- play_arrow Junos Space Security Director
- play_arrow Monitor
- play_arrow Events and Logs-All Events
- Events and Logs Overview
- Creating Alerts
- Creating Reports
- Creating Filters
- Grouping Events
- Using Events and Logs Settings
- Selecting Events and Logs Table Columns
- Viewing Threats
- Viewing Data for Selected Devices
- Using the Detailed Log View
- Using the Raw Log View
- Showing Exact Match
- Using Filter on Cell Data
- Using Exclude Cell Data
- Showing Firewall Policy
- Showing Source NAT Policy
- Showing Destination NAT Policy
- Downloading Packets Captured
- Showing Attack Details
- Using Filters
- play_arrow Events and Logs-Firewall
- play_arrow Events and Logs-Web Filtering
- play_arrow Events and Logs-VPN
- play_arrow Events and Logs-Content Filtering
- play_arrow Events and Logs-Antispam
- play_arrow Events and Logs-Antivirus
- play_arrow Events and Logs-IPS
- play_arrow Events and Logs-Screen
- play_arrow Events and Logs-ATP Cloud
- play_arrow Events and Logs-Apptrack
- play_arrow Threat Prevention-Hosts
- play_arrow Threat Prevention-C&C Servers
- play_arrow Threat Prevention-HTTP File Download
- play_arrow Threat Prevention-Email Quarantine and Scanning
- play_arrow Threat Prevention-IMAP Block
- play_arrow Threat Prevention-Manual Upload
- play_arrow Threat Prevention-Feed Status
- play_arrow Threat Prevention-All Hosts Status
- play_arrow Threat Prevention-DDoS Feeds Status
- play_arrow Applications
- play_arrow Live Threat Map
- play_arrow Threat Monitoring
- play_arrow Alerts and Alarms - Overview
- play_arrow Alerts and Alarms-Alerts
- play_arrow Alerts and Alarms-Alert Definitions
- play_arrow Alerts and Alarms-Alarms
- play_arrow VPN
- play_arrow Insights
- play_arrow Job Management
- Using Job Management in Security Director
- Overview of Jobs in Security Director
- Archiving and Purging Jobs in Security Director
- Viewing the Details of a Job in Security Director
- Canceling Jobs in Security Director
- Reassigning Jobs in Security Director
- Rescheduling and Modifying the Recurrence of Jobs in Security Director
- Retrying a Failed Job on Devices in Security Director
- Exporting the Details of a Job in Security Director
- Job Management Main Page Fields
- play_arrow Audit Logs
- play_arrow Packet Capture
- play_arrow NSX Inventory-Security Groups
- play_arrow vCenter Server Inventory-Virtual Machines
- play_arrow Data Plane Packet Capture
-
- play_arrow Devices
- play_arrow Security Devices
- Using Features in Security Devices
- Security Devices Overview
- Add Devices to Juniper Security Director Cloud
- Updating Security-Specific Configurations or Services on Devices
- Resynchronizing Managed Devices with the Network in Security Director
- Performing Commit Check
- Logical Systems Overview
- Tenant Systems Overview
- Create a Logical System
- Create a Tenant System
- Uploading Authentication Keys to Devices in Security Director
- Modifying the Configuration of Security Devices
- Modifying the Basic Configuration for Security Devices
- Modifying the Static Routes Configuration for Security Devices
- Modifying the Routing Instances Configuration for Security Devices
- Modifying the Physical Interfaces Configuration for Security Devices
- Modifying the Syslog Configuration for Security Devices
- Modifying the Security Logging Configuration for Security Devices
- Modifying the Link Aggregation for Security Devices
- Modifying the User Management Configuration for Security Devices
- Modifying the Screens Configuration for Security Devices
- Modifying the Zones Configuration for Security Devices
- Modifying the IPS Configuration for Security Devices
- Modifying the SSL Initiation Profile for Security Devices
- Modifying the ICAP Redirect Profile for Security Devices
- Configuring Aruba ClearPass for Security Devices
- Configuring APBR Tunables for Security Devices
- Modifying the Express Path Configuration for Security Devices
