Help Center User GuideGetting StartedFAQRelease Notes
 
X
User Guide
Getting Started
FAQ
Release Notes
Contents  

Dashboard Overview

The Junos Space Security Director dashboard provides a unified overview of the system and network status retrieved from SRX Series devices. You can drag widgets from the carousel at the top of the page to your workspace, where you can configure them to meet your needs. When you install Security Director with Junos Space Log Director, the new Log Director dashboard is displayed.

To display the dashboard, select Security Director > Dashboard. The carousel displays all the widget thumbnails by default. You can customize your dashboard as per your needs. For example, you can configure a widget to display a graph with the top 10 applications with the most sessions in the last hour.

Click the refresh icon to update the dashboard or an individual widget. To change the automatic refresh interval, select an interval from the drop-down list, which ranges from 5 minutes up to 7 days. To add a widget to the Dashboard, drag the widgets from the palette or thumbnail container into the workspace. To delete a widget, click X icon in the title bar.

In addition, you can use the dashboard to:

  • Navigate to the Devices page from the devices widgets by clicking the More Details link.
  • Navigate to the Alarms page from devices most alarms widgets by clicking the More Details link.
  • Navigate to the Events and Logs page from an event-based widget.

The dashboard page automatically adjusts the placement of the widgets to dynamically fit on the browser window without changing the order of the widgets. You can manually reorder the widgets using the drag and drop option. The widget can be reordered or moved by holding the top header section of the widget.

Note: If you are using Policy Enforcer and Sky ATP with Security Director, additional widgets are added to the dashboard. See Policy Enforcer Dashboard Widgets for those widget descriptions.

Starting in Junos Space Security Director Release 17.1, Application Top Application by Volume, IP Top Source IPs by Volume, IP Top Spams By Source IPs, Web Filtering Top Blocked Websites, Virus Top Blocked, and IP Top Source IPs by Sessions widgets are added.

Table 5: Widgets

Widget

Description

Devices Count By Platform

Displays device count grouped by platform.

Devices Count By OS

Displays device count grouped by operating system.

Device Count By Status

Displays device count grouped by the system status (Up/down).

Firewall Top Denies

Displays top requests denied by the firewall based on their source IP addresses, sorted by count.

Firewall Top Events

Displays top firewall events of the network traffic, sorted by count.

IPS Top Events

Displays top IPS events of the network traffic, sorted by count.

Applications most sessions

Displays the applications with the most sessions.

IP Top Destinations

Displays top destination IP addresses of the network traffic, sorted by count.

IP Top Sources

Displays top source IP addresses of the network traffic, sorted by count.

Devices Most CPU Usage

Displays devices with maximum CPU utilization, sorted by count.

Devices Most Memory Usage

Displays devices with maximum memory utilization, sorted by count.

Devices Most Storage

Displays devices with most storage usage, sorted by count.

Firewall Policy Rules with No Hits

Displays firewall policies with the most rules not hit, sorted by count.

Devices Most Bandwidth by Bytes

Displays devices consuming maximum bandwidth in bytes.

Zones Most Bandwidth by Bytes

Displays zones with maximum throughput rate in bytes, sorted by incoming and outgoing bytes.

Devices Most Dropped Packets

Displays firewall devices with maximum number of packet drops, sorted by count.

Zones Most Dropped Packets

Displays firewall zones with maximum number of packet drops, sorted by count.

Devices Most Bandwidth by Packets

Devices with maximum throughput rate in packets, sorted by incoming and outgoing packets.

Zones Most Bandwidth by Packets

Displays zones with maximum throughput rate in packets, sorted by incoming and outgoing packets.

Devices Most Sessions

Displays devices with the most number of sessions, sorted by count.

Devices Most Alarms

Displays devices with maximum number of alarms, sorted by count.

Threat Map Virus

Displays world map showing total virus event count across countries.

Threat Map IPS

Displays world map showing total IPS event count across countries.

Application Top Application by Volume

Displays top applications based on volume or bandwidth.

IP Top Source IPs by Volume

Displays top source IP addresses of the network traffic by volume or bandwidth.

IP Top Spams By Source IPs

Displays top source IP addresses for spams.

Web Filtering Top Blocked Websites

Displays blocked websites, sorted by count.

