Monitor Network Activity
The Panorama management server provides a comprehensive, graphical view of network
traffic, enabling administrators to centrally analyze, investigate, and report on all
network activity. Using Panorama’s visibility tools—such as the Application Command
Center (ACC), App-Scope, logs, and robust reporting capabilities—you can identify areas
with potential security impacts and translate these insights into secure application
enablement policies.
Monitoring network activity begins with the ACC and App-Scope, which dynamically query
data to display summaries of traffic by applications, users, and content activity. These
tools allow you to identify high-risk applications, view bandwidth consumption trends,
analyze URL categories, and map the geographic distribution of incoming and outgoing
threats. In addition to visualizations, Panorama allows you to deeply analyze log data,
which includes archived sessions processed by managed firewalls.
This log data covers traffic flows, threats, data filtering, Host Information Profile
(HIP) matches, WildFire submissions, and User-ID mapping information, providing granular
details like source and destination addresses, application types, and allowed or denied
actions.
Administrators can also generate, schedule, and email highly customizable reports to
maintain a unified monitoring approach, utilizing configurable key limits to ensure
accurate aggregation and sorting in high-volume deployments. Panorama can ingest Traps
ESM logs to provide an integrated view of network events alongside endpoint security
events, correlating discrete data to generate match evidence for thorough incident
investigations. Through practical use cases, such as monitoring top applications to
shape acceptable use policies or responding to incidents by reviewing Threat and
WildFire logs to reconstruct attack vectors, Panorama empowers administrators to
continuously secure the network and fix potential vulnerabilities.