# Network Overview

## Preview <a href="#preview" id="preview"></a>

![](/files/BXEnZmXcxQBHvXBfrOce)

## Overview <a href="#overview" id="overview"></a>

**Purpose**: The Network Overview dashboard offers a summary of network activity, providing insights into protocols, source regions, Autonomous Systems (ASNs), alert trends, and traffic characteristics. It assists network administrators in monitoring overall network health, identifying high-risk traffic sources, and spotting potential issues.

**Components**: The dashboard includes the following visualizations:

* **Top Protocols**
* **Top EU Sources**
* **Top APAC Sources**
* **Source AS (ASN)**
* **Alert Severity**
* **Source IP Cardinality**
* **Bits**
* **Protocols from High-Risk Countries**
* **Tags**
* **Port Cardinality**

## Getting Here <a href="#getting-here" id="getting-here"></a>

1. From the main menu, go to **Dashboards > All**.
2. Select the **System** tab from the top navigation.
3. Click on **Network Overview**.

## Main Points <a href="#main-points" id="main-points"></a>

**Usage Scenarios**: This dashboard is designed for network administrators who need a comprehensive view of network usage, high-risk traffic, and alert trends. It helps in identifying frequently used protocols, sources of traffic, and any potential anomalies in the network.

**Best Practices**: Regularly review top protocols, source countries, and ASNs to detect unusual activity. Use the alert severity and cardinality metrics to detect traffic spikes or anomalies.

## Charts <a href="#charts" id="charts"></a>

### Top Protocols <a href="#top-protocols" id="top-protocols"></a>

**Description**: A pie chart showing the distribution of network traffic across the top 5 protocols.

**Key Elements**:

* **Segments**: Each segment represents a protocol (e.g., TCP, UDP, ICMP), with size indicating traffic volume.

**Usage**: Useful for identifying the most commonly used protocols within network traffic, which can provide insight into network behavior.

### Top EU Sources <a href="#top-eu-sources" id="top-eu-sources"></a>

**Description**: A pie chart displaying the traffic sources from European Union (EU) countries.

**Key Elements**:

* **Segments**: Each segment represents an EU country, with size reflecting the traffic volume originating from that source.

**Usage**: Helps in understanding the geographic distribution of traffic from the EU, useful for monitoring regional traffic sources.

### Top APAC Sources <a href="#top-apac-sources" id="top-apac-sources"></a>

**Description**: A pie chart showing traffic sources from the Asia-Pacific (APAC) region.

**Key Elements**:

* **Segments**: Each segment represents an APAC country, with size indicating the traffic volume.

**Usage**: Allows administrators to monitor traffic originating from APAC countries, aiding in regional network analysis.

### Source AS (ASN) <a href="#source-as-asn" id="source-as-asn"></a>

**Description**: A pie chart displaying the top Autonomous Systems (ASNs) contributing to network traffic.

**Key Elements**:

* **Segments**: Each segment represents an ASN, with size indicating traffic volume.
* **ASN Labels**: Shows the top ASNs by traffic volume.

**Usage**: Useful for identifying which ASNs are generating or receiving the most traffic, aiding in monitoring external network sources.

### Alert Severity <a href="#alert-severity" id="alert-severity"></a>

**Description**: A line chart displaying alert severity over time.

**Key Elements**:

* **X-axis**: Time.
* **Y-axis**: Alert severity level.

**Usage**: Monitor this chart to identify periods of increased alert activity and prioritize responses to high-severity alerts.

### Source IP Cardinality <a href="#source-ip-cardinality" id="source-ip-cardinality"></a>

**Description**: A line chart showing the cardinality of source IPs over time.

**Key Elements**:

* **X-axis**: Time.
* **Y-axis**: Count of unique source IPs.

**Usage**: Helps track the number of unique source IPs, which can indicate network diversity or detect unusual increases in IP variety.

### Bits <a href="#bits" id="bits"></a>

**Description**: A line chart tracking the network bitrate (in bits per second) over time.

**Key Elements**:

* **X-axis**: Time.
* **Y-axis**: Bitrate in Gbps.

**Usage**: Use this chart to observe fluctuations in traffic volume, which may indicate changes in network load or potential issues.

### Protocols from High-Risk Countries <a href="#protocols-from-high-risk-countries" id="protocols-from-high-risk-countries"></a>

**Description**: A line chart tracking the flow rate of protocols originating from high-risk countries.

**Key Elements**:

* **X-axis**: Time.
* **Y-axis**: Flow rate in flows per second.

**Usage**: This chart helps in monitoring traffic from high-risk countries, aiding in proactive threat assessment.

### Tags <a href="#tags" id="tags"></a>

**Description**: A line chart showing the flow rate of tagged traffic over time.

**Key Elements**:

* **X-axis**: Time.
* **Y-axis**: Flow rate in flows per second.

**Usage**: Useful for tracking traffic categorized with specific tags, which can help in identifying particular types of network activity.

### Port Cardinality <a href="#port-cardinality" id="port-cardinality"></a>

**Description**: A line chart displaying the cardinality of destination ports over time.

**Key Elements**:

* **X-axis**: Time.
* **Y-axis**: Count of unique destination ports.

**Usage**: Helps in tracking the variety of ports in use, which may indicate potential security concerns if unexpected ports show activity.

## Interpreting the Data <a href="#interpreting-the-data" id="interpreting-the-data"></a>

**Alert Monitoring**: The **Alert Severity** chart provides an overview of alert trends, allowing administrators to respond promptly to critical alerts.

**High-Risk Traffic**: The **Protocols from High-Risk Countries** chart identifies traffic from potentially dangerous regions, supporting proactive security measures.

**Network Load**: Use the **Bits** and **Source IP Cardinality** charts to monitor network load and IP diversity, helping to detect sudden increases in traffic or unusual patterns.

## Additional Features <a href="#additional-features" id="additional-features"></a>

**Metric Selection**: Users can select specific metrics, such as bitrate, to customize the view for their analysis needs.

**Time Range**: Adjustable time ranges allow for focused monitoring of traffic patterns over specific periods.

**Interactive Elements**: The SYNC HOVER feature enables synchronized exploration across charts, providing a cohesive view of related metrics and patterns.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.fusion.vectra.ai/dashboards/system/network-overview.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.