Visibility into Applications, Users, and Content.
Port numbers, protocols, and IP addresses are useful for network devices, but they tell you nothing about what is on your network. Detailed information about the applications, users, and content traversing your network empowers you to quickly determine any risks they pose and quickly respond. Leveraging the rich context provided by Palo Alto Networks firewalls, our visualization, analysis, and reporting tools let you quickly learn more about activity on your network and analyze incidents from a current or comparative perspective. Watch this video to see how much could be visible on your network.
Learn more about the App-ID Technology.
Visibility into your applications, web traffic, threats, and data patterns.
Our Application Command Center (ACC) is an interactive, graphical summary of the applications, users, URLs, threats, and content traversing your network. It allows you to keep your finger on the pulse of what is going on. ACC provides a 10,000 foot view of what's happening on your network, and with just a few clicks you can get a highly detailed view to learn more, including links to the specific policy that allowed a certain behavior so you can tune it as needed.
Knowledge is power. Learning more about new or unfamiliar applications or threats that are displayed in ACC takes just a single click, which shows you:
- A description of the application or threat.
- An application's key features and behavioral characteristics.
- Details on the users using an application.
- Details on those affected by a threat.
Additional data on traffic source and destination, security rules and zones provides a wider view of the application's usage patterns, which helps you make a more informed decision on how to treat that traffic.
Visibility based on users and groups – not IP addresses.
Integration with a wide range of directory services allows our system to display detailed user information (along with their IP address), complementing the application and threat information you receive. You can add additional filters to learn more about application usage for individual users, along with the threats detected within your application traffic. In only minutes, ACC arms you with the data you need to make more informed security policy decisions and take action to reduce risk in your enterprise.
Comparative view into traffic and threat patterns.
App-Scope is a dynamic, customizable window into your network's activity, presenting you with comparative statistics based upon different timeframes, applications, application categories, threat profiles and more. A standard feature in both our device web-interface and Panorama (centralized management), App-Scope reduces the amount of time you have to spend investigating unusual behavior.
Detailed analysis of all your traffic and device activities.
Our log viewer provides a fine-grain view into your network activity. It summarizes all traffic traversing the network – including apps, user information, and threats. The log viewer supports context and expression-based filtering, allowing you to quickly and easily monitor, analyze, and investigate security incidents The log viewer leverages our firewalls' integration with user repositories, complementing application and threat views with user and group visibility. Logs can be sent automatically to your syslog server, while individual filter results are exportable to a CSV file for offline archival or further analysis.
Customized reporting for all traffic and device activities.
Using either your firewall's individual device management interface or Panorama, you will appreciate fingertip access to powerful reporting and logging features that will help you quickly investigate and analyze security incidents, application usage and user behavior. More than 50 predefined, customizable reports - incorporating elements you choose from other reports - are available. You can automate reports to run on a scheduled basis and have the results emailed or exported to a PDF or Excel spreadsheet.