After successfully logging in to the cognitix Threat Defender, you see the Analytics dashboard.
Three dashboards quickly provide an overview of what’s going on in the network. The dashboards cover Network Intelligence, Assets and Policy information.
More than 600 reporting combinations, graphs and matrixes are available.
- From any dashboard, you can drill down deeper into the traffic details.
- When you position the mouse over a chart, it pauses and gives you time to analyze the chart.
- Almost all available charts are clickable and take you one level deeper into the analysis.
- Most of the analysis results are deep links, i.e. you can store a link in your browser or share the link.
- If a protocol can be subdivided into applications (e.g. YouTube SSL, Facebook SSL, etc.), the results are shown in a more detailed view.
Navigate to Analytics > Network to see information related to the behavior of the network. This dashboard displays the total traffic distribution by protocols and applications, destination layer 4 information, source and destination IP addresses and countries, and interfaces.
From here, you can drill down into deeper reporting levels to further analyze the network traffic. For example, you can check which source or destination IP consumes the most bandwidth.
Navigate to Analytics > Assets to see information related to asset and user behavior in the network. This dashboard displays the total traffic distribution by source and destination assets and which assets talk to each other. It also shows the traffic distribution by users, users who generate the most traffic, users who triggered threat intelligence incidents, and the traffic distribution by URLs.
From here, you can drill down into deeper reporting levels to begin a more detailed analysis of asset and user behavior in the network.
Navigate to Analytics > Policy to see information related to the network policy. This dashboard displays which policy rules were hit. The number of times Threat Defender performed the drop and the reject traffic action of a policy on the network traffic as well as the logged severities.
From here, you can begin a deeper analysis of the network traffic.
Analysis Tailored to Your Needs
cognitix Threat Defender provides more than 600 reporting combinations, graphs and matrixes for your analyses. This includes the following available options, among others:
- Minute (1 second resolution)
- Hour (1 minute resolution)
- Day (15 minutes resolution)
- Week (3 hour resolution)
- Month (6 hour resolution)
- Line chart
- Area chart
- Bar chart
- Column chart
- Stacked column chart
- Pie chart
- Bubble chart
- Word cloud
- Donut chart
- Sankey chart
- Chord chart
- Bits Rx/second
- Bits Tx/second
- Packets Rx/second
- Packets Tx/second
- Bits and packets per interface