Apstra Flow Dashboards
The following sections show examples of use cases using the Apstra Flow dashboards you can use to manage your network. See the Juniper Apstra Flow Data Installation Guide for information about how to access the dashboards.
Top-N Dashboard
Understanding and optimizing network performance is critical for any network operator. Apstra Flow lets you continuously learn about what is traversing your network at any given time and helps you continually improve network functionality. Figure 1 shows an example of the Top-N dashboard. The dashboard shows a list of the top traffic traversing your network. You can also filter information by Talkers (traffic source and destination), Services (such as SSH and HTTPS), Apps, and Conversations.
You can also add filters to further enrich the data shown. For example, you might want to narrow in on a particular source or destination, service, or TCP flags to show the connection status.
Threats Dashboard
Apstra Flow can perform basic threat detection for flows. The Threats dashboard shows any DDoS, port scans, and brute force attempts on your network. Figure 2 shows an example of repeated SSH sessions that were sent between hosts. In this example, Apstra Flow displays these sessions as brute-force attempts. Apstra Flow can also enrich the data that is displayed with DNS, and IP geolocation.
Apstra Flow allows you to trigger these results yourself by using the open-source hping3 network scanning tool. You can use this tool to send different packet types for security vulnerability testing.
Performance and Planning Dashboards
Gaining inside knowledge into your network can help you rebalance your applications and capacity planning, but to do that, you need to see how the flows are impacting individual interfaces. To see a particular traffic flow in the Apstra GUI, you can create a filter that persists across the top-level tabs in the Apstra Flow dashboard.
For example, in Figure 3 under the Flow: Top Talkers tab, we chose the most talkative source IP (src) address (indicated by arrow 1). By hovering over that IP and clicking the + sign, we created a filter (indicated by arrow 2).
This filter also applies to other tabs, such as the Interface tab as shown in Figure 4. The Interfaces tab shows the interfaces on which your chosen IP address communicates.
From the Interfaces dashboard, you can:
- Identify link saturation: See which interfaces are experiencing high traffic volume, helping you determine where to rebalance applications or add capacity.
- Drill down further: Select individual flow exporters (switches), interface types (ingress/egress), and specific interfaces for even more granular analysis.
This use case shows you where you are having issues with link saturation in your network. This is useful for capacity planning exercises, or troubleshooting cloud-native applications in a data center.