness for policy enforcement.
185Route TableFortinetNGFW / UTM ApplianceFortinetFortiGateCaptures the complete IP routing table directly from FortiGate firewalls, including all route sources (static, connected, BGP, OSPF, RIP) across all VDOMs. FortiGate operates as both security and routing device. Foundational forwarding reference for path analysis through FortiGate, validating routing correctness for all traffic policies and segmentation.
186Route TableProgress KempLoad Balancer ApplianceKemp LBCaptures routing entries configured on Kemp LoadMaster appliances, including static routes for backend server and client network reachability. Kemp uses routing to reach virtual service clients and pool members. Enables path analysis for Kemp LB deployments and validates routing to application backends, including return route validation for asymmetric traffic flows.
187Route TablePalo Alto NetworksNext-Gen FirewallPalo Alto PanoramaCaptures IP routing tables from Palo Alto Networks firewalls managed by Panorama, including static, connected, and BGP/OSPF routes per virtual router. Palo Alto firewalls integrate routing with security policy enforcement. Enables firewall path analysis, routing validation, and hop-by-hop path tracing through Palo Alto-managed networks.
188Route TableIvanti Pulse SecureVPN / Zero-Trust GatewayPulseSecure APICaptures routing entries from Pulse Connect Secure and Pulse Policy Secure appliances. Routes define how VPN-connected users and split-tunnel traffic is forwarded. Enables analysis of VPN routing topology, validates tunnel routing for remote access users, and diagnoses connectivity through Pulse VPN gateways including split-tunnel route management.
189Route TableCommScope RuckusWireless ControllerRuckus SmartZoneCaptures routing entries from SmartZone controllers and associated switches, including static routes for management and data plane connectivity. Enables path analysis for traffic in Ruckus-managed enterprise wireless environments and validates network routing for SmartZone-managed infrastructure including VLAN uplink routing.
190Route TableVMware VeloCloudSD-WAN EdgeVeloCloud SD-WANCaptures full routing tables from VeloCloud Edge devices, including overlay SD-WAN routes, MPLS routes, internet routes, and LAN static/BGP routes. VeloCloud route tables reflect the outcome of application-aware routing policy and Business Policy rules. Central to SD-WAN path analysis across the VMware SD-WAN fabric.
191Route TableVersa NetworksSD-WAN / Multi-Tenant NFVVersa SD-WANCaptures routing entries from Versa FlexVNF appliances per tenant VRF, including SD-WAN overlay routes, BGP/OSPF dynamic routes, and static entries. Versa's multi-tenant architecture maintains per-tenant routing domains. Enables per-VRF path analysis and validates routing within Versa SD-WAN enterprise and service provider deployments.
192Route TableCisco ViptelaCisco SD-WAN EdgeViptela SD-WANCaptures OMP routes and traditional routing entries from vEdge and cEdge routers in Cisco SD-WAN. Uses OMP to distribute overlay routes from vSmart controllers. Models the full routing topology of Cisco SD-WAN sites and enables end-to-end path analysis across the SD-WAN fabric, including per-color route attributes.
193Route TableVMwareVirtual Network (NSX-T)VMware NSX-TCaptures routing entries on NSX-T Tier-0 and Tier-1 gateways, reflecting the overlay routing topology for virtual workloads. NSX-T routes are computed by the centralized management plane and distributed to Edge nodes and TEPs. Enables full overlay routing path analysis for north-south and east-west traffic in NSX-T environments.
194Route TableVMwareVirtual Network (NSX-V)VMware NSX-VCaptures routing entries from NSX-V Distributed Logical Routers (DLR) and Edge Service Gateways (ESG). NSX-V provides distributed routing within vSphere environments. Models the virtual routing topology for NSX-V deployments, enabling path analysis for east-west and north-south traffic in legacy NSX environments requiring migration assessment.
195SDWAN OMP Route TableCisco ViptelaCisco SD-WAN EdgeViptela SD-WANCaptures OMP (Overlay Management Protocol) route entries distributed by vSmart controllers to vEdge and cEdge routers. OMP is the Cisco SD-WAN control plane protocol, carrying routes, policies, and encryption keys. Represents the authoritative routing view for the Cisco SD-WAN overlay, central to fabric-wide path analysis and policy validation.
196Segment TableBig Switch NetworksSDN Fabric ControllerBig SwitchCaptures logical network segment definitions within Big Cloud Fabric, including tenant-specific Layer 2 broadcast domains with VXLAN-based overlay encapsulation. Segments map to physical switch ports and virtual interfaces. Models the L2 topology for BCF multi-tenant deployments and enables path analysis within and between segments, including VXLAN VNI assignments.
197Service Graph Mapping TableCiscoSDN Fabric (ACI)Cisco ACICaptures service graph configurations defining insertion of network services (firewall, load balancer, IDS) between EPGs in Cisco ACI. Service graphs steer traffic through service nodes via policy-based redirect. Models service chain topology in ACI, enabling analysis of traffic paths through inserted L4-L7 service devices and PBR rule validation.
198STP TableCisco MerakiCloud-Managed NetworkCisco MerakiCaptures Spanning Tree Protocol state from Meraki MS switches, including port roles (root, designated, blocking), bridge priority, and root bridge selection. STP prevents L2 loops in multi-switch environments. Enables analysis of L2 topology convergence and validates loop prevention in Meraki-managed switched campus networks, including RSTP and MSTP topology.
