This Tips & Tricks looks at the Application Command Center (ACC), which provides visibility into the network traffic passing through your firewall. The ACC is sometimes overlooked inside the web interface, but it is a very powerful tool to help you manage and see the traffic flowing through your network.
In order to learn more about the ACC, we'll explore the following areas:
The Application Command Center (ACC) page visually depicts trends and a historic view of traffic on your network. It displays the overall risk level for all network traffic, the risk levels and number of threats detected for the most active and highest-risk applications on your network, and the number of threats detected from the busiest application categories and from all applications at each risk level. The ACC can be viewed for the past hour, day, week, month, or any custom-defined time frame.
Risk levels (1=lowest to 5=highest) indicate the application’s relative security risk, based on criteria such as whether the application can share files, is prone to misuse, or tries to evade firewalls.
Let's start with the Dashboard tab.
Inside the web interface on the Dashboard tab, you'll see ACC Risk Factor.
This information shows the risk factor over the last 60 minutes based upon information inside the ACC Dashboard tab.
This is a general "threat temperature" of the traffic. If you find it higher than normal, you can use the main ACC to drill down and investigate what is causing the temperature to be higher than normal.
If you'd like to see this and it is not being displayed on your Dashboard page, enable it by going to
Dashboard > Widgets > Application > ACC Risk Factor.
You also will see the Top Applications if you have enabled this widget.
This widget displays the applications with the most sessions. The block size indicates the relative number of sessions (mouse-over the block to view the number), and the color indicates the security risk—from green (lowest) to red (highest). Click an application to view its application information as well as a full breakdown of where that application has been seen inside the ACC page.
This is a great way to see the applications in use at a glance.
If you would like to see this, it can be enabled by going to Dashboard > Widgets > Application > Top Applications.
On the ACC tab, you will see the following sections that make up the Application Command Center:
The ACC includes predefined tabs that provide visibility into network traffic, threat activity, blocked activity, tunnel activity, and more.
Each tab includes a default set of widgets that best represent the events and trends associated with the tab.
You have options to select a specific time range—from the last 15 minutes to the last calendar month and even a custom option. The default is the last hour.
Adding a filter comes in handy if you are looking for specific traffic.
The application view allows you to filter the ACC view by either the sanctioned or unsanctioned applications in use on your network.
You'll find the same Risk Meter that you'll find on the Dashboard discussed earlier.
The widgets on each tab are interactive. The view will change if you set a timeframe, set filters, and drill down into the display to customize the view and focus on the information you need.
Each widget is structured to display the following information:
1. View - You can sort the data by selecting the different radio buttons
2. Graph - There are different graphical display options available depending on which widget you're on.
3. Table - A detailed view of the data used to render the graphical display.
4. Actions - Maximize view, Set up local filters, Jump to logs, Export.
I hope this Tips & Tricks blog has helped you understand the Application Command Center (ACC) better. Hopefully, it provided you with some insight into better ways to access and use the information in the ACC.
More ACC information can be found on the following links:
How To Use The Application Command Center (ACC)
Thanks for taking time to read the blog.
If you enjoyed this, please hit the Like (thumbs up) button, don't forget to subscribe to the LIVEcommunity Blog.
As always, we welcome all comments and feedback in the comments section below.
Stay Secure,
Kiwi out!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
| Subject | Likes |
|---|---|
| 4 Likes | |
| 3 Likes | |
| 3 Likes | |
| 2 Likes | |
| 2 Likes |
| User | Likes Count |
|---|---|
| 11 | |
| 4 | |
| 3 | |
| 2 | |
| 2 |
