The ACC includes the following predefined tabs for viewing
network activity, threat activity, and blocked activity.
Displays an overview of traffic and user
activity on your network including:
Top users who generate traffic (with a drill down into the
bytes, content, threats or URLs accessed by the user)
Most used security rules against which traffic matches occur
addition, you can also view network activity by source or destination
zone, region, or IP address, ingress or egress interfaces, and GlobalProtect
host information such as the operating systems of the devices most
commonly used on the network.
Displays an overview of the threats on the
network, focusing on the top threats: vulnerabilities, spyware,
viruses, hosts visiting malicious domains or URLs, top WildFire
submissions by file type and application, and applications that
use non-standard ports. The Compromised Hosts widget in this tab
(the widget is supported on some platforms only), supplements detection
with better visualization techniques; it uses the information from
the correlated events tab (
) to present
an aggregated view of compromised hosts on your network by source
users/IP addresses and sorted by severity.
Focuses on traffic that was prevented from
coming into the network. The widgets in this tab allow you to view
activity denied by application name, username, threat name, blocked content—files
and data that were blocked by a file blocking profile. It also lists
the top security rules that were matched on to block threats, content,
You can also Interact with the ACC to
create customized tabs with custom layout and widgets that meet
your network monitoring needs.