ACC Tabs
Table of Contents
Expand All
|
Collapse All
Next-Generation Firewall Docs
-
PAN-OS 11.1 & Later
- PAN-OS 11.1 & Later
- PAN-OS 11.0 (EoL)
- PAN-OS 10.2
- PAN-OS 10.1
-
- Tap Interfaces
-
- Layer 2 and Layer 3 Packets over a Virtual Wire
- Port Speeds of Virtual Wire Interfaces
- LLDP over a Virtual Wire
- Aggregated Interfaces for a Virtual Wire
- Virtual Wire Support of High Availability
- Zone Protection for a Virtual Wire Interface
- VLAN-Tagged Traffic
- Virtual Wire Subinterfaces
- Configure Virtual Wires
- Configure a PPPoE Client on a Subinterface
- Configure an IPv6 PPPoE Client
- Configure an Aggregate Interface Group
- Configure Bonjour Reflector for Network Segmentation
- Use Interface Management Profiles to Restrict Access
-
- DHCP Overview
- Firewall as a DHCP Server and Client
- Firewall as a DHCPv6 Client
- DHCP Messages
- Dynamic IPv6 Addressing on the Management Interface
- Configure an Interface as a DHCP Server
- Configure an Interface as a DHCPv4 Client
- Configure an Interface as a DHCPv6 Client with Prefix Delegation
- Configure the Management Interface as a DHCP Client
- Configure the Management Interface for Dynamic IPv6 Address Assignment
- Configure an Interface as a DHCP Relay Agent
-
- DNS Overview
- DNS Proxy Object
- DNS Server Profile
- Multi-Tenant DNS Deployments
- Configure a DNS Proxy Object
- Configure a DNS Server Profile
- Use Case 1: Firewall Requires DNS Resolution
- Use Case 2: ISP Tenant Uses DNS Proxy to Handle DNS Resolution for Security Policies, Reporting, and Services within its Virtual System
- Use Case 3: Firewall Acts as DNS Proxy Between Client and Server
- DNS Proxy Rule and FQDN Matching
-
- NAT Rule Capacities
- Dynamic IP and Port NAT Oversubscription
- Dataplane NAT Memory Statistics
-
- Translate Internal Client IP Addresses to Your Public IP Address (Source DIPP NAT)
- Create a Source NAT Rule with Persistent DIPP
- PAN-OS
- Strata Cloud Manager
- Enable Clients on the Internal Network to Access your Public Servers (Destination U-Turn NAT)
- Enable Bi-Directional Address Translation for Your Public-Facing Servers (Static Source NAT)
- Configure Destination NAT with DNS Rewrite
- Configure Destination NAT Using Dynamic IP Addresses
- Modify the Oversubscription Rate for DIPP NAT
- Reserve Dynamic IP NAT Addresses
- Disable NAT for a Specific Host or Interface
-
- Network Packet Broker Overview
- How Network Packet Broker Works
- Prepare to Deploy Network Packet Broker
- Configure Transparent Bridge Security Chains
- Configure Routed Layer 3 Security Chains
- Network Packet Broker HA Support
- User Interface Changes for Network Packet Broker
- Limitations of Network Packet Broker
- Troubleshoot Network Packet Broker
-
- Enable Advanced Routing
- Logical Router Overview
- Configure a Logical Router
- Create a Static Route
- Configure BGP on an Advanced Routing Engine
- Create BGP Routing Profiles
- Create Filters for the Advanced Routing Engine
- Configure OSPFv2 on an Advanced Routing Engine
- Create OSPF Routing Profiles
- Configure OSPFv3 on an Advanced Routing Engine
- Create OSPFv3 Routing Profiles
- Configure RIPv2 on an Advanced Routing Engine
- Create RIPv2 Routing Profiles
- Create BFD Profiles
- Configure IPv4 Multicast
- Configure MSDP
- Create Multicast Routing Profiles
- Create an IPv4 MRoute
-
Something went wrong please try again later
Something went wrong please try again later
ACC Tabs
The ACC includes the following predefined tabs for viewing
network activity, threat activity, and blocked activity.
Tab | Description |
|---|---|
Network Activity | Displays an overview of traffic and user
activity on your network including:
In
addition, you can also view network activity by source or destination
zone, region, or IP address, ingress or egress interfaces, and GlobalProtect
host information such as the operating systems of the devices most
commonly used on the network. |
Threat Activity | Displays an overview of the threats on the
network, focusing on the top threats: vulnerabilities, spyware,
viruses, hosts visiting malicious domains or URLs, top WildFire
submissions by file type and application, and applications that
use non-standard ports. The Compromised Hosts widget in this tab
(the widget is supported on some platforms only), supplements detection
with better visualization techniques; it uses the information from
the correlated events tab (Automated Correlation EngineCorrelated Events) to present
an aggregated view of compromised hosts on your network by source
users/IP addresses and sorted by severity. |
Blocked Activity | Focuses on traffic that was prevented from
coming into the network. The widgets in this tab allow you to view
activity denied by application name, username, threat name, blocked
content—files and data that were blocked by a file blocking profile.
It also lists the top security rules that were matched on to block
threats, content, and URLs. |
Tunnel Activity | Displays the activity of tunnel
traffic that the firewall inspected based on your tunnel inspection
policies. Information includes tunnel usage based on tunnel ID,
monitor tag, user, and tunnel protocols such as Generic Routing
Encapsulation (GRE), General Packet Radio Service (GPRS) Tunneling
Protocol for User Data (GTP-U), and non-encrypted IPSec. |
GlobalProtect Activity | Displays an overview of user activity in
your GlobalProtect deployment. Information includes the number of
users and number of times users connected, the gateways to which
users connected, the number of connection failures and the failure
reason, a summary of authentication methods and GlobalProtect app
versions used, and the number of endpoints that are quarantined. In
addition, this tab displays a chart view summary of devices that
have been quarantined. Use the toggle
at the top of the chart to view the quarantined devices by the actions
that caused GlobalProtect to quarantine the device, the reason GlobalProtect
quarantined the device, and the location of the quarantined devices. |
SSL Activity | Displays an overview of TLS/SSL decryption
activity on the firewall. Information includes successful and unsuccessful
decryption activity in your network, decryption failure reasons
such as protocol, certificate, and version issues, TLS versions,
key exchange algorithms, and the amount and type of decrypted and
undecrypted traffic. Use the ACC information to evaluate how decryption is working on your network and then use the
decryption logs to drill
down into details. |
You can also Interact with the ACC to create
customized tabs with custom layout and widgets that meet your network
monitoring needs, export the tab and share with another administrator.