: A First Glance at the ACC
Focus
Focus

A First Glance at the ACC

Table of Contents
End-of-Life (EoL)

A First Glance at the ACC

The following table shows the ACC tab and describes each component.
A First Glance at the ACC
1
Tabs
The ACC includes predefined tabs that provide visibility into network traffic, threat activity, blocked activity, tunnel activity, GlobalProtect activity, and mobile network activity (if GTP security is enabled). For information on each tab, see ACC Tabs.
2
Widgets
Each tab includes a default set of widgets that best represent the events and trends associated with the tab. The widgets allow you to survey the data using the following filters: bytes (in and out), sessions, content (files and data), URL categories, applications, users, threats (malicious, benign, grayware, phishing), and count. For information on each widget, see ACC Widgets.
3
Time
The charts and graphs in each widget provide a real-time and historic view. You can choose a custom range or use the predefined time periods that range from the last 15 minutes up to the last 30 days or last 30 calendar days.
The time period used to render data, by default, is the last hour. The date and time interval are displayed on screen. For example:
11/11 10:30:00-01/12 11:29:59
4
Global Filters
The global filters allow you to set the filter across all tabs. The charts and graphs apply the selected filters before rendering the data. For information on using the filters, see ACC Actions.
5
Application View
The application view allows you filter the ACC view by either the sanctioned and unsanctioned applications in use on your network, or by the risk level of the applications in use on your network. Green indicates sanctioned applications, blue unsanctioned applications, and yellow indicates applications that have different sanctioned state across different virtual systems or device groups.
6
Risk Meter
The risk meter (1=lowest to 5=highest) indicates the relative security risk on your network. The risk meter uses a variety of factors such as the type of applications seen on the network and the risk levels associated with the applications, the threat activity and malware as seen through the number of blocked threats, and compromised hosts or traffic to malware hosts and domains.
7
Source
The data used for the display varies between the firewall and Panorama™. You have the following options to select what data is used to generate the views on the ACC:
Virtual System: On a firewall that is enabled for multiple virtual systems, you can use the Virtual System drop-down to change the ACC display to include all virtual systems or just a selected virtual system.
Device Group: On Panorama, you can use the Device Group drop-down to change the ACC display to include data from all device groups or just a selected device group.
Data Source: On Panorama, you can also change the display to use Panorama or Remote Device Data (managed firewall data). When the data source is Panorama, you can filter the display for a specific device group.
8
Export
You can export the widgets displayed in the current tab as a PDF.