- Modifying the Device Information Source Configuration for Security Devices
- Viewing the Active Configuration of a Device in Security Director
- Deleting Devices in Security Director
- Rebooting Devices in Security Director
- Resolving Key Conflicts in Security Director
- Launching a Web User Interface of a Device in Security Director
- Connecting to a Device by Using SSH in Security Director
- Importing Security Policies to Security Director
- Importing Device Changes
- Viewing Device Changes
- Viewing and Exporting Device Inventory Details in Security Director
- Previewing Device Configurations
- Refreshing Device Certificates
- Assigning Security Devices to Domains
- Acknowledging Device SSH Fingerprints in Security Director
- Viewing Security Device Details
- Security Devices Main Page Fields
- play_arrow Device Discovery
- Overview of Device Discovery in Security Director
- Creating Device Discovery Profiles in Security Director
- Editing, Cloning, and Deleting Device Discovery Profiles in Security Director
- Running a Device Discovery Profile in Security Director
- Viewing the Device Discovery Profile Details in Security Director
- Device Discovery Main Page Fields
- play_arrow Secure Fabric
- play_arrow NSX Managers
- Understanding Juniper Connected Security for VMware NSX Integration
- Understanding Juniper Connected Security for VMware NSX-T Integration
- Before You Deploy vSRX in VMware NSX Environment
- Before You Deploy vSRX in VMware NSX-T Environment
- About the NSX Managers Page
- Download the SSH Key File
- Add the NSX Manager
- Registering Security Services
- Editing NSX Managers
- Viewing Service Definitions
- Deleting the NSX Manager
- Delete the NSX-T Manager
- Deploying the vSRX as an Advanced Security Service in a VMware NSX Environment
- Deploy the vSRX as an Advanced Security Service in a VMware NSX-T Environment
- play_arrow vCenter Servers
- play_arrow Licenses
-
- play_arrow Configure
- play_arrow Firewall Policy-Standard Policies
- Firewall Policies Overview
- Policy Ordering Overview
- Creating Firewall Policies
- Firewall Policies Best Practices
- Creating Firewall Policy Rules
- Rule Base Overview
- Firewall Policy Locking Modes
- Rule Operations on Filtered Rules Overview
- Create and Manage Policy Versions
- Assigning Devices to Policies
- Comparing Policies
- Export Policies
- Creating Custom Columns
- Promoting to Group Policy
- Converting Standard Policy to Unified Policy
- Probe Latest Policy Hits
- Disable Firewall Policy Rules Based on Hits Over a Specified Duration
- Viewing and Synchronizing Out-of-Band Firewall Policy Changes Manually
- Importing Policies
- Delete and Replace Policies and Objects
- Unassigning Devices from Policies
- Edit and Clone Policies and Objects
- Publishing Policies
- Showing Duplicate Policies and Objects
- Show and Delete Unused Policies and Objects
- Updating Policies on Devices
- Firewall Policies Main Page Fields
- Firewall Policy Rules Main Page Fields
- play_arrow Firewall Policy-Unified Policies
- play_arrow Firewall Policy-Devices
- play_arrow Firewall Policy-Schedules
- play_arrow Firewall Policy-Profiles
- Understanding Firewall Policy Profiles
- Understanding Captive Portal Support for Unauthenticated Browser Users
- Creating Firewall Policy Profiles
- Edit and Clone Policies and Objects
- Delete and Replace Policies and Objects
- Assigning Policies and Profiles to Domains
- Firewall Policy Profiles Main Page Fields
- play_arrow Firewall Policy-Templates
- play_arrow Firewall Policy-Secure Web Proxy
- play_arrow Firewall Policy-DNS Security & ETI Profile
- play_arrow Firewall Policy-DNS Security & ETI Policy
- play_arrow Firewall Policy-DNS Sinkhole
- play_arrow Environment
- play_arrow Application Firewall Policy-Policies
- play_arrow Application Firewall Policy-Signatures
- play_arrow Application Firewall Policy-Redirect Profiles
- play_arrow SSL Profiles
- play_arrow User Firewall Management-Active Directory
