How it Works
Sonicwall
Loading...
SONICOS 5.8
Packet Monitor Manual
28 pgs857.27 Kb0
Anti-Spam Service Manual
21 pgs2.5 Mb0
Application control manual
80 pgs1.22 Mb0
Netflow reporting
24 pgs1.37 Mb0
Content Filtering Service
16 pgs1.23 Mb0
SonicWALL Packet Monitor
30 pgs2.49 Mb0
Application control manual
86 pgs3.76 Mb0
Visualization Dashboard Manual
20 pgs1.85 Mb0
Table of contents
Loading...

Sonicwall SONICOS 5.8 Visualization Dashboard Manual

Real-Time Visualization Dashboard in SonicOS 5.8

What is the Visualization Dashboard?

The SonicWALL Visualization Dashboard offers administrators an effective and efficient interface to visually monitor their network in real time. The Visualization Dashboard provides effective flow charts of real-time data, customizable rules, and flexible interface settings. Administrators can efficiently view and sort real-time network and bandwidth data to accomplish a variety of tasks which include:
Identify applications and websites with high bandwidth demands
View application usage on a per-user basis
Anticipate attacks and threats encountered by the network
The App Flow Monitor and Real-Time Monitor are new features available in the SonicWALL Visualization Dashboard. Each feature contains unique, real-time data streaming qualities that improve upon the existing Visualization Dashboard. These features are found in the SonicOS left-side menu under Dashboard.
The App Flow Monitor provides administrators a customizable interface to view real-time data pertaining to Applications, Users, URLs, Initiators, Responders, Threats, VoIP, VPN, Devices and Content.
The Real-Time Monitor provides administrators real-time flow charts of Applications, Ingress and Egress Bandwidth traffic, Multi-Core Monitoring, and Memory Usage.
This document contains the following sections:
“App Flow Monitor” section on page 2
“Filter Options” section on page 3
“App Flow Monitor Tabs” section on page 3
“App Flow Monitor Toolbar” section on page 4
“Group Options” section on page 5
“Group Options” section on page 5
“App Flow Monitor Status” section on page 6
“App Flow Monitor Views” section on page 7
SonicOS 5.8 Visualization Feature Guide
1

App Flow Monitor

“Real-Time Monitor” section on page 11
“Using the Toolbar” section on page 12
“Real-Time Application Flow” section on page 13
“Ingress and Egress Bandwidth Flow” section on page 14
“The Multi-Core Monitor Flow” section on page 16
“Memory Usage Flow” section on page 18
“Enabling Flow Collection” section on page 19
“Using Filtering Options” section on page 19
App Flow Monitor
The App Flow Monitor provides administrators with real-time, incoming and outgoing network data. Various views and customizable options in the App Flow Monitor Interface assist in visualizing the traffic data.
This section contains the following subsections:
“Filter Options” section on page 3
“App Flow Monitor Tabs” section on page 3
“App Flow Monitor Toolbar” section on page 4
“Group Options” section on page 5
“Group Options” section on page 5
“App Flow Monitor Status” section on page 6
“App Flow Monitor Views” section on page 7
2
SonicOS 5.8 Visualization Feature Guide

Filter Options

The App Flow Monitor Filter Options allows the administrator to filter out incoming, real-time data. Administrators can apply, create, and delete custom filters to customize the information they wish to view. The Filter Options apply across all the Application Flow tabs. Please refer to the “Using Filtering Options” section on page 19.
Option Widget Description
Add to Filter Adds current selection to filter.
Remove from Filter
Load Filter Loads existing filter settings.
App Flow Monitor
At least 1 item must be selected in order to use the Filter Options. After doing so, all other tabs will update with information pertaining to the items in the filter.
Removes the current selection from the filter view by clicking on the X.
Save Saves the current filter settings.
Delete Deletes the current filter settings.

App Flow Monitor Tabs

The App Flow Monitor Tabs contains details about incoming and outgoing network traffic. Each tab provides a faceted view of the network flow. The data is organized by Applications, Users, URLs, Initiators, Responders, Threats, VoIP, VPN, Devices, and Content.
The Applications tab displays a list of Applications currently accessing the network.
The Users tab displays a list of Users currently connected to the network.
The URLs tab displays a list of URLs currently accessed by Users.
The Initiators tab displays details about current connection initiators.
The Responders tab displays details about current connection responders.
The Threats tab displays a list of threats encountered by the network.
The VoIP tab displays current VoIP and media traffic.
The VPN tab displays a list of VPN sessions connected to the network.
The Devices tab displays a list of devices currently connected to the network.
The Contents tab displays information about the type of traffic flowing through the network.
SonicOS 5.8 Visualization Feature Guide
3
App Flow Monitor

