Application Visibility Overview

You can use the Application Visibility page to view information on bandwidth consumption, session establishment, and the risks associated with your applications.

There are two ways to view your data. You can select either the Chart view or Grid view. By default, the data is displayed in Chart view.

Chart View

Click the Chart View link for a brief summary of the top 50 applications consuming maximum bandwidth in your network. The data can be presented graphically as a bubble graph, heat map, or zoomable bubble graph. The data is refreshed automatically based on the selected time range. You can also use the Custom button to set a custom time range.

You can hover over your applications to view critical information such as total number of sessions, total number of blocks, category, bandwidth consumed, risk levels, and characteristics. You can also view the top five users accessing your application. Sessions appear as links, when you click a link, the All Events page appears.

Starting in Junos Space Security Director Release 16.1, you can click the View All Users link to show all the users accessing an application. You also see the User Visibility page in grid view with the correct filter applied.

Starting in Junos Space Security Director Release 16.1, you can click the View All Users link to show all the users accessing an application. You also see the User Visibility page in grid view with the correct filter applied.

Table 44 describes the widgets in Chart view.

Table 44: Application Visibility Chart View Columns

 

Field

Description

All Devices

Shows data for all the devices managed by Security Director. Click Edit to select root devices and/or LSYS devices to view the result.

Show By

Select from the following options to view a user’s data:

  • Bandwidth - Shows data based on the amount of bandwidth the application has consumed for a particular time range.

  • Number of Sessions - Shows data based on the number of sessions consumed by the application.

Time Span

Select the required time range to view a user’s data.

Use the custom option to choose the time range if you want to view data for more than one day. The time range is from 00:00 hours to 23:59 hours.

Select graph

Select from the following graphical representations to view an application’s data:

  • Bubble Graph

  • Heat Map

  • Zoomable Bubble Graph

By default, data is shown in the Bubble Graph format.

Group By

Select from the following options to view the application’s data:

  • Risk - Groups by critical, high, unsafe levels, and so on.

  • Category - Groups by category such as web, infrastructure, and so on.

Number of Sessions

Shows total number of application sessions.

Number of Blocks

Shows total number of times the application was blocked.

Bandwidth

Shows bandwidth usage of the application.

Risk Level

Shows risk associated with the application. For example, critical, high, unsafe, and so on.

Category

Shows category of the application. For example, web, infrastructure, and so on.

Characteristics

Shows characteristics of the application. For example, prone to misuse, bandwidth consumer, capable of tunneling, and so on.

Block User(s)

Blocks the user from using the application.

Block Application

Blocks the usage of the application.

View All Users

Shows all the users accessing the application.

Grid View

Click the Grid View link for comprehensive details on applications. You can view top users by volume, top applications by volume, top category by volume, top characteristics by volume, and sessions by risk. You can also view the data in a tabular format that includes sortable columns. You can sort the applications in ascending or descending order based on application name, risk level, and so on. Table 45 describes the widgets in this view. Use these widgets to get an overall, high‐level view of your applications, users, and the content traversing your network.

Table 45: Application Visibility Grid View Widgets

 

Widget

Description

Top Users By Volume

Top users of the application; sorted by bandwidth consumption.

Top Apps By Volume

Top applications, such as Amazon, Facebook, and so on of the network traffic; sorted by bandwidth consumption.

Top Category By Volume

Top category, such as web, infrastructure, and so on of the application; sorted by bandwidth consumption.

Top Characteristics By Volume

Top behavioral characteristics, such as prone to misuse, bandwidth consumer, and so on of the application.

Sessions By Risk

Number of events/sessions received; grouped by risk.

Table 46 describes the fields in the table below the widgets. Users are displayed by usernames or IP addresses. When you click a link, the User Visibility page in Grid view appears with the correct filter applied. Sessions are also displayed as links and when you click a link, the All Events page appears with all security events.

You can select an application or a user to perform a block operation.

Table 46: Detail View of Applications

 

Field

Description

Application Name

Name of the application, such as Amazon, Facebook, and so on.

Risk Level

Risk associated with the application: critical, high, unsafe, moderate, low, and unknown.

Users

Total number of users accessing the application.

Volume

Bandwidth used by the application.

Total Sessions

Total number of application sessions.

No of Rejects

Total number of sessions blocked.

Category

Category of the application, such as web, infrastructure, and so on.

Sub Category

Subcategory of the application. For example, social networking, news, and advertisements.

Characteristics

Characteristics of the application. For example, prone to misuse, bandwidth consumer, capable of tunneling.