Service Tunnel Discovery

Automatically discover resources accessed via Service Tunnels

  • Updated on Jul 21, 2023
  • 4 minutes to read
  • Contributors

This article describes features - Service Tunnel Discovery - that are currently in early preview. Breaking changes may occur as updates are made. Contact your account team to enable these features for your organization.


The Tunnel Discovery feature provides admins with a summary view of the private resources accessed by end-users over their Service Tunnels.

Banyan collects and compiles common private resources accessed via Service Tunnels, and displays these resources in a list (called a Tunnel Inventory). This provides admins with convenient visibility into what applications and services their end-users are accessing over a VPN. It allows admins to identify high-risk resources and over-provisioned users. The Tunnel Inventory can then be used to publish these private resources a Published Services - making them available via a service catalog and applying fine-grained zero-trust policies.

How It Works

Tunnel Inventory

The Tunnel Inventory can be found under Manage Services > Discovered Resources > Tunnel Inventory. The Tunnel Inventory is a list of unique records showing access to an enabled Service Tunnel in an org. Each unique record consists of a domain name or an IP address, as well as a port number.

Details Page

Users, devices, resources accessed, and time of accessing are displayed in the details page.

Can’t find what you’re looking for?

We’re happy to help. Contact our team.