{{ $t('productDocDetail.updateTime') }}: 2026-01-05

Description

Network insight (aNI, Advanced Network Insight) achieves the automation of collecting and sorting virtual machine access relationships, automatically adding and displaying new assets, and synchronizing asset status on time. From a business perspective, it provides an intuitive and clear access relationship topology diagram and access details between virtual machines. It is convenient for optimizing policy configuration, discovering business access risks, and reducing risky port exposure.

Precautions

1. The number of access relationship records on a single node exceeds the specification limit, which will cause random packet loss of overloaded virtual machines and loss of access relationship data. Specifications are as follows:

Specification	Cores	RAM	Storage	Total number of virtual machines
Small	8	16GB	500GB	100
Medium	32	64GB	1T	1000
Large	64	128GB	1.5T	3000

2. Currently, the collection of traffic between virtual routers/virtual switches and NFV is not supported.
3. Currently, the collection of traffic for IPv6 is not supported.
4. When HCI changes the virtual machine's IP address, the network insight's traffic update will be delayed, and the latest update time will be 5 minutes.
5. The network insight licensing is integrated with aNET, and there is no need to activate the license separately.
6. The aNI virtual machine password is restricted to be changed once every 3 months.
7. The interface does not support expanding groups of more than 100 virtual machines.
8. Only the traffic passing through the DWF is collected (the DWF is enabled by default in HCI 6.7.0 version), and the traffic not passing through the DWF cannot be collected and reported. (The traffic between virtual routers, virtual switches, and NFV are not collected).

Prerequisites

N/A

Steps

1. Navigate to Networking > Network Management and select Network Insight to enter the Network Insight page. Click the Get Started button and follow the instruction for network insight deployment.

2. Click the Deploy Now button to enter the import virtual machine page. Follow the wizard prompts to import the vma file of the aNI virtual machine, and select the group, datastore, storage policy, and run location.

After the virtual machine is imported, please view the wizard shown in the figure below, and edit the parameters of the template virtual machine according to the number of existing virtual machines and according to the small, medium, and large specifications. The storage capacity is mainly used to store all the streaming data of virtual machines with access relationships on the platform within 30 days.

3. After the virtual machine has been successfully imported, Edit the virtual machine, enable its network interface, and connect to the edge interface, then check the Enable IPv4 address checkbox and configure the IP address as the management interface of the network insight. (It is required to ensure the communication between the HCI management interface is reachable, and it is recommended to be on the same network segment as the HCI management interface).

4. Enable the Correlated Security Service. Otherwise, the network insight might be unreachable.

5. Power on the aNI virtual machine, enter its console, and configure the platform authentication.

Step 1.Input the aNI login credentials to log in.

Changing the password for the first login is required, and there are only five attempts for the wrong password retry. If you enter the wrong password five times, the account will be locked for 5 minutes, and you can enter retry after 5 minutes.

The default password is Sfcsec@123. The password policy is as follows:

• Password length should be 8 to 64 characters and cannot contain the username.

• Password must contain uppercase letters, lowercase letters, digits, and special characters. such as ~`@#%&<>"',;_-^$.*+?=!:|{}()[]/ .

Step 2.After the password change, it is required to log in again. Select Platform Authentication and select HCI as the platform type.

Step 3.Input the cluster IP, username, and password to authenticate.

6. After the platform authentication is successful, enter the Network Insight page again, and click the Get Started button to enter the network insight page.

7. On the insight page, you can see the access status of all virtual machines on the platform. Advanced filtering in the upper right corner supports interface filtering according to different conditions. At the same time, it supports searching according to the perspective of virtual machines and virtual machine groups to quickly locate the virtual machines or groups that need to be viewed.

• Access Statuses filter: All Access Statuses, Allowed, Denied and No Policy Matched. 

• Day filter: Last 30 days, Last 7 days, Last 3 days, and Today.

8. Select a VM group and enter its details page.

• The card in the upper right corner displays VM access information, including the total number of VMs and the number of VMs with unknown access, no access, and denied access.

• Select a VM and click Access Details in the upper right corner to view its access details.

• Click the zoom-out button to go back to the initial view.

9. Click the Access Details button to enter the details page. Click the View Details to view every recorded access entry, including src object, src IP, dst object, destination IP and service.

10. Click the View Policies button, and it will redirect to the Distributed Firewall page to add, delete, modify, and check on the policy.

11. Sangfor HCI also supports related settings for the network insight service. Click the Settings button to go to the setting page. It supports enabling or disabling the network insight feature and aNI version upgrade.

After the network insight feature is disabled, this feature can no longer be used. You need to redeploy to enable the feature again.

12. Go to the Network Insight page, where you can perform an upgrade or rollback.

Note:

• You can install up to 10 service packs for a version.

• You can roll back one service pack at a time, in reverse order of the upgrade sequence.

• Cold start is used for upgrades and rollback, which means they do not affect your business and only make aNI unavailable temporarily.

• If the upgrade or rollback is interrupted, the service pack is rolled back automatically.