- play_arrow User Firewall Management-Access Profile
- play_arrow User Firewall Management-Address Pools
- play_arrow User Firewall Management-Identity Management
- play_arrow User Firewall Management-End User Profile
- play_arrow IPS Policy-Policies
- Understanding IPS Policies
- Creating IPS Policies
- Creating IPS Policy Rules
- Publishing Policies
- Updating Policies on Devices
- Assigning Devices to Policies
- Create and Manage Policy Versions
- Creating Rule Name Template
- Export Policies
- Unassigning Devices to Policies
- Viewing and Synchronizing Out-of-Band IPS Policy Changes Manually
- Edit and Clone Policies and Objects
- Delete and Replace Policies and Objects
- Assigning Policies and Profiles to Domains
- IPS Policies Main Page Fields
- play_arrow IPS Policy-Devices
- play_arrow IPS Policy-Signatures
- play_arrow IPS Policy-Templates
- play_arrow NAT Policy-Policies
- NAT Overview
- NAT Global Address Book Overview
- Creating NAT Policies
- Publishing Policies
- NAT Policy Rules Main Page Field
- Creating NAT Rules
- Updating Policies on Devices
- Edit and Clone Policies and Objects
- Delete and Replace Policies and Objects
- Assigning Policies and Profiles to Domains
- Comparing Policies
- Create and Manage Policy Versions
- Export Policies
- Assigning Devices to Policies
- Unassigning Devices to Policies
- Creating Rule Name Template
- Viewing and Synchronizing Out-of-Band NAT Policy Changes Manually
- Configuring NAT Rule Sets
- Auto Grouping
- NAT Policies Main Page Fields
- play_arrow NAT Policy-Devices
- play_arrow NAT Policy-Pools
- play_arrow NAT Policy-Port Sets
- play_arrow Content Security Policy-Policies
- Content Security Overview
- Creating Content Security Policies
- Comparing Policies
- Delete and Replace Policies and Objects
- Viewing Policy and Shared Object Details
- Assigning Policies and Profiles to Domains
- Showing Duplicate Policies and Objects
- Edit and Clone Policies and Objects
- Show and Delete Unused Policies and Objects
- Content Security Policies Main Page Fields
- play_arrow Content Security Policy-Web Filtering Profiles
- play_arrow Content Security Policy-Category Update
- play_arrow Content Security Policy-Antivirus Profiles
- play_arrow Content Security Policy-Antispam Profiles
- play_arrow Content Security Policy-Content Filtering Profiles
- play_arrow Content Security Policy-Global Device Profiles
- play_arrow Content Security Policy-Default Configuration
- play_arrow Content Security Policy-URL Patterns
- play_arrow Content Security Policy-Custom URL Categories
- play_arrow Application Routing Policies
- Understanding Application-Based Routing
- About the Application Routing Policies Page
- Configuring Advanced Policy-Based Routing Policy
- About the Rules Page (Advanced Policy-Based Routing)
- Creating Advanced Policy-Based Routing Rules
- About the App Based Routing Page
- Edit and Clone Policies and Objects
- Assigning Devices to Policies
- Customizing Profile Names
- Publishing Policies
- Updating Policies on Devices
- play_arrow Threat Prevention - Policies
- play_arrow Threat Prevention - Feed Sources
- About the Feed Sources Page
- Juniper ATP Cloud Realm Overview
- Juniper ATP Cloud Malware Management Overview
- Juniper ATP Cloud Email Management Overview
- File Inspection Profiles Overview
- Juniper ATP Cloud Email Management: SMTP Settings
- Configure IMAP Settings
- Creating Juniper ATP Cloud Realms and Enrolling Devices or Associating Sites
- Modifying Juniper ATP Cloud Realm
- Creating File Inspection Profiles
- Creating Allowlist for Juniper ATP Cloud Email and Malware Management
- Creating Blocklists for Juniper ATP Cloud Email and Malware Management
- Add ATP Appliance Server
- Edit or Delete a ATP Appliance Server
- Custom Feed Sources Overview
- Creating Custom Feeds
- Example: Creating a Dynamic Address Custom Feed and Firewall Policy
- Configuring Settings for Custom Feeds
