Friday, 30 June 2017

All New Application Command Center in Palo Alto

The Application Command Center (ACC) is an interactive, graphical summary of the applications, users, URLs, threats, and content traversing your network.The ACC uses the firewall logs to provide visibility into traffic patterns and actionable information on threats. The new ACC layout includes a tabbed view of network activity, threat activity, and blocked activity and each tab includes pertinent widgets for better visualization of traffic patterns on your network. The graphical representation allows you to interact with the data and visualize the relationships between events on the network so that you can uncover anomalies or find ways to enhance your network security rules. For a personalized view of your network, you can also add a custom tab and include widgets that allow you to drill down into the information that is most important to you.
ACC - First Look
TabsThe ACC includes three predefined tabs that provide visibility into network traffic, threat activity, and blocked activity.
WidgetsEach tab includes a default set of widgets that best represent the events/trends associated with the tab. The widgets allow you to survey the data using the following filters:bytes—in and out,sessionscontent—files and dataURL categoriesthreats— malicious, benign, and count.
TimeThe charts or graphs in each widget provide a real-time and historic view. You can choose a custom range or use the predefined time periods that range from the last 15 minutes up to the last 30 days or last 30 calendar days.The time period used to render data, by default, is the last hour updated in 15 minute intervals. The date and time interval are displayed onscreen, for example at 11:40 is:01/12 10:30:00-01/12 11:29:59
Global FiltersThe global filters allow you to apply a filter across all tabs. The charts/graphs apply the selected filters before rendering the data.
Risk FactorThe risk factor (1=lowest to 5=highest) indicates the relative security risk on your network. The risk factor uses a variety of factors such as the type of applications seen on the network and their associated risk levels, the threat activity and malware as seen through the number of blocked threats, compromised hosts or traffic to malware hosts/domains.
SourceThe data source used for the display.On the firewall, if enabled for multiple virtual systems, you can use the Virtual System drop-down to change the ACC display to include all virtual systems or just a selected virtual system.On Panorama, the Data Source can be Panorama data or Remote Device Data. Remote Device Data is only available when all the managed firewalls are on PAN-OS 7.0.1 or later.When the data source is Panorama, you can filter the display for a specific device group.
ExportYou can export the widgets displayed in the current tab as a PDF.

No comments:

PAN-OS Supported ciphers

Following is a list of supported ciphers for PAN-OS 7.1 and later: SSLv3 Ciphers Supported (No change from PAN-OS 7.0) Non-FIPS mod...