Help Center User GuideGetting Started
 
X
User Guide
Getting Started
Contents  

Monitoring Applications

Purpose

You can use the Application Visibility page to view information on bandwidth consumption, session establishment, and the risks associated with your applications.

Analyzing your network applications yields useful security management information, such as abnormal applications that can lead to data loss, bandwidth hogging, time-consuming applications, and personal applications that can elevate business risks.

Action

To monitor Applications select Monitor>Applications in the J-Web user interface.

Note: If traffic is not enabled, click Enable Logging. The Configure>Device Setup>Basic Settings>Logging page appears, where you can enable the traffic.

Meaning

There are two ways to view your data. You can select either the Chart View tab or the Grid View tab.

Chart View

The Chart View is selected by default, and it gives a brief summary of the top 50 applications consuming maximum bandwidth in your network. The data is presented graphically as a bubble graph, heat map, or zoomable bubble graph.

You can reorder the bubble graph by bandwidth or by number of sessions from the Show By filter dropdown. The size of the bubble depends on the bandwidth used if you select Bandwidth in the dropdown. If you select Number of Sessions, the size of the bubble depends on the number of sessions.

The data is refreshed automatically based on the selected time range in the Time Span filter dropdown. The default time span is set to the last 15 minutes from the current time. If you select Custom, you need to specify the from and to date range in the Custom Time Range Selection popup window. You can also Edit the from and to date range.

You can reorder the bubble graph by groups in the Group By filter dropdown. The options are: Risk and Categories. If you select Risk, the bubbles are grouped by Critical, High, Unsafe, Moderate, Low, and Unknown criticality. If you select Categories, the bubbles are grouped by Gaming, Infrastructure, Messaging, Multimedia, P2P, Remote-Access, Web, and Unknown. The legends show the color associated with each group parameter.

Note: A Fake application bubble is created if a new application, whose name is not present in the signature database, is detected.

You can hover over your applications to view critical information such as total number of sessions, total number of blocks, category, bandwidth consumed, risk levels, and characteristics. You can also view the top five users accessing your application. Sessions appear as links, when you click a link, the All Events page appears.

Grid View

Click the Grid View link for comprehensive details on applications. You can view top users by volume, top applications by volume, top category by volume, top characteristics by volume, and sessions by risk. You can also view the data in a tabular format that includes sortable columns. You can sort the applications in ascending or descending order based on application name, risk level, and so on. Table 32 describes the widgets in this view. Use these widgets to get an overall, high‐level view of your applications, users, and the content traversing your network.

Table 32: Applcations Visibility in Grid View Widgets

Widget

Description

Top Users By Volume

Top users of the application; sorted by bandwidth consumption.

Top Apps By Volume

Top applications, such as Amazon, Facebook, and so on of the network traffic; sorted by bandwidth consumption.

Top Category By Volume

Top category, such as web, infrastructure, and so on of the application; sorted by bandwidth consumption.

Top Characteristics By Volume

Top behavioral characteristics, such as prone to misuse, bandwidth consumer, and so on of the application.

Sessions By Risk

Number of events/sessions received; grouped by risk.

Table 33 describes the fields in the table below the widgets. Users are displayed by usernames or IP addresses. When you click a link, the User Visibility page in Grid view appears with the correct filter applied. Sessions are also displayed as links and when you click a link, the All Events page appears with all security events. You can select an application or a user to perform a block operation.

Table 33: Grid View of Applications

Field

Description

Application Name

Name of the application, such as Amazon, Facebook, and so on.

Risk Level

Risk associated with the application: critical, high, unsafe, moderate, low, and unknown.

Users

Total number of users accessing the application.

Volume

Bandwidth used by the application.

Total Sessions

Total number of application sessions.

Category

Category of the application, such as web, infrastructure, and so on.

Sub-Category

Subcategory of the application. For example, social networking, news, and advertisements.

Note: There can be many sub-categories for a single category. For example, if the Category is Multimedia, it can have sub-categories as Video-streaming and Audio-streaming and so on.

Characteristics

Characteristics of the application. For example, prone to misuse, bandwidth consumer, capable of tunneling.

Note: There can be many characteristics displayed by a comma separator. For example, characteristics can be displayed as Support File Transfer, Loss of Productivity, Bandwidth.

You can search the user interface by clicking the search lens icon. You can do a search in search by entering the second search string after the first search result is displayed.

You can sort the data based on the column heading. Mouse over the column heading, click the dropdown arrow, and select Sort Ascending or Sort Descending depending on how you want the data sorted.

Related Documentation

Help us to improve. Rate this article.
Feedback Received. Thank You!

Ask questions in TechWiki

Check documentation in TechLibrary

Rating by you:      
X

Additional Comments

800 characters remaining

May we contact you if necessary?

Name:
Email:

Need product assistance? Contact Juniper Support

Submit