Page Comparison

Table of Contents

minLevel	2
maxLevel	2
type	flat

...

Purpose

Firewall Monitoring Activeboard allows you to analyze and monitor firewall traffic logs from different angles. In this Activeboard you will be able to:

Get data insights and filter them.
Track the traffic volume and actions.
Have access to Traffic Reputation heatmaps.
Compare the connections.
Get details about the most used Firewall rules.
Analyze denied firewall traffic and most rejected source IPs.

...

Pre-requisites

...

Expand

title	Included widgets

Filters for data insights
Time interval: Select input	Protocol: Select input	Destination Zone: Select input
Action: Select input	Application: Select input	Source IP: Text box input
Device name: Select input	Source Zone: Select input	Source Port: Text box input
Data visualization
Filters for data insights: Select input	Destination IP List: Voronoi widget	Top Talkers by Connections: Table widget
Last 100 Firewall Events: Table widget	Firewall Actions (Allow vs. Deny): Voronoi widget	Top Talkers by Data Transfer: Table widget
Traffic Volume by Application (last day): Area chart widget	Top Source IPs (by bytes): Voronoi widget	Most Used Firewall Rules - Occurrence: Column chart widget
Traffic Action Distribution: Donut chart widget	Source IP by Connections: Pie chart widget	Most Used Firewall Rules - Detail: Table widget
Traffic Activity Over Time by Action: Area chart widget	Source IP by Total KB: Donut chart widget	Most Used Firewall Rules: Voronoi widget
Traffic Activity Over Time by Protocol: Area chart widget	Destination IP by Connections: Pie chart widget	Most rejected Source IPs (>1000): Voronoi widget
Source IP List: Heatmap widget	Destination IP by Total KB: Donut chart widget	Most Rejected Source IPs: Table widget
Bandwith: Heatmap widget

Tip
This activeboard supports multitenancy.

Prerequisites

To use this Activeboard, you must have the following data sources available on your domain:

firewall.all.traffic ^{learn more}

Open

...

Activeboard

Once you have installed the Activeboard, you can

...

Go to Exchange in the navigation pane and look for the Activeboard you want to open. Click Open.

Image Removed

...

Info

Know more about Activeboards

Refer to Manage and filter Activeboards article to know how to work with Activeboards.

Exploring the Activeboard

When opening the Firewall Monitoring Activeboard, the following info displays:

...

use the Open button at the top right of the card in Exchange to access it and see the different widgets populated with the relevant data. You can also access the Activeboard area via the Navigation pane.

...

Info

Data loading takes too long?

Sometimes some widgets take time to upload the data, it is possible to speed up the process by creating aggregation tasks. Refer to the Aggregation tasks article to learn how to do it.

...

Rw expand

title	Click here to see the details

...

Widget

...

Details

...

Filters for data insights

...

Last 100 Firewall Events

...

Traffic Volume by Application (last day)

...

Traffic Action Distribution

...

Traffic Activity Over Time by Action

...

Traffic Activity Over Time by Protocol

...

Source IP List

...

Bandwith

...

Destination IP List

...

Firewall Actions (Allow vs. Deny)

...

Top Source IPs (by bytes)

...

Source IP by:

Connections
Total KB

...

Destinations IP by:

Connections
Total KB

...

Top Talkers by Connections

...

Top Talkers by Data Transfer

...

Most Used Firewall Rules - Occurrence

...

Most Used Firewall Rules - Detail

...

Most Used Firewall Rules

...

Most rejected Source IPs (>1000)

...

Use Activeboard

After installing and opening the Activeboard, you can use its widgets to visualize and monitor data. To do this, each widget offers a variety of customization and visualization options. Refer to Using widgets and Using inputs to know them all.

Versions Compared

Old Version 11

New Version Current

Key