Network Security Management Reports and Analytics

Manager View

This section describes the dashboards of both NSM on-premises and SaaS versions.

NSM SaaS HOME Dashboard

In MANAGER VIEW you can access Dashboard and Reporting statistics of all the connected firewalls in your network infrastructure.

Dashboard enables you to visualize status of the security infrastructure, assess the performances, and monitor the issues that need investigation, at a glance. The analytical dashboard NSM provides is an optimal solution to quickly analyze the cyber security risks and recognize how to resolve them.

NSM dashboard provides a comprehensive overview of the status of devices, traffic distribution, and all the threats by the type for the users to prepare and respond to them when required. This also helps the users to improve the control over their cyber security measures.

The system dashboard NSM provides has four tabs: Devices, Summary, Network, and Threat.

The default view is Devices dashboard. It shows the summary of the devices and alerts in your infrastructure.

You can see the dashboard for any of the tenants, groups, or all tenants by clicking the tenant name at the top.

The DEVICE tab shows you a summary of your devices:

  • FIREWALLS: Displays the number of firewalls that you intend to manage through NSM. Click FIREWALLS to list the firewalls in the Inventory page.
  • OFFLINE: Displays the number of firewalls that are offline. Click OFFLINE to list the offline devices in the Inventory page.
  • EXPIRING LICENSES: Displays the number of expiring licenses.
  • GROUPS: Displays number of device groups. Click GROUPS to list the device groups.
  • USERS: Displays the number of users online.

The FIREWALL OVERVIEW section shows how many devices are Online and Managed, Offline, Online and Unmanaged, Unassigned, and with Expired Licenses. A pie chart representation of firewall overview is also displayed. The geographical locations of the firewalls are shown on the map. For more details of the devices in a particular location, hover the mouse over the map location.

The Alert Center is shown at the bottom of the dashboard. You can also view the most recent alerts in the table below the summary. An alert summary is provided and you can click on any of the categories—All, Threats, or General to view the Notification Center and see all the alerts for the selected category.

The Summary tab shows Traffic Distribution, Top Users, Observed Threats, and Top Devices by Sessions in your network infrastructure for the period selected in the slider at the top. It also shows the Insights section giving information about the number of infected hosts and the number of critical attacks. You can drill down further by selecting the Date or Alphabetical order options. You can also filter the data with View Details link.

The Network tab shows data pertaining to transactions in your network infrastructure. This include the details of top applications, addresses, users, and the top web categories from which connections are initiated. Each space enables you to filter the data with available options. You can also drill down further by clicking on the View Details link.

The Threat tab shows the details of threats by type including the top viruses, intrusions, spyware, and botnet. You can drill down further by clicking on the View Details link.

MONITOR Features

When you click MONITOR in MANAGER VIEW, it takes you to reporting features.

The MONITOR feature creates Summary and Details reports based on the following:

  • Applications
  • Users
  • Viruses
  • Intrusions
  • Spyware
  • Web Categories
  • Addresses
  • Locations

Use the slider at the top to get report for a specific time period. You are options are from 15 minutes to 7 days. Hover over the chart to get detail for any specific point of time.

To export report data

  1. Click Export option on top of the chart.
  2. Select one of the options: Generate Flow Report PDF (Disabled in MANAGER VIEW), Download Capture Threat Assessment, and Export Grid Data as CSV.

You can further drill down on this Chart & Grid report based on Connections, Threats Blocked, Total Data Transferred, Total Blocked, Virus, Intrusions, Spyware, Botnet Blocked, ACR Blocked, Geo-IP Blocked, Data Sent, Data Received. These options change based on the type of report selected.

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.