# Visualize Remote Access with Control Center Source: https://docs.netbird.io/manage/control-center --- # Visualize Remote Access with Control Center Control Center is a topological view in the NetBird dashboard that visualizes who can access what across your environment. It maps **Peers**, **Groups**, and **Networks** to the resources they can reach and shows the access control policies that permit those connections. > **Note:** **Availability**: NetBird Cloud (all plans) and self-hosted. > **Note:** **Permissions:** The Admin and Network Admin user roles can edit policies from Control Center. Learn more about [user roles](/manage/team/user-roles). ## How it helps - **Faster audits:** Confirm a device, group, or network's effective access at a glance. - **Quicker troubleshooting:** Follow the policy path that grants access to a resource. - **Safer changes:** Click through to the exact policy to refine sources, destinations, or ports without hunting across pages. ## Views ### Peers view Use this to understand what a specific machine can reach. - Click the peer node, then search or choose another peer from the dropdown to switch focus. - The graph shows the peer's access control policy nodes and the reachable resources. - Click a policy chip to open the standard policy editor. Changes you save are reflected in the graph immediately. ### Users view Use this view to see what resources a specific user can access. - Click the user node, then search or choose another user from the dropdown to switch focus. - The graph shows the users peers, access control policy nodes and the reachable resources. - Click a peer to switch focus only to that specific peer. - Click a policy chip to open the standard policy editor. Changes you save are reflected in the graph immediately. ### Groups view Use this to validate team-level access. - Click a group node, then search or choose from the dropdown to switch groups. - The layout shows which resources that group can reach and via which policies. - View-only for topology here; create or delete groups in the Groups section outside Control Center. Group-based access is the recommended way to manage permissions. Common checks: - Confirm that "DevOps" can reach RDS on TCP 5432, or that "Support" only reaches SSH on TCP 22. ### Networks view Use this to see who can access resources in your routed [networks](/manage/networks). - Toggle **All Networks** or select a specific network. - The network node shows its resources. Connecting lines display the port allowed by the policy and which groups have access. - Click any policy chip to edit it in the standard editor. NetBird Networks and routing peers enable access to private subnets and IP resources. ## Editing policies from the graph - **Open editor:** Click an access control policy chip in any view to open the standard policy editor. - **What you can change:** Use the editor to modify the usual policy fields as documented in [Access Control](/manage/access-control/manage-network-access), including sources, destinations, protocols, ports, and posture checks. - **Create vs edit:** You can edit existing policies from Control Center. Creating a new policy still happens in the Access Control section. ## Quick start 1. Open **Control Center** in the NetBird dashboard. 2. Pick a tab: **Peers**, **Groups**, or **Networks**. 3. Click a node to focus, then follow the policy chips to the target resource. 4. Click a policy chip to edit it, then save. The graph updates right away. ## Use cases - **Sanity-check a team:** In **Groups** view, select a group and verify the resources and ports granted by its policies match your intent. Adjust policies in place if needed. - **Prepare a change:** In **Networks** view, review which groups reach a sensitive subnet before tightening ports or destinations. - **Investigate access:** In **Peers** view, confirm why a host can reach a database by following the policy path and port labels, then narrow the rule if required. - **MSPs:** Switch tenants in the MSP portal to repeat the same checks per customer environment. ## Related docs - [Manage network access with Groups and Access Policies](/manage/access-control/manage-network-access) - [Apply posture checks to policies](/manage/access-control/posture-checks) - [Networks and routing peers](/manage/networks) - [MSP portal overview](/manage/for-partners/msp-portal)