- play_arrow IPsec VPN-VPNs
- IPsec VPN Overview
- Create a Site-to-Site VPN
- Create a Hub-and-Spoke (Establishment All Peers) VPN
- Create a Hub-and-Spoke (Establishment by Spokes) VPN
- Create a Hub-and-Spoke Auto Discovery VPN
- Create a Full Mesh VPN
- Create a Remote Access VPN—Juniper Secure Connect
- Create a Remote Access VPN—NCP Exclusive Client
- IPsec VPN Global Settings
- Understanding IPsec VPN Modes
- Comparison of Policy-Based VPNs and Route-Based VPNs
- Understanding IPsec VPN Routing
- Understanding IKE Authentication
- Publishing IPsec VPNs
- Updating IPSec VPN
- Modify IPsec VPN Settings
- Viewing Tunnels
- Importing IPsec VPNs
- Deleting IPSec VPN
- IPsec VPN Main Page Fields
- play_arrow IPsec VPN-Extranet Devices
- play_arrow IPsec VPN-Profiles
- play_arrow Insights
- About the Log Parsers Page
- Create a New Log Parser
- Edit and Delete a Log Parser
- About the Log Sources Page
- Add a Log Source
- Edit and Delete a Log Source
- View Log Statistics
- About the Event Scoring Rules Page
- Create an Event Scoring Rule
- Edit and Delete Event Scoring Rules
- About the Incident Scoring Rules Page
- Create an Incident Scoring Rule
- Edit and Delete Incident Scoring Rules
- play_arrow Shared Objects-Geo IP
- play_arrow Shared Objects-Policy Enforcement Groups
- play_arrow Shared Objects-Addresses
- play_arrow Shared Objects-Services
- play_arrow Shared Objects-Variables
- play_arrow Shared Objects-Zone Sets
- Understanding Zone Sets
- Creating Zone Sets
- Edit and Clone Policies and Objects
- Delete and Replace Policies and Objects
- Finding Usages for Policies and Objects
- Show and Delete Unused Policies and Objects
- Showing Duplicate Policies and Objects
- Viewing Policy and Shared Object Details
- Zone Sets Main Page Fields
- play_arrow Shared Objects-Metadata
- play_arrow Change Management-Change Requests
- Change Control Workflow Overview
- Creating a Firewall or NAT Policy Change Request
- About the Changes Submitted Page
- Approving and Updating Changes Submitted
- Creating and Updating a Firewall Policy Using Change Control Workflow
- Editing, Denying, and Deleting Change Requests
- About the Changes Not Submitted Page
- Discarding Policy Changes
- Viewing Submitted and Unsubmitted Policy Changes
- play_arrow Change Management-Change Request History
- play_arrow Overview of Policy Enforcer and Juniper ATP Cloud
- play_arrow Concepts and Configuration Types to Understand Before You Begin (Policy Enforcer and Juniper ATP Cloud)
- Policy Enforcer Components and Dependencies
- Policy Enforcer Configuration Concepts
- Juniper ATP Cloud Configuration Type Overview
- Features By Juniper ATP Cloud Configuration Type
- Available UI Pages by Juniper ATP Cloud Configuration Type
- Comparing the Juniper Connected Security and non-Juniper Connected Security Configuration Steps
- play_arrow Installing Policy Enforcer
- Policy Enforcer Installation Overview
- Deploying and Configuring the Policy Enforcer with OVA files
- Installing Policy Enforcer with KVM
- Policy Enforcer Ports
- Identifying the Policy Enforcer Virtual Machine In Security Director
- Obtaining a Juniper ATP Cloud License
- Creating a Juniper ATP Cloud Web Portal Login Account
- Loading a Root CA
- Upgrading Your Policy Enforcer Software
- play_arrow Configuring Policy Enforcer Settings and Connectors
- Policy Enforcer Settings
- Policy Enforcer Connector Overview
- Creating a Policy Enforcer Connector for Public and Private Clouds
- Creating a Policy Enforcer Connector for Third-Party Switches
- Editing and Deleting a Connector
- Viewing VPC or Projects Details
- Integrating ForeScout CounterACT with Juniper Networks Connected Security
- ClearPass Configuration for Third-Party Plug-in
- Cisco ISE Configuration for Third-Party Plug-in
- Integrating Pulse Policy Secure with Juniper Networks Connected Security
- Policy Enforcer Backup and Restore
- play_arrow Guided Setup-ATP Cloud with SDSN
