Application Usage and Risk report, June 2012, Global Findings

640 views

Published on

Interactively browse the key findings at www.paloaltonetworks.com/aur.

The June 2012 Application Usage and Risk report answers the question asked by network and security administrators alike: where's my bandwidth. Hint: Your users like to watch video - and just wait until the Olympics are streaming across YouTube - and your network.

Interactively browse the key findings at www.paloaltonetworks.com/aur.

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
640
On SlideShare
0
From Embeds
0
Number of Embeds
11
Actions
Shares
0
Downloads
10
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • 107 video/photo apps, 140 filesharing apps, 30% of the bandwidth. How do the business apps survive?
  • Globally, users watch a significant amount of video. Youtube and PP Stream, a p2p based streaming video application are leading consumers. In total, 107 application variants were found globally. On average, 34 in every networkViewed from a cost of BW perspective, $0.13 of the bandwidth $$$ is spent on video.
  • P2P filesharing, specifically bittorrent is off the charts. Jumping 4x to 13.4% of total bandwidth – despite ongoing efforts to control it. Viewed from a cost of BW perspective, $0.13 of the bandwidth $$$ is spent on bittorrent and other P2P filesharing apps.
  • All applications within the Palo Alto Networks database include underlying technology (browser-based, peer-to-peer, etc) as well as which ports the applications use. The 140 filesharing and file transfer applications were broken down into four port groupings defined as: Applications that use tcp/80 only. As expected, the bulk of these applications are browser-based. Putlocker, Depositfiles and Docstoc are three examples of the applications found in this group. Applications that use tcp/443 ortcp/443 & 80. Applications within this group use tcp/443or tcp/443,80. RapidShare, 4Shared and YouSendIt! are three of the browser-based filesharing application examples while Sugarsync and Microsoft LiveMesh represent two of the client-server based examples. Applications that do not use tcp/80 at all. All of these applications are either client-server (FTP, TFTP) or peer-to-peer. The peer-to-peer applications in this group are using a range of ports and include Ares, DirectConnect and Kazaa. Applications that are dynamic (hop ports), or use a range of high numbered ports. As expected, this group of applications is primarily peer-to-peer and includes BitTorrent, eMule and Xunlei. The browser-based examples within this group include Fileserve, Filesonic, and Mediafire. As a user accessibility and firewall evasion feature, port hopping (aka, dynamic) has historically been used in either client-server or peer-to-peer applications. The use of port hopping in browser-based applications indicates how significantly applications have evolved.
  • Usage patterns indicate a clear delineation between work and entertainment . 71 variants in this group – only 1% of total BW consumed. Compared to P2P at 13.4%. Control efforts should be directed at both P2P and browser-based filesharing
  • Social networking applications are used universally. New variants (Pinterest and Tumblr) jump –tumblr a new comer, is rapidly growing in popularity. Its growth may be due to the differences between it and facebook. Tumblr: freeform, unstructured, unfiltered, customizable. Facebook: structured, filtered, minimal customization.Pinterest – a new variant added in march 2012 - found in only 15% of the orgs yet consumed 1% of SN BW G+ = jumped in frequecny from 25% to 86% and a 10X increase in BW Shows that the social networking space continues to define itself.
  • Applications that use tcp/80 only. As expected, the bulk of the applications in this group are browser-based. Applications that use tcp/443 and/or tcp/80. Applications within this group use both tcp/443 exclusively or tcp/443 and tcp/80. Applications that do not use tcp/80 at all. All of these applications are either client-server (FTP, TFTP) or peer-to-peer. Applications that are dynamic (hop ports), or use a range of high numbered ports. As expected, this group of applications is primarily peer-to-peer with some browser-based and client server examples as well. Bottom line: Application visibility and control needs to be on all ports, across all apps, all the time.
  • Application Usage and Risk report, June 2012, Global Findings

    1. 1. Where’s My Bandwidth?Global Findings from the June 2012Application Usage and Risk Report
    2. 2. Where’s My Bandwidth?Key questions this report answers:• Which application categories consume the most bandwidth?• Exactly how much bandwidth does streaming video consume?• Which type of filesharing is most heavily used?• Is social networking truly a bandwidth hog?
    3. 3. Top 5 Categories = 76% of the BandwidthPeel away the corporate usage. Roughly a quarter of your bandwidth $$$ is video and filesharing…
    4. 4. Users Like to Watch Video 13% of total bandwidth is video/photo traffic. 107 variants found; anaverage of 34 in 97% of the organizations. A fraction of it is corporate use.
    5. 5. P2P Never DiesIt continues to be used despite control efforts. 7 variants found in 78% of the organizations.
    6. 6. The Filesharing Traffic Port-based Firewalls MissNearly 15% of filesharing is invisible to firewalls. Application control means all apps, all ports, all the time.
    7. 7. Browser-Based Filesharing Use Cases Solidify…Work vs. entertainment? Megaupload traffic went to Putlocker, Rapidshare, others. P2P crushes BBFS in total BW consumed.
    8. 8. Pinterest and Tumblr - New Ways to Express YourselfTumblr is the antithesis of Facebook; unfiltered, fully customizable. Pinterest is a new way to share your hobbies and interests.
    9. 9. Which Ports do Applications Really Use?The common perception is that Port 80 (tcp/80) is where all the traffic andall the problems are. Port 80 security is a requirement; but too much focus is shortsighted.
    10. 10. Where’s My Bandwidth?Interactively view where your bandwidth is going: www.paloaltonetworks.com/aur
    11. 11. Palo Alto Networks Application Usage and Risk Report www.paloaltonetworks.com/aur

    ×