199Tenant TableBig Switch NetworksSDN Fabric ControllerBig SwitchCaptures tenant configurations within Big Cloud Fabric, defining isolated multi-tenant network domains with their own routing tables, segment associations, and policy scopes. BCF is inherently multi-tenant. Provides the organizational context for all other BCF tables and enables per-tenant network analysis and segmentation validation across shared fabric infrastructure.
200Uplink TableVMwareVirtualization PlatformVMware vCenterCaptures physical NIC-to-virtual-switch uplink configurations for ESXi hosts managed by vCenter, including NIC teaming policies, load balancing algorithms, and failover order. Uplinks define how VM traffic connects to the physical network fabric. Models the virtual-to-physical network boundary and validates NIC redundancy configuration in vCenter environments.
201VCG BGP Neighbor TableVMware VeloCloudSD-WAN EdgeVeloCloud SD-WANCaptures BGP peer session details for VeloCloud Gateways (VCG), including peer IP, ASN, session state, and prefix counters for underlay routing with MPLS or internet providers. Enables analysis of gateway-level BGP peering health and validates dynamic routing between VeloCloud Gateways and upstream carriers or IXPs.
202Versa Access Circuits TableVersa NetworksSD-WAN / Multi-Tenant NFVVersa SD-WANCaptures WAN access circuit configurations for Versa FlexVNF appliances, including interface type, provider, bandwidth, and circuit health status. Access circuits define the physical WAN links available for SD-WAN path selection. Models the underlay connectivity for Versa SD-WAN and enables WAN link health analysis and capacity planning.
203Virtual Server TableVMware AVI NetworksApplication Delivery ControllerAVICaptures virtual service configurations in AVI Networks (VMware Avi Load Balancer), including VIP, port, application profile, pool associations, and SSL policy. Virtual servers define the frontend endpoints for application delivery. Models L4-L7 service exposure in Avi deployments and enables application traffic path analysis across service engine clusters.
204Virtual Server TableCitrix / NetScalerADC Management PlatformCitrix ADMCaptures virtual server (vserver) configurations from Citrix ADC instances managed through Application Delivery Management. Each virtual server defines a VIP, port, protocol, and associated pool binding. Models application entry points in Citrix ADC deployments and enables L4-L7 path analysis for load-balanced applications including CS vservers.
205Virtual Server TableProgress KempLoad Balancer ApplianceKemp LBCaptures virtual service configurations on Kemp LoadMaster appliances, including VIP, port, protocol, balancing algorithm, and backend pool associations. Virtual services define the frontend for load-balanced applications. Models service exposure and traffic distribution logic in Kemp LB deployments, including health check and persistence configuration.
206VM Mapping TableVMwareVirtualization PlatformVMware vCenterCaptures the association between virtual machines and their network topology context, including virtual switch, portgroup, VLAN, and ESXi host placement. Bridges compute and network inventory in vCenter, enabling workload-aware path analysis that correlates VM identity with physical and virtual network topology for connectivity troubleshooting.
207VPN Policy TableCisco MerakiCloud-Managed NetworkCisco MerakiCaptures VPN routing and split-tunneling policy configurations for Meraki MX appliances, defining which subnets are routed over AutoVPN and which are directed to the internet locally. VPN policies govern SD-WAN traffic steering. Enables analysis of WAN path selection policies in Meraki SD-WAN environments including hub selection and full-tunnel configurations.
208VPN Status TableCisco MerakiCloud-Managed NetworkCisco MerakiCaptures real-time VPN tunnel operational status for AutoVPN and third-party VPN connections from Meraki MX appliances. Reflects per-tunnel connectivity state, latency, and packet loss metrics. Enables active monitoring of VPN fabric health and supports rapid diagnosis of connectivity failures in Meraki SD-WAN deployments across all AutoVPN spoke sites.
209Wireless Endpoint TableAruba NetworksCloud Wireless ControllerAruba CentralCaptures wireless client associations including MAC address, IP, SSID, AP name, signal strength, and authentication state for clients connected to Aruba APs managed via Aruba Central. Enables wireless client tracking, security analytics, and path tracing for WLAN-connected endpoints across centrally managed Aruba wireless infrastructure.
210Wireless Endpoint TableCisco MerakiCloud-Managed NetworkCisco MerakiCaptures wireless client associations from Meraki MR access points via the Dashboard API, including client MAC, IP, SSID, AP, RSSI, and connection state. Enables wireless endpoint visibility, client tracking, and path analysis for Wi-Fi connected devices in Meraki-managed campus and branch environments, including client roaming history.
211Wireless Endpoint TableJuniper NetworksAI-Driven WirelessJuniper Mist APICaptures wireless client association data from Juniper/Mist APs managed via the Mist cloud platform, including MAC, IP, SSID, AP context, RSSI, and AI-driven client experience metrics. Enables wireless client tracking, AI-driven root cause analysis, and path analysis for Mist-managed Wi-Fi environments with Marvis AI integration.
212Zoning Rule TableCiscoSDN Fabric (ACI)Cisco ACICaptures hardware-programmed zoning rules derived from ACI contracts and filters, as installed on leaf node ASICs in Cisco ACI. Zoning rules are the compiled, enforcement-level representation of ACI policy in TCAM. Enables validation that configured contracts are correctly translated into hardware forwarding entries, ensuring policy enforcement fidelity in ACI environments.

 

Built-in NCT Tables (Physical Nodes) Interface Type