- play_arrow Guided Setup-ATP Cloud
- play_arrow Guided Setup for No ATP Cloud (No Selection)
- play_arrow Manual Configuration- ATP Cloud with SDSN
- play_arrow Manual Configuration-ATP Cloud
- play_arrow Cloud Feeds Only Threat Prevention
- play_arrow Configuring No ATP Cloud (No Selection) (without Guided Setup)
- play_arrow Migration Instructions for Spotlight Secure Customers
-
- play_arrow Reports
- play_arrow Administration
- play_arrow My Profile
- play_arrow Users and Roles-Users
- Overview of Users in Security Director
- Creating Users in Security Director
- Editing and Deleting Users in Security Director
- Viewing and Terminating Active User Sessions in Security Director
- Viewing the User Details in Security Director
- Clearing Local Passwords for Users in Security Director
- Disabling and Enabling Users in Security Director
- Unlocking Users in Security Director
- Users Main Page Fields
- play_arrow Users and Roles-Roles
- play_arrow Users and Roles-Domains
- Overview of Domains in Security Director
- Creating Domains in Security Director
- Edit and Delete Domains in Security Director
- Exporting Domains in Security Director
- Viewing Users, Devices, and Remote Profiles Assigned to a Domain in Security Director
- Assigning Devices to Domains in Security Director
- Assigning and Unassigning Remote Profiles to Domains in Security Director
- Assigning and Unassigning Users to Domains in Security Director
- Domains Main Page Fields
- play_arrow Users and Roles-Remote Profiles
- play_arrow Logging Management
- play_arrow Logging Management-Logging Nodes
- play_arrow Logging Management-Statistics & Troubleshooting
- play_arrow Logging Management-Logging Devices
- play_arrow Monitor Settings
- play_arrow Signature Database
- play_arrow License Management
- play_arrow Migrating Content from NSM to Security Director
- play_arrow Policy Sync Settings
- play_arrow Insights Management
- Add Insights Nodes
- About the Alerts Settings Page
- Create a New Alert Setting
- Configure System Settings
- About the Identity Settings Page
- Add JIMS Configuration
- Edit and Delete an Identity Setting
- Configure Mitigation Settings
- About the Threat Intelligence Page
- Configure Threat Intelligence Source
- Edit and Delete Threat Intelligence Source
- About the ServiceNow Configuration Page
- About the Backup & Restore Page
- Create a Backup File and Restore the Configuration
- Download and Delete a Backup File
-
Dashboard Overview
The Junos Space Security Director dashboard provides a unified overview of the system and network status retrieved from SRX Series devices. You can drag widgets from the carousel at the top of the page to your workspace, where you can configure them to meet your needs. When you install Security Director with Junos Space Log Director, the new Log Director dashboard is displayed.
To display the dashboard, select Security Director > Dashboard. The carousel displays all the widget thumbnails by default. You can customize your dashboard as per your needs. For example, you can configure a widget to display a graph with the top 10 applications with the most sessions in the last hour.
To add a widget to the Dashboard, drag the widgets from the palette or thumbnail container into the workspace. Click the refresh icon to update the dashboard or an individual widget. To change the automatic refresh interval, select an interval from the drop-down list, which ranges from 5 minutes up to 7 days.
You can select a root device, a tenant system device, or a logical system device from the Devices drop-down list in the widgets. By default, the All option is selected. Maximum of top 10 devices based on the number of sessions are displayed in the widget.
You can also select the required devices by selecting the Selective option. The data is displayed based on selected devices. Hover over the top-right corner of the widget to edit, refresh, or remove the widget details.
