Retrieving Information from NSM SaaS by Analyzing Application Activities

SonicWall AI for Monitoring & Insight (SAMI) provides insights into the most actively used applications, those targeted by recent security threats, and current data transfer activities that could potentially affect network performance.

Here are a few examples of application information that you can retrieve using SAMI from Network Security Manager (NSM) SaaS.

The following table describes a few application related activity queries that you can use to retrieve information using SAMI.

Query	Response
Top five applications with the most connections or sessions over the last seven days across the entire tenant	The top five applications that are most actively used are listed.
Top five applications by connections blocked by threats in the last 24 hours for a specified firewall	The top five applications with recent security threats that have been automatically mitigated are listed.
The top five applications by data transferred in the last hour from a specific group of firewalls deployed in the data center.	The list includes the top five applications that had an unusually high data transfer activity, which could impact network performance.

Each of these requests returns a list and count, giving you clear and actionable insights into network application activity through your firewall, based on the specified criteria. This empowers to make data-driven decisions to improve network security, performance, and management.

You can ask SAMI how to block an application if you notice any malicious web or application traffic.