Application Usage and Risk report, June 2012, Global Findings
•Download as PPTX, PDF•
0 likes•1,703 views
Interactively browse the key findings at www.paloaltonetworks.com/aur. The June 2012 Application Usage and Risk report answers the question asked by network and security administrators alike: where's my bandwidth. Hint: Your users like to watch video - and just wait until the Olympics are streaming across YouTube - and your network. Interactively browse the key findings at www.paloaltonetworks.com/aur.
Recommended
Recommended
More Related Content
More from Palo Alto Networks
More from Palo Alto Networks (12)
Recently uploaded
Recently uploaded (20)
Application Usage and Risk report, June 2012, Global Findings
- 1. Where’s My Bandwidth? Global Findings from the June 2012 Application Usage and Risk Report
- 2. Where’s My Bandwidth? Key questions this report answers: • Which application categories consume the most bandwidth? • Exactly how much bandwidth does streaming video consume? • Which type of filesharing is most heavily used? • Is social networking truly a bandwidth hog?
- 3. Top 5 Categories = 76% of the Bandwidth Peel away the corporate usage. Roughly a quarter of your bandwidth $$$ is video and filesharing…
- 4. Users Like to Watch Video 13% of total bandwidth is video/photo traffic. 107 variants found; an average of 34 in 97% of the organizations. A fraction of it is corporate use.
- 5. P2P Never Dies It continues to be used despite control efforts. 7 variants found in 78% of the organizations.
- 6. The Filesharing Traffic Port-based Firewalls Miss Nearly 15% of filesharing is invisible to firewalls. Application control means all apps, all ports, all the time.
- 7. Browser-Based Filesharing Use Cases Solidify… Work vs. entertainment? Megaupload traffic went to Putlocker, Rapidshare, others. P2P crushes BBFS in total BW consumed.
- 8. Pinterest and Tumblr - New Ways to Express Yourself Tumblr is the antithesis of Facebook; unfiltered, fully customizable. Pinterest is a new way to share your hobbies and interests.
- 9. Which Ports do Applications Really Use? The common perception is that Port 80 (tcp/80) is where all the traffic and all the problems are. Port 80 security is a requirement; but too much focus is shortsighted.
- 10. Where’s My Bandwidth? Interactively view where your bandwidth is going: www.paloaltonetworks.com/aur
- 12. Palo Alto Networks Application Usage and Risk Report www.paloaltonetworks.com/aur
Editor's Notes
- 107 video/photo apps, 140 filesharing apps, 30% of the bandwidth. How do the business apps survive?
- Globally, users watch a significant amount of video. Youtube and PP Stream, a p2p based streaming video application are leading consumers. In total, 107 application variants were found globally. On average, 34 in every networkViewed from a cost of BW perspective, $0.13 of the bandwidth $$$ is spent on video.
- P2P filesharing, specifically bittorrent is off the charts. Jumping 4x to 13.4% of total bandwidth – despite ongoing efforts to control it. Viewed from a cost of BW perspective, $0.13 of the bandwidth $$$ is spent on bittorrent and other P2P filesharing apps.
- All applications within the Palo Alto Networks database include underlying technology (browser-based, peer-to-peer, etc) as well as which ports the applications use. The 140 filesharing and file transfer applications were broken down into four port groupings defined as: Applications that use tcp/80 only. As expected, the bulk of these applications are browser-based. Putlocker, Depositfiles and Docstoc are three examples of the applications found in this group. Applications that use tcp/443 ortcp/443 & 80. Applications within this group use tcp/443or tcp/443,80. RapidShare, 4Shared and YouSendIt! are three of the browser-based filesharing application examples while Sugarsync and Microsoft LiveMesh represent two of the client-server based examples. Applications that do not use tcp/80 at all. All of these applications are either client-server (FTP, TFTP) or peer-to-peer. The peer-to-peer applications in this group are using a range of ports and include Ares, DirectConnect and Kazaa. Applications that are dynamic (hop ports), or use a range of high numbered ports. As expected, this group of applications is primarily peer-to-peer and includes BitTorrent, eMule and Xunlei. The browser-based examples within this group include Fileserve, Filesonic, and Mediafire. As a user accessibility and firewall evasion feature, port hopping (aka, dynamic) has historically been used in either client-server or peer-to-peer applications. The use of port hopping in browser-based applications indicates how significantly applications have evolved.
- Usage patterns indicate a clear delineation between work and entertainment . 71 variants in this group – only 1% of total BW consumed. Compared to P2P at 13.4%. Control efforts should be directed at both P2P and browser-based filesharing
- Social networking applications are used universally. New variants (Pinterest and Tumblr) jump –tumblr a new comer, is rapidly growing in popularity. Its growth may be due to the differences between it and facebook. Tumblr: freeform, unstructured, unfiltered, customizable. Facebook: structured, filtered, minimal customization.Pinterest – a new variant added in march 2012 - found in only 15% of the orgs yet consumed 1% of SN BW G+ = jumped in frequecny from 25% to 86% and a 10X increase in BW Shows that the social networking space continues to define itself.
- Applications that use tcp/80 only. As expected, the bulk of the applications in this group are browser-based. Applications that use tcp/443 and/or tcp/80. Applications within this group use both tcp/443 exclusively or tcp/443 and tcp/80. Applications that do not use tcp/80 at all. All of these applications are either client-server (FTP, TFTP) or peer-to-peer. Applications that are dynamic (hop ports), or use a range of high numbered ports. As expected, this group of applications is primarily peer-to-peer with some browser-based and client server examples as well. Bottom line: Application visibility and control needs to be on all ports, across all apps, all the time.