The following dashboard widgets supports the option to display data based on the selected device:
IP Top Source IPs by Volume
Application Top Application by Volume
IP Top Users/IP by sessions
Firewall Top Denials
Firewall Top Events
Firewall Policy Rules with No Hits
Devices Most Bandwidth by Bytes
Zones Most Bandwidth by Bytes
Applications Most Sessions
IP Top Destinations
IP Top Sources
Devices Most Dropped Packets
Zones Most Dropped Packets
Devices Most Bandwidth by Packets
Zones Most Bandwidth by Packets
Devices Most Sessions
Devices Most Storage
NAT Top Src Translation Hits
NAT Top Dst Translation Hits
In addition, you can use the dashboard to:
Navigate to the Devices page from the devices widgets by clicking the More Details link.
Navigate to the Alarms page from devices most alarms widgets by clicking the More Details link.
Navigate to the Events and Logs page from an event-based widget.
The dashboard page automatically adjusts the placement of the widgets to dynamically fit on the browser window without changing the order of the widgets. You can manually reorder the widgets using the drag and drop option. The widget can be reordered or moved by holding the top header section of the widget.
If you are using Policy Enforcer and ATP Cloud with Security Director, additional widgets are added to the dashboard. See Policy Enforcer Dashboard Widgets for those widget descriptions.
Widget | Description |
|---|---|
Devices Count By Platform | Displays device count grouped by platform. |
Devices Count By OS | Displays device count grouped by Junos OS. |
Device Count By Status | Displays device count grouped by the system status (Up/down). |
Firewall Top Denies | Displays top requests denied by the firewall based on their source IP addresses, sorted by count. |
Firewall Top Events | Displays top firewall events of the network traffic, sorted by count. |
IPS Top Events | Displays top IPS events of the network traffic, sorted by count. |
Applications most sessions | Displays the applications with the most sessions. |
IP Top Destinations | Displays top destination IP addresses of the network traffic, sorted by count. |
IP Top Sources | Displays top source IP addresses of the network traffic, sorted by count. |
Devices Most CPU Usage | Displays devices with maximum CPU utilization, sorted by count. |
Devices Most Memory Usage | Displays devices with maximum memory utilization, sorted by count. |
Devices Most Storage | Displays devices with most storage usage, sorted by count. |
Firewall Policy Rules with No Hits | Displays firewall policies with the most rules not hit, sorted by count. |
Devices Most Bandwidth by Bytes | Displays devices consuming maximum bandwidth in bytes. |
Zones Most Bandwidth by Bytes | Displays zones with maximum throughput rate in bytes, sorted by incoming and outgoing bytes. |
Devices Most Dropped Packets | Displays firewall devices with maximum number of packet drops, sorted by count. |
Zones Most Dropped Packets | Displays firewall zones with maximum number of packet drops, sorted by count. |
Devices Most Bandwidth by Packets | Devices with maximum throughput rate in packets, sorted by incoming and outgoing packets. |
Zones Most Bandwidth by Packets | Displays zones with maximum throughput rate in packets, sorted by incoming and outgoing packets. |
Devices Most Sessions | Displays devices with the most number of sessions, sorted by count. |
Devices Most Alarms | Displays devices with maximum number of alarms, sorted by count. |
Threat Map Virus | Displays world map showing total virus event count across countries. |
Threat Map IPS | Displays world map showing total IPS event count across countries. |
Application Top Application by Volume | Displays top applications based on volume or bandwidth. |
IP Top Source IPs by Volume | Displays top source IP addresses of the network traffic by volume or bandwidth. |
IP Top Spams By Source IPs | Displays top source IP addresses for spams. |
Web Filtering Top Blocked Websites | Displays blocked websites, sorted by count. |
Virus Top Blocked | Displays blocked viruses, sorted by count. |
IP Top Source IPs by Sessions | Displays top source IP addresses of the network traffic by sessions. |
NAT Top Source Translation Hits | Displays the Network Address Translation (NAT) rule names with most hits for source NAT. |
NAT Top Destination Translation Hits | Displays the NAT rule names with most hits for destination NAT. |
Policy Enforcer adds widgets to the dashboard that provide a summary of all gathered information on compromised content and hosts. Drag and drop widgets to add them to your dashboard. Mouse over a widget to refresh, remove, or edit the contents.
In addition, you can use the dashboard to:
Navigate to the File Scanning page from the Top Scanned Files and Top Infected Files widgets by clicking the More Details link.
