View Inspected Tunnel Activity
Perform the following task to view activity of inspected tunnels.
- Select ACC and select a Virtual System or All virtual systems.
- Select Tunnel Activity.
- Select a Time period to view, such as Last 24 Hrs or Last 30 Days.
- For Global Filters, click the + or - buttons to use ACC Filters on tunnel activity.
- View inspected tunnel activity; you can display and sort
data in each window by bytes, sessions, threats, content,
or URLs. Each window displays a different aspect
of tunnel data in graph and table format:
- Tunnel ID Usage—Each tunnel protocol lists the Tunnel IDs of tunnels using that protocol. Tables provide totals of Bytes, Sessions, Threats, Content, and URLs for the protocol. Hover over the tunnel ID to get a breakdown per tunnel ID.
- Tunnel Monitor Tag—Each tunnel protocol lists tunnel monitor tags of tunnels using that tag. Tables provide totals of Bytes, Sessions, Threats, Content, and URLs for the tag and for the protocol. Hover over the tunnel monitor tag to get a breakdown per tag.
- Tunneled Application Usage—Application categories graphically display types of applications grouped into media, general interest, collaboration, and networking, and color-coded by their risk. The Application tables also include a count of users per application.
- Tunneled User Activity—Displays a graph of bytes sent and bytes received, for example, along an x-axis of date and time. Hover over a point on the graph to view data at that point. The Source User and Destination User table provides data per user.
- Tunneled Source IP Activity—Displays graphs and tables of bytes, sessions, and threats, for example, from an Attacker at an IP address. Hover over a point on the graph to view data at that point.
- Tunneled Destination IP Activity—Displays graphs and tables based on destination IP addresses. View threats per Victim at an IP address, for example. Hover over a point on the graph to view data at that point.
Tunnel Content Inspection Overview
Tunnel Content Inspection Overview Your firewall can inspect tunnel content anywhere on the network where you do not have the opportunity to terminate the tunnel ...
ACC Tabs Network Activity —Displays an overview of traffic and user activity on your network. This view focuses on the top most-used applications, the top ...
ACC Tabs The ACC includes the following predefined tabs for viewing network activity, threat activity, and blocked activity. Tab Description Network Activity Displays an overview ...
Configure Tunnel Content Inspection
Configure Tunnel Content Inspection Perform this task to configure tunnel content inspection for a tunnel protocol that you allow through a tunnel. Create a Security ...
ACC Widgets The widgets on each tab are interactive; you can set the ACC Filters and drill down into the details for each table or ...
Tunnel Content Inspection
Tunnel Content Inspection The firewall can inspect the traffic content of cleartext tunnel protocols without terminating the tunnel: Generic Routing Encapsulation (GRE) ( RFC 2784 ...
Widget Descriptions Each tab on the ACC includes a different set of widgets. Widget Description Network Activity —Displays an overview of traffic and user activity ...
VXLAN Tunnel Content Inspection
Configure tunnel content inspection to scan traffic within a VXLAN tunnel. ...
Building Blocks in a Tunnel Inspection Policy
Building Blocks in a Tunnel Inspection Policy Select Policies Tunnel Inspection to add a Tunnel Inspection policy rule. You can use the firewall to inspect ...