Skip to main content
Skip table of contents

Using Application Discovery Reports (2809)


Scenario

You're tasked with monitoring your organization’s application usage to help identify any unwanted applications using the Threat Defense Application Discovery Report. You will start by marking your organization’s business-relevant applications as “Approved“ and other applications as “Unapproved,” then monitoring your organization’s application usage.

Estimate Completion Time

  • 20-30 Minutes

Prerequisites


Tasks

  • Mark applications as Approved or Unapproved

  • Monitor Application Discovery Summary Report

Task 1: Mark applications as Approved or Unapproved

  • On your lab’s jump desktop, use the Education Infoblox Portal credentials to log in to the Infoblox Portal.

  • Set the following Applications/Application categories as Approved:

    • Google Search

    • Communication Applications: Slack and Teams.

    • Microsoft OneDrive

    • Grammarly

    • Security Applications: Duo, Microsoft Certificates, and Windows Defender

    • Windows Update

  • Set the rest of the Applications as Unapproved

Task 2: Monitor Applications using Application Discovery Reports

  • Use Application Discovery’s tabs to answer the following questions:

    • What are the Top Applications being used in your organization?

    • What are the Top Application Categories being used in your organization?

    • What are the Top Unapproved Applications being used in your organization?

    • Are there any Applications that need to be reviewed?

    • List the Three Device IPs with the highest application usage.


Solutions

Task 1 Solution: Mark applications as Approved or Unapproved

In this task, we will mark detected applications in our environment into either the approved or unapproved groups. This is to allow us to easily identify any unwarranted or potentially malicious applications being used in our organization. We will add business-relevant applications to the approved group, and any other application will be marked as Unapproved.

  1. Log in to your lab’s jump-desktop.

  2. Use your Education Infoblox Portal Credentials to log into the Infoblox Portal.

  3. Navigate to Monitor → Reports → Security → Application Discovery

    • Note that currently, all the applications are listed under the “Needs Review“ category.

      image-20250509-114246.png
  4. Navigate to the Applications tab

    • You can also click on View all Detected Applications to navigate to the same page.

  5. Click the checkbox icon next to each application to set its status to either Approved or Unapproved

    • Set the following Applications/Application categories as Approved:

      • Google Search

      • Communication Applications: Slack and Teams.

      • Microsoft OneDrive

      • Grammarly

      • Security Applications: Duo, Microsoft Certificates, and Windows Defender

      • Windows Update

    • Set the rest of the Applications as Unapproved

      image-20250509-114929.png

Task 2 Solution: Monitor Applications using Application Discovery Reports

In this task, we will use Application Discovery’s various tabs and reports to answer the questions below.

Please note that your report data might not exactly match the screenshots and answers provided

  1. Navigate to the Summary tab

    1. Under the TOP APPLICATIONS USED widget

      1. What are the Top 3 Applications being used in your organization?

        1. Google Search at 229 requests

        2. Amazon Shopping at 64 requests

        3. Netflix at 38 requests

          • Note that you can click each application’s name to get detailed information on which devices accessed said application

            image-20250509-120348.png
    2. Under the TOP APPLICATIONS CATEGORIES widget

      1. What are the Top 3 Application Categories being used in your organization?

        1. Social Networking at 7 Applications

        2. Business Apps at 4 Applications

        3. Cloud Backup and Storage at 3 Applications

          • Note that you can click each application’s name to get detailed information on which devices accessed said application

            image-20250509-120439.png
    3. Under the Top 3 Unapproved Applications widget

      1. What are the Top 3 Unapproved Applications being used in your organization?

        1. Amazon Shopping with 1.5k devices

        2. Netflix with 987 Devices

        3. Twitter with 601 Devices

          • Note that you can click each application’s name to get detailed information on which devices accessed said application

            image-20250509-120525.png
    4. Under the NEEDS REVIEW card

      1. Are there any Applications that need to be reviewed?

        • Yes, we have one application that still needs to be reviewed.

          image-20250509-120607.png
  2. Navigate to the Devices tab

    • List the 3 Device IPs with the highest application usage.

      1. 172.31.15.124

      2. 172.31.1.36

      3. 172.31.7.77

        image-20250509-121147.png

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.