Application Visibility Overview
You can use the Application Visibility page to view information on bandwidth consumption, session establishment, and the risks associated with your applications.
There are two ways to view your data. You can select either the Chart view or Grid view. By default, the data is displayed in Chart view.
Chart View
Click the Chart View link for a brief summary of the top 50 applications consuming maximum bandwidth in your network. The data can be presented graphically as a bubble graph, heat map, or zoomable bubble graph. The data is refreshed automatically based on the selected time range. You can also use the Custom button to set a custom time range.
You can hover over your applications to view critical information such as total number of sessions, total number of blocks, category, bandwidth consumed, risk levels, and characteristics. You can also view the top five users accessing your application. Sessions appear as links, when you click a link, the All Events page appears.
Starting in Junos Space Security Director Release 16.1, you can click the View All Users link to show all the users accessing an application. You also see the User Visibility page in grid view with the correct filter applied.
Starting in Junos Space Security Director Release 16.1, you can click the View All Users link to show all the users accessing an application. You also see the User Visibility page in grid view with the correct filter applied.
Table 1 describes the widgets in Chart view.
Table 1: Application Visibility Chart View Columns
Field | Description |
|---|---|
All Devices | Shows data for all the devices managed by Security Director. Click Edit to select root devices, Logical Systems (LSYS) devices, or Tenant Systems (TSYS) devices to view the result. |
Show By | Select from the following options to view a user’s data:
|
Time Span | Select the required time range to view a user’s data. Use the custom option to choose the time range if you want to view data for more than one day. The time range is from 00:00 hours to 23:59 hours. |
Select graph | Select from the following graphical representations to view an application’s data:
By default, data is shown in the Bubble Graph format. |
Group By | Select from the following options to view the application’s data:
|
Number of Sessions | Shows total number of application sessions. |
Number of Blocks | Shows total number of times the application was blocked. |
Bandwidth | Shows bandwidth usage of the application. |
Risk Level | Shows risk associated with the application. For example, critical, high, unsafe, and so on. |
Category | Shows category of the application. For example, web, infrastructure, and so on. |
Characteristics | Shows characteristics of the application. For example, prone to misuse, bandwidth consumer, capable of tunneling, and so on. |
Block User(s) | Blocks the user from using the application. |
Block Application | Blocks the usage of the application. |
View All Users | Shows all the users accessing the application. |
Grid View
Click the Grid View link for comprehensive details on applications. You can view top users by volume, top applications by volume, top category by volume, top characteristics by volume, and sessions by risk. You can also view the data in a tabular format that includes sortable columns. You can sort the applications in ascending or descending order based on application name, risk level, and so on. Table 2 describes the widgets in this view. Use these widgets to get an overall, high‐level view of your applications, users, and the content traversing your network.
Table 2: Application Visibility Grid View Widgets
Widget | Description |
|---|---|
Top Users By Volume | Top users of the application; sorted by bandwidth consumption. |
Top Apps By Volume | Top applications, such as Amazon, Facebook, and so on of the network traffic; sorted by bandwidth consumption. |
Top Category By Volume | Top category, such as web, infrastructure, and so on of the application; sorted by bandwidth consumption. |
Top Characteristics By Volume | Top behavioral characteristics, such as prone to misuse, bandwidth consumer, and so on of the application. |
Sessions By Risk | Number of events/sessions received; grouped by risk. |
Table 3 describes the fields in the table below the widgets. Users are displayed by usernames or IP addresses. When you click a link, the User Visibility page in Grid view appears with the correct filter applied. Sessions are also displayed as links and when you click a link, the All Events page appears with all security events.
You can select an application or a user to perform a block operation.
Table 3: Detail View of Applications
Field | Description |
|---|---|
Application Name | Name of the application, such as Amazon, Facebook, and so on. |
Risk Level | Risk associated with the application: critical, high, unsafe, moderate, low, and unknown. |
Users | Total number of users accessing the application. |
Volume | Bandwidth used by the application. |
Total Sessions | Total number of application sessions. |
No of Rejects | Total number of sessions blocked. |
Category | Category of the application, such as web, infrastructure, and so on. |
Sub Category | Subcategory of the application. For example, social networking, news, and advertisements. |
Characteristics | Characteristics of the application. For example, prone to misuse, bandwidth consumer, capable of tunneling. |