Cisco Cisco Firepower Management Center 4000

Hover your pointer over any part of the graph to view more detailed information. Click any part of the 
graph to filter or drill down on that information

To constrain the graph so it displays only traffic by egress security zone, hover your pointer over the 
graph, then click 

 on the toggle button that appears. Click 

 to return to the default view. Note 

that navigating away from the Context Explorer also returns the graph to the default Ingress view.

If you filter on intrusion event information, the Traffic by Ingress/Egress Security Zone graph is hidden. 

This graph draws data primarily from the Connection Events table.

FireSIGHT

The Application Information section of the Context Explorer contains three interactive graphs and one 
table-format list that display an overall picture of application activity on your monitored network: traffic, 
intrusion events, and hosts associated with applications, further organized by the estimated risk or 
business relevance assigned to each application. The Application Details list provides an interactive list 
of each application and its risk, business relevance, category, and host count.

For all instances of “application” in this section, the Application Information graph set, by default, 
specifically examines application protocols (such as DNS or SSH). You can also configure the 
Application Information section to specifically examine client applications (such as PuTTY or Firefox) 
or web applications (such as Facebook or Pandora).

For more information on the graphs and list in the Application Information section, see the following 
topics: