Application Metadata Intelligence
Application Metadata Intelligence generates more than 5000 attributes for more than 3200 applications without impacting the users, devices, applications, or the network appliances. The feature identifies applications even when the traffic is encrypted.
Application Metadata Intelligence (AMI) is enabled to multi-collect protocols with more than one metadata attribute of the same type. The multi-collect feature supports additional protocols such as DNS, GTP,GTPV2, DHCP, HTTP, HTTPS, SSL, HTTP_PROXY, HTTP2, KERBEROS5, and DHCP6.
The generated metadata is exported in IPFIX (IP Flow Information Export) format and CEF (Common Even Format) to security analytics and forensics tools thereby providing greater visibility to enforce corporate compliance.
The output from the Application Metadata Intelligence in CEF format can also be converted to JSON format using Observability Gateway Application (AMX) application. To learn more about OGW application refer to Application Metadata Exporter.
Application Metadata Intelligence generates metadata only if the application is allowed to be passed in Application Filtering Intelligence. For example, Application Metadata Intelligence has the capability to generate metadata for HTTP traffic only if Application Filtering Intelligence filters in the HTTP traffic.
You can create an Application Metadata Intelligence session by following either of the two ways:
Create Metadata Intelligence by Selecting Applications from Dashboard |
Create Application Metadata Intelligence Session for Virtual Environment |