ON THIS PAGE
You can use the Application Visibility page to view information on bandwidth consumption, session establishment, and the risks associated with your applications.
Analyzing your network applications yields useful security management information, such as abnormal applications that can lead to data loss, bandwidth hogging, time-consuming applications, and personal applications that can elevate business risks.
To monitor Applications select Monitor>Applications in the J-Web user interface.
If traffic is not enabled, click Enable Logging. The Configure>Device Setup>Basic Settings>Logging page appears, where you can enable the traffic.
There are two ways to view your data. You can select either the Chart View tab or the Grid View tab.
The Chart View is selected by default, and it gives a brief summary of the top 50 applications consuming maximum bandwidth in your network. The data is presented graphically as a bubble graph, heat map, or zoomable bubble graph.
You can reorder the bubble graph by bandwidth or by number of sessions from the Show By filter dropdown. The size of the bubble depends on the bandwidth used if you select Bandwidth in the dropdown. If you select Number of Sessions, the size of the bubble depends on the number of sessions.
The data is refreshed automatically based on the selected time range in the Time Span filter dropdown. The default time span is set to the last 15 minutes from the current time. If you select Custom, you need to specify the from and to date range in the Custom Time Range Selection popup window. You can also Edit the from and to date range.
You can reorder the bubble graph by groups in the Group By filter dropdown. The options are: Risk and Categories. If you select Risk, the bubbles are grouped by Critical, High, Unsafe, Moderate, Low, and Unknown criticality. If you select Categories, the bubbles are grouped by Gaming, Infrastructure, Messaging, Multimedia, P2P, Remote-Access, Web, and Unknown. The legends show the color associated with each group parameter.
A Fake application bubble is created if a new application, whose name is not present in the signature database, is detected.
You can hover over your applications to view critical information such as total number of sessions, total number of blocks, category, bandwidth consumed, risk levels, and characteristics. You can also view the top five users accessing your application. Sessions appear as links, when you click a link, the All Events page appears.
Click the Grid View link for comprehensive details on applications. You can view top users by volume, top applications by volume, top category by volume, top characteristics by volume, and sessions by risk. You can also view the data in a tabular format that includes sortable columns. You can sort the applications in ascending or descending order based on application name, risk level, and so on. Table 34 describes the widgets in this view. Use these widgets to get an overall, high‐level view of your applications, users, and the content traversing your network.
Table 34: Applcations Visibility in Grid View Widgets
Top Users By Volume
Top users of the application; sorted by bandwidth consumption.
Top Apps By Volume
Top applications, such as Amazon, Facebook, and so on of the network traffic; sorted by bandwidth consumption.
Top Category By Volume
Top category, such as web, infrastructure, and so on of the application; sorted by bandwidth consumption.
Top Characteristics By Volume
Top behavioral characteristics, such as prone to misuse, bandwidth consumer, and so on of the application.
Sessions By Risk
Number of events/sessions received; grouped by risk.
Table 35 describes the fields in the table below the widgets. Users are displayed by usernames or IP addresses. When you click a link, the User Visibility page in Grid view appears with the correct filter applied. Sessions are also displayed as links and when you click a link, the All Events page appears with all security events. You can select an application or a user to perform a block operation.
Table 35: Grid View of Applications
Name of the application, such as Amazon, Facebook, and so on.
Risk associated with the application: critical, high, unsafe, moderate, low, and unknown.
Total number of users accessing the application.
Bandwidth used by the application.
Total number of application sessions.
Category of the application, such as web, infrastructure, and so on.
Subcategory of the application. For example, social networking, news, and advertisements.
Note: There can be many sub-categories for a single category. For example, if the Category is Multimedia, it can have sub-categories as Video-streaming and Audio-streaming and so on.
Characteristics of the application. For example, prone to misuse, bandwidth consumer, capable of tunneling.
There can be many characteristics displayed by a comma
separator. For example, characteristics can be displayed as
You can search the user interface by clicking the search lens icon. You can do a search in search by entering the second search string after the first search result is displayed.
You can sort the data based on the column heading. Mouse over the column heading, click the dropdown arrow, and select Sort Ascending or Sort Descending depending on how you want the data sorted.