View the applications in your Prisma Access and NGFW setups, users using the
application, risk scores, user experience for each application, and their potential security
impact.
Where Can I Use This?
What Do I Need?
Prisma Access
(with Strata Cloud Manager or Panorama
configuration management)
NGFWs
(with Strata Cloud Manager or Panorama
configuration management)
You must have at least one of these licenses to use the Activity
Insights:
Prisma Access
AIOps for NGFW Free (use the AIOps for NGFW Free app) or AIOps for NGFW Premium license (use the Strata Cloud Manager app)
The other licenses needed to view the Activity
Insights:Applications tab are:
Strata Logging Service
ADEM Observability will unlock additional
Prisma Access features
Monitor the applications in your Prisma Access and NGFW setups, users using
the application, risk scores, user experience for each application, and understand
the security impact posed by the risky applications. Application Usage findings can
help you to refine your security policy to control unsanctioned and risky
applications. Click Activity Insights > Applications to view
the following information:
Applications by Risk Score - the total
number of applications running in your organization and the number of
applications that are doing Good, Fair, and Poor. The applications are
categorized as Good, Fair, and Poor based on their application experience scores.
Application Data Transfer - Total data
download and uploaded across NGFW and Prisma Access firewalls during the
time range selected. You can filter to view data transfer originating from
the application category and flowing through the destination from the device
(data center or firewall).
All Applications - Use this widget to see
which Prisma Access applications are monitored with synthetic tests running on them
and applications running on your NGFW environments. The table also displays
their experience scores, which give you the health of each application.
You can also change the tag applied to Gen AI apps
based on the application risk score to reflect
whether the application is approved within your organization. In the
Actions column, select the tag icon and
choose the Sanctioned, Tolerated, or Unsanctioned tag and click
Apply.
(Prisma Access applications only) You can download the data in the
table in csv format. Click the Manage Tests button to view all the
synthetic tests that are set up for all your Prisma Access applications in
the Application Tests table. If you want to create a test to monitor an
application, click Monitor App to view Health under the User
Experience column.
Application Details- View general details of
the application along with details concerning application activity and
application experience.
The Activity tab shows the total
number of threats seen in the application, total users accessing the
application, data transferred through the application, PA Browser
Data Events, and PA Browser Access Events.
The following image shows Application Details about
PA Browser Data Events and PA
Browser Access Events. The default view shows an
Aggregate of all events and blocked
events, or you can choose to view a Breakdown
by Event Type and
Count.
The Experience tab shows the
application experience score, score trend during the selected time
range, and network performance metrics.
If an app is a container app, then the displayed
statistics are a roll-up of all the applications in the container. For example,
gmail is a container app (there is no App-ID for gmail). It groups applications such
as gmail-posting, gmail-downloading, gmail-uploading, and so forth. The risk score
set for this container app is the highest risk score found for the contained
applications. All other metrics are calculated by summing the values found for the
contained applications.
Reports- You cannot generate a report that
covers the data in this view. However, you can use the Application
Usage report to view application usage data in your network. To
schedule a report, from the Strata Cloud ManagerReports menu, click the
icon and select Application Usage from the
Type drop-down.