The Application Usage Dashboard gives you visibility
into the applications in use in your network, and helps you to focus
in on controlling unsanctioned and risky applications.
Where Can I Use
This?
What Do I Need?
Prisma Access
(Cloud Management)
Prisma Access
(Panorama Managed)
NGFW (PAN-OS or Panorama Managed)
NGFW (Cloud Managed)
VM-Series, funded with Software NGFW Credits
AIOps for NGFW Free (use the AIOps for NGFW Free app)
or
AIOps for NGFW Premium license (use the Strata Cloud Manager app)
The dashboard shows aggregated data per Cortex Data Lake tenant.
Application Usage data includes:
An overview of the applications on your network, including risk, sanction
status, bandwidth consumed, and the top users of these applications.
Most used application types
Applications with the most data transfer
The top application types on your network
The most heavily used applications on your network
The users with the most applications
The users with the most data transfer
Applications that use non-standard ports
If an app is a container app, then the displayed statistics are a roll-up of
all the applications in the container. For example, gmail is a container app
(there is no app-id for gmail). It groups applications such as
gmail-posting, gmail-downloading, gmail-uploading, and so forth. The risk
score set for this container app is the highest risk score found for the
contained applications. All other metrics are calculated by summing the
values found for the contained applications.
The
sanctioned apps
you see in this dashboard are apps with the sanctioned
tag; go to
Strata Cloud Manager
Manage
Objects
Applications
to see your sanctioned apps or to tag apps as sanctioned.
Tag Sanctioned Apps
To monitor the activity of apps on your network
in your Application Usage dashboard, you must identify whether they
are sanctioned or unsanctioned.
Go to manage your configuration and select
Strata Cloud Manager
Manage
Objects
Applications
.
Click the application
Name
to
edit an application and select
Edit
in the
Tag section.
Select
Sanctioned
from the
Tags
drop-down.
You must use the predefined
Sanctioned
tag.
If you use any other tag to indicate that you sanctioned an application,
the tag won’t be recognized and the report will be inaccurate.
Click
OK
and
Close
to
exit all open dialogs.
How can you use the data from the dashboard?
Know the security challenges associated with the applications traversing your
network. Application Usage findings can help you to refine your security policy
to control unsanctioned and risky applications.
This dashboard supports reports. These icons,
in the top right of a dashboard indicate that
reports are supported for this dashboard. You can share, download, and schedule
reports that cover the data this dashboard displays.