Virus Top Blocked

Displays blocked viruses, sorted by count.

IP Top Source IPs by Sessions

Displays top source IP addresses of the network traffic by sessions.

NAT Top Source Translation Hits

Displays the Network Address Translation (NAT) rule names with most hits for source NAT.

NAT Top Destination Translation Hits

Displays the NAT rule names with most hits for destination NAT.

Policy Enforcer adds widgets to the dashboard that provide a summary of all gathered information on compromised content and hosts. Drag and drop widgets to add them to your dashboard. Mouse over a widget to refresh, remove, or edit the contents.

In addition, you can use the dashboard to:

Note: C&C and GeoIP filtering feeds are only available with the Cloud Feed or Premium license.

Table 6: Policy Enforcer Widgets

Widget

Definition

Top Malware Identified

A list of the top malware found based on the number of times the malware is detected over a period of time. Use the arrow to filter by different time frames.

Top Compromised Hosts

A list of the top compromised hosts based on their associated threat level and blocked status.

Top Infected File Types

A graph of the top infected file types by file extension. Examples: exe, pdf, ini, zip. Use the arrows to filter by threat level and time frame.

Top Infected File Categories

A graph of the top infected file categories. Examples: executables, archived files, libraries. Use the arrows to filter by threat level and time frame.

Top Scanned File Types

A graph of the top file types scanned for malware. Examples: exe, pdf, ini, zip. Use the arrows to filter by different time frames.

Top Scanned File Categories

A graph of the top file categories scanned for malware. Examples: executables, archived files, libraries. Use the arrows to filter by different time frames.

C&C Server and Malware Source

A color-coded map displaying the location of Command and Control servers or other malware sources. Click a location on the map to view the number of detected sources.

Table 7 provides the source of information for each widget type on dashboard.

Table 7: Information Source for the Widgets

Widget Type

Source

Firewall Top Events

syslog

Applications Most Sessions

syslog

IP Top Destinations

syslog

IP Top Sources

syslog

Top Firewall Denies

syslog

IPS top events

syslog

Threatmap virus

syslog

Threatmap IPS

syslog

NAT Top Source Translation Hits

syslog

NAT Top Destination Translation Hits

syslog

Application Top Application by Volume

Application visibility

IP Top Source IPs by Volume

Source IP visibility

IP Top Spams By Source IPs

syslog

Web Filtering Top Blocked Websites

syslog

Virus Top Blocked

syslog

IP Top Source IPs by Sessions

Source IP visibility

Firewall policy: Rules with no hits

Firewall Rule Hit count

Devices Most CPU Usage

SRX device polling

Devices Most Memory Usage

SRX device polling

Devices Most Sessions

SRX device polling

Devices Most Bandwidth By Bytes

SRX device polling

Zones Most Bandwidth By Bytes

SRX device polling

Devices Most Dropped Packets

SRX device polling

Zones Most Dropped Packets

SRX device polling

Devices Most Bandwidth By Packets

SRX device polling

Zones Most Bandwidth By Packets

SRX device polling

Devices Most Storage

SRX device polling

Device Count By Platform

Space Platform/ SD Devices

Device Count By OS

Space Platform/ SD Devices

Device Count By Status

Space Platform/ SD Devices

Note: In Junos Space Security Director Release 16.2R1, the following widgets display the device statistics for the root device and not for the logical systems (LSYS):

  • Devices Most CPU Usage
  • Devices Most Memory Usage
  • Devices Most Sessions
  • Devices Most Bandwidth by Bytes
  • Zones Most Bandwidth by Bytes
  • Devices Most Dropped Packets
  • Zones Most Dropped Packets
  • Devices Most Bandwidth by Packets
  • Zones Most Bandwidth by Packets
  • Devices Most Storage

Understanding Role-Based Access Control for the Dashboard

Role-based access control (RBAC) has the following impact on the dashboard:

Related Documentation

Help us to improve. Rate this article.
Feedback Received. Thank You!

Ask questions in TechWiki

Check documentation in TechLibrary

Rating by you:      
X

Additional Comments

800 characters remaining

May we contact you if necessary?

Name:
Email:

Need product assistance? Contact Juniper Support

Submit