Alto MONITOR Bedienungsanleitung PDF herunterladen (Seite 13)

Panorama Administrator’s Guide 157

Monitor Network Activity Use Case: Monitor Applications Using Panorama

Use the same process to investigate the top source IP addresses of the hosts that initiated the unknown traffic

along with the IP address of the destination host to which the session was established. For unknown traffic, the

traffic logs, by default, perform a packet capture (pcap) when an unknown application is detected. The green

arrow in the left column represents the packet capture snippet of the application data. Clicking on the green

arrow displays the pcap in the browser.

Having the IP addresses of the servers (destination IP in the logs), the destination port, and the packet captures,

you will be better positioned to identify the application and make a decision on how you would like to take action

on your network. For example, you can create a custom application that identifies this traffic instead of labeling

it as unknown TCP or UDP traffic. Refer to the article Identifying Unknown Applications for more information

on identifying unknown application and Custom Application Signatures for information on developing custom

signatures to discern the application.

1 2 ... 8 9 10 11 12 13 14 15 16 17 18

Keine Kommentare

Alto MONITOR Bedienungsanleitung Seite 13