Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Use Case 4: Application Visibility

SUMMARY  Network administrators can choose between three different views to see how applications and users are affecting the network, observe bandwidth utilization levels, or determine the number of sessions created. Granular usage details, such as which applications are the riskiest, can be viewed. Top talkers are easy to identify and remediate. Different time frames can also be compared to determine when utilization is typically at its peak. Using Actionable Intelligence, administrators can select one or more applications or user/user groups from the Application Visibility or User Visibility charts, then simply select “Block.” Security Director automatically creates the requested rule or rules and deploys them in the optimal location within the rules base, avoiding any anomalies and taking the guesswork out of managing the application and user environment.

Benefits

Delivers greater visibility, enforcement, control, and protection over the network.

Before You Begin

Note:
  • Although this use case has been specifically validated against Junos Space Security Director Release 19.3 and an SRX Series device running Junos OS Release 18.2, you can use Junos OS Release 18.2 or later.

  • Only mandatory fields and other required fields are included in the procedures in this use case.

Overview

In the following topology, we have an enterprise local area network behind a Layer 2 switch. The switch is connected to an SRX Series firewall that has IPS enabled and inspects all the traffic traveling in and out of the network. The SRX Series device can be in any form: hardware, virtual, or containerized.

Block an Application

Let’s block an application called “UNKNOWN”:

  1. Select Monitor > Applications.

    The Application Visibility page is displayed with top 50 applications.

  2. Hover over the application.

    The Application details are displayed.

  3. Click Block Application.

    All the affected policies are displayed.