System Dashboards
About System Dashboards
System Dashboards provides a comprehensive suite of tools and visualizations designed to help administrators monitor, analyze, and secure network infrastructure. Through a variety of specialized dashboards, users gain insights into network traffic patterns, detect potential security threats, and manage resources across different environments. Each dashboard focuses on a specific aspect of network monitoring, making it easier to address different needs and streamline the analysis process.
Getting Here
- From the main menu, navigate to Dashboards > All.
- From the horizontal navigation at the top of the page, click the System tab.
All Netography-created system dashboards display.
Custom dashboards can be edited, system dashboards cannot be edited.
Overview
System Dashboards include several targeted dashboards, each with a specific purpose and set of features to support network and security management:
1. Traffic Overview
- Purpose: Provides insights into network traffic patterns, including bitrate, packet rate, protocol usage, and TCP flags.
- Use Case: Ideal for monitoring overall network load, identifying high-traffic sources, and analyzing traffic composition to detect unusual patterns.
- Key Features: Real-time flow monitoring, protocol and port breakdown, TCP flag distribution.
2. Security Overview
- Purpose: Displays security events, top threat-related activities, and internal and external traffic flows.
- Use Case: Designed for security teams to monitor high-priority events, assess potential threats, and analyze traffic patterns for security risks.
- Key Features: Top events, cloud environment services, threat-related destinations, internal and external traffic flows.
3. Response Integration Blocks
- Purpose: Tracks block rates and block history for security policies and automated responses.
- Use Case: Enables administrators to monitor and manage network blocks and detect ongoing threats.
- Key Features: Current blockrate, total blocks, destination protocols, block history log.
4. DNS Overview
- Purpose: Provides a detailed view of DNS activity, including query patterns, error codes, and domain usage.
- Use Case: Useful for monitoring DNS traffic, identifying high-risk domains, and troubleshooting DNS-related issues.
- Key Features: DNS queries per second, query rate by VPC, top external domains, response codes.
5. Audit Log Activity
- Purpose: Offers insights into user activities and authentication events to support security and compliance.
- Use Case: Designed for auditing user actions, detecting unusual behavior, and ensuring secure access to network resources.
- Key Features: Top users, action classes, recent events, login history.
6. Bandwidth Management
- Purpose: Monitors network bandwidth usage across different interfaces and Autonomous Systems (ASNs).
- Use Case: Helps in identifying high-traffic interfaces, external sources, and potential bottlenecks in real-time.
- Key Features: Traffic by interface, bandwidth usage, top ASNs, traffic trends.
7. Peering Analytics
- Purpose: Visualizes traffic flows between Autonomous Systems (ASNs), IP addresses, and ports.
- Use Case: Useful for understanding traffic distribution, assessing inter-ASN traffic, and optimizing network peering.
- Key Features: ASN traffic flows, port and application distribution, cloud-to-cloud connections.
Getting Started with System Dashboards
Each dashboard within the System Dashboard suite is designed to provide quick access to specific data points and insights. You can navigate between dashboards to gain an integrated view of your network and security posture. Here are some tips for using these dashboards effectively:
- Time Range Adjustments: Use the time range selection to focus on specific periods, whether you're reviewing recent data or analyzing historical trends.
- Metric Selection: Each dashboard allows you to choose specific metrics (e.g., bitrate, packet count) to tailor the view to your analysis needs.
- SYNC HOVER: Enable the SYNC HOVER feature to synchronize data points across charts, making it easier to correlate related metrics and analyze traffic flows in real-time.
Suggested Workflow
- Traffic Monitoring: Start with the Traffic Overview dashboard to get a high-level view of overall network traffic and identify any immediate spikes or anomalies.
- Security Assessment: Move to the Security Overview and Response Integration Blocks dashboards to review active threats, blocked traffic, and prioritize responses based on severity.
- DNS and Audit Analysis: Use the DNS Overview and Audit Log Activity dashboards to investigate DNS patterns and user activity, ensuring compliance and spotting any unusual behavior.
- Bandwidth Optimization: Check the Bandwidth Management dashboard to ensure efficient bandwidth allocation and manage traffic distribution.
- Peering and External Traffic: Review Peering Analytics to understand traffic flows across ASNs and between internal and external resources.
Conclusion
System Dashboards are an essential toolset for network and security management, offering targeted insights through dedicated dashboards. By exploring each dashboard and using the features tailored to specific data types, you can proactively manage network performance, secure your infrastructure, and respond quickly to potential threats. Start with the Traffic Overview to monitor overall activity, then dive into specific dashboards based on your network and security priorities.
Updated 17 days ago