App Flow Monitor Toolbar

The App Flow Toolbar allows for customization of the App Flow Monitor interface. The ability to create rules and add items to filters allows for more application and user control. Different views, pause and play abilities, customizable data intervals and refresh rates are also available to aid in visualizing incoming, real-time data.
Option Widget Description
Filter View Adds selected items to the filter.
Interval The span of time in which data is collected.
Group Categorizes selections according to the available
List View Provides a detailed list view of the data flow.
grouping options which vary depending on the tab that is selected.
Please refer to the “Group Options” section on
page 5.
Pie Chart View Provides a pie chart view of the data flow.
Flow Chart View Provides a flow chart view of the data flow.
Export Exports the data flow in comma separated
variable (.csv) format.
Print Prints the current data displayed.
Configuration Allows for customization of the display by
enabling or disabling columns for Applications, Sessions, Packets, Bytes, Rate, and Threats. Also allows the administrator to enable or disable commas in numeric fields.
Refresh Button
Status Update Provides status updates about App signatures,
Refreshes the real-time data.
GAV Database, Spyware Database, IPS Database, Country Database, Max Flows in Database, and CFS Status. Please refer to the
“App Flow Monitor Status” section on page 6 for
more information. A green status icon signifies the Content Filtering
Services (CFS) is active. A yellow status icon signifies the CFS is not
active.
4
SonicOS 5.8 Visualization Feature Guide
Option Widget Description
Refresh Rate Rate at which data is refreshed.
Pause/Play Freezes and unfreezes the data flow. Doing so

Group Options

The Group option sorts data based on the specified group. Each tab contains different grouping options.
The Applications tab can be grouped by:
The Users tab can be grouped by:
The URL tab can be grouped according to:
The Initiators tab can be grouped according to:
The Responders tab can be grouped according to:
The Threats tab can be grouped according to:
A numeric integer between 10 and 999 must be specified.
If 300 is entered in the numeric field, that means the data flow will refresh every 300 seconds.
gives the administrator flexibility when analyzing real-time data.
Application: Groups all traffic generated by an application.
Category: Groups all traffic generated by an application category.
User Name: Groups all traffic generated by a specific user.
IP Address: Groups all traffic generated by a specific IP address.
Domain Name: Groups all traffic generated by a specific domain name.
Auth Type: Groups all traffic generated by a specific authorizing type.
URL: Groups all traffic generated by a URL.
Domain Name: Groups all traffic generated by a domain name.
Rating: Groups all traffic generated based on rating.
IP Address: Groups all traffic generated by a specific IP address.
Interface: Groups all traffic according to interface.
Country: Groups all traffic generated by country.
Domain Name: Groups all traffic generated by a domain name.
IP Address: Groups all traffic by IP address.
Interface: Groups responders by interface.
Country: Groups responders by country.
Domain Name: Groups responders by domain name.
Intrusions: Groups all threats by type of intrusion.
Viruses: Shows threats that fall under the category of viruses.
Spyware: Shows all threats that fall under the category of spyware.
Spam: Shows all threats that fall under the category of spam.
App Flow Monitor
SonicOS 5.8 Visualization Feature Guide
5
App Flow Monitor
The VoIP tab can be grouped according to:
Media Type: Groups VoIP according to media type.
Caller ID: Groups VoIP according to caller ID.
The VPN tab can be grouped according to:
Remote IP Address: Groups VPN access according to the remote IP address.
Local IP Address: Groups VPN access according to the local IP address.
Name: Groups VPN access according to the user’s name.
The Devices tab can be grouped according to:
IP Address: Groups devices accessing the network by IP address.
Interface: Groups devices by interface.
Name: Groups devices by type.
The Contents tab can be grouped according to:
Email Address: Groups contents by email address.
File Name: Groups contents by file name.

App Flow Monitor Status

The App Flow Monitor Status dialog appears when the cursor rolls over the Status button in the toolbar. The App Flow Monitor Status provides updates about the App Signatures, GAV Database, Spyware Database, IPS Database, and Country Database. The dialog also informs administrators about the Content Filtering Service (CFS) status and Max Flows in the Database.
The option to enable or disable the flow collection is available in the Status dialog. If the Status dialog is no longer wanted, click close in the upper-right corner.
6
SonicOS 5.8 Visualization Feature Guide

App Flow Monitor Views

Three views are available for the App Flow Monitor: Detailed, Pie Chart, and Flow Chart View. Each view provides the administrator a unique display of incoming, real-time data.
List View
In the List View, each App Flow tab is comprised of columns displaying real-time data. These columns are organized into sortable categories.
App Flow Monitor
Check Box: Allows the administrator to select the item.
Main Column: The title of the Main Column is dependent on the selected tab. For example,
if the Users Tab is the selected, then the Main Column header will read “Users”. In that column, the name of the Users connected to the network are shown.
Sessions: Displays how many sessions are currently active.
Packets: Displays the number of data packets transferred.
Bytes: Displays the number of bytes transferred.
Rate (KBps): Displays the rate at which data is transferred.
Threats: Displays the number of threats encountered by the network.
Total: Displays the total Sessions, Packets, and Bytes sent during the duration of the
current interval.
SonicOS 5.8 Visualization Feature Guide
7
Loading...
+ 15 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use