Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Application Visibility Overview

    You can use the Application Visibility page to view information on bandwidth consumption, session establishment, and the risks associated with your applications.

    Analyzing your network applications yields useful security management information, such as abnormal applications that can lead to data loss, bandwidth hogging, time-consuming applications, and personal applications that can elevate business risks.

    There are two ways to view your data. You can select either the Chart view or Grid view. By default, the data is displayed in Chart view.

    Chart View

    Click the Chart View link for a brief summary of the top 50 applications consuming maximum bandwidth in your network. The data can be presented graphically as a bubble graph, heat map, or zoomable bubble graph. The data is refreshed automatically based on the selected time range. You can also use the Custom button to set a custom time range.

    You can hover over your applications to view critical information such as total number of sessions, total number of blocks, category, bandwidth consumed, risk levels, and characteristics. You can also view the top five users accessing your application. Sessions appear as links, when you click a link, the All Events page appears.

    Click the View All Users link to show all the users accessing an application. You also see the User Visibility page in grid view with the correct filter applied.

    You can select usernames or source IPs to perform the block operation. If a username is not available, then the source IP is displayed. You can block the user or application depending on the risk associated with the application.

    Table 1 describes the widgets in Chart view.

    Table 1: Application Visibility Chart View Columns

    Field

    Description

    All Devices

    Shows data for all the devices managed by Security Director. Click Edit to select individual devices to view the result.

    Show By

    Select from the following options to view a user’s data:

    • Bandwidth - Shows data based on the amount of bandwidth the application has consumed for a particular time range.
    • Number of Sessions - Shows data based on the number of sessions consumed by the application.

    Time Span

    Select the required time range to view a user’s data.

    Use the custom option to choose the time range if you want to view data for more than one day. The time range is from 00:00 hours to 23:59 hours.

    Select graph

    Select from the following graphical representations to view an application’s data:

    • Bubble Graph
    • Heat Map
    • Zoomable Bubble Graph

    By default, data is shown in the Bubble Graph format.

    Group By

    Select from the following options to view the application’s data:

    • Risk - Groups by critical, high, unsafe levels, and so on.
    • Category - Groups by category such as web, infrastructure, and so on.

    Number of Sessions

    Shows total number of application sessions.

    Number of Blocks

    Shows total number of times the application was blocked.

    Bandwidth

    Shows bandwidth usage of the application.

    Risk Level

    Shows risk associated with the application. For example, critical, high, unsafe, and so on.

    Category

    Shows category of the application. For example, web, infrastructure, and so on.

    Characteristics

    Shows characteristics of the application. For example, prone to misuse, bandwidth consumer, capable of tunneling, and so on.

    Block User(s)

    Blocks the user from using the application.

    Block Application

    Blocks the usage of the application.

    View All Users

    Shows all the users accessing the application.

    Grid View

    Click the Grid View link for comprehensive details on applications. You can view top users by volume, top applications by volume, top category by volume, top characteristics by volume, and sessions by risk. You can also view the data in a tabular format that includes sortable columns. You can sort the applications in ascending or descending order based on application name, risk level, and so on. Table 2 describes the widgets in this view. Use these widgets to get an overall, high‐level view of your applications, users, and the content traversing your network.

    Table 2: Application Visibility Grid View Widgets

    Widget

    Description

    Top Users By Volume

    Top users of the application; sorted by bandwidth consumption.

    Top Apps By Volume

    Top applications, such as Amazon, Facebook, and so on of the network traffic; sorted by bandwidth consumption.

    Top Category By Volume

    Top category, such as web, infrastructure, and so on of the application; sorted by bandwidth consumption.

    Top Characteristics By Volume

    Top behavioral characteristics, such as prone to misuse, bandwidth consumer, and so on of the application.

    Sessions By Risk

    Number of events/sessions received; grouped by risk.

    Table 3 describes the fields in the table below the widgets. Users are displayed by usernames or IP addresses. When you click a link, the User Visibility page in Grid view appears with the correct filter applied. Sessions are also displayed as links and when you click a link, the All Events page appears with all security events.

    You can select an application or a user to perform a block operation.

    Table 3: Detail View of Applications

    Field

    Description

    Application Name

    Name of the application, such as Amazon, Facebook, and so on.

    Risk Level

    Risk associated with the application: critical, high, unsafe, moderate, low, and unknown.

    Users

    Total number of users accessing the application.

    Volume

    Bandwidth used by the application.

    Total Sessions

    Total number of application sessions.

    No of Rejects

    Total number of sessions blocked.

    Category

    Category of the application, such as web, infrastructure, and so on.

    Sub Category

    Subcategory of the application. For example, social networking, news, and advertisements.

    Characteristics

    Characteristics of the application. For example, prone to misuse, bandwidth consumer, capable of tunneling.

    Modified: 2016-12-07