Navigate to the Hosts page from the Top Compromised Hosts widget by clicking the More Details link.
Navigate to the Command and Control Servers page from the C&C Server Malware Source Location widget.
C&C and GeoIP filtering feeds are only available with the Cloud Feed or Premium license.
Widget | Definition |
|---|---|
Top Malware Identified | A list of the top malware found based on the number of times the malware is detected over a period of time. Use the arrow to filter by different time frames. |
Top Compromised Hosts | A list of the top compromised hosts based on their associated threat level and blocked status. |
Top Infected File Types | A graph of the top infected file types by file extension. Examples: exe, pdf, ini, zip. Use the arrows to filter by threat level and time frame. |
Top Infected File Categories | A graph of the top infected file categories. Examples: executables, archived files, libraries. Use the arrows to filter by threat level and time frame. |
Top Scanned File Types | A graph of the top file types scanned for malware. Examples: exe, pdf, ini, zip. Use the arrows to filter by different time frames. |
Top Scanned File Categories | A graph of the top file categories scanned for malware. Examples: executables, archived files, libraries. Use the arrows to filter by different time frames. |
C&C Server and Malware Source | A color-coded map displaying the location of Command and Control servers or other malware sources. Click a location on the map to view the number of detected sources. |
Table 3 provides the source of information for each widget type on dashboard.
Widget Name | Widget Type | Source |
|---|---|---|
Firewall Top Events | Security | syslog |
Applications Most Sessions | Applications | syslog |
IP Top Destinations | Security | syslog |
IP Top Sources | Security | syslog |
Top Firewall Denials | Security | syslog |
IPS Top Attacks | Security | syslog |
Threatmap Virus | Security | syslog |
Threatmap IPS | Security | syslog |
NAT Top Source Translation Hits | Security | syslog |
NAT Top Destination Translation Hits | Security | syslog |
IP Top Spams By Source IPs | Security | syslog |
Web Filtering Top Blocked Websites | Security | syslog |
Virus Top Blocked | Security | syslog |
Application Top Application by Volume | Application | Application visibility |
Top Source IPs by Volume | Security | Source IP visibility |
Top Source User/IP by Sessions | Security | Source IP visibility |
Devices Most CPU Usage | Device | SRX device polling |
Devices Most Memory Usage | Device | SRX device polling |
Devices Most Sessions | Device | SRX device polling |
Devices Most Bandwidth By Bytes | Device | SRX device polling |
Zones Most Bandwidth By Bytes | Security | SRX device polling |
Devices Most Dropped Packets | Device | SRX device polling |
Zones Most Dropped Packets | Security | SRX device polling |
Devices Most Bandwidth By Packets | Device | SRX device polling |
Zones Most Bandwidth By Packets | Security | SRX device polling |
Devices Most Storage | Device | SRX device polling |
Device Count By Platform | Device | Space Platform/ SD Devices |
Device Count By OS | Device | Space Platform/ SD Devices |
Device Count By Status | Device | Space Platform/ SD Devices |
Device Most Alarms | Device | SRX device polling |
Firewall policy: Rules with no hits | Security | Firewall Rule Hit count |
The following widgets are supported for both tenant systems (TSYS) and logical systems (LSYS):
Devices Most Sessions
Devices Most Bandwidth by Bytes
Zones Most Bandwidth by Bytes
Devices Most Dropped Packets
Zones Most Dropped Packets
Devices Most Bandwidth by Packets
Zones Most Bandwidth by Packets
Devices Most Storage
The following widgets are not supported for both LSYS and TSYS:
Devices Most CPU Usage
Devices Most Memory Usage
Understanding Role-Based Access Control for the Dashboard
Role-based access control (RBAC) has the following impact on the dashboard:
You must have Security Analyst or Security Architect role or have permissions equivalent to that role to access the dashboard.
You must have the required permissions to edit dashboard widgets. The user role under Administration > Users & Roles must have Event Viewer > Edit DashBoard option enabled to edit the settings on dashboard widgets.
You must have Administration > Users & Roles > Event Viewer > View Device Logs option enabled to view or read logs.
