Provides specific information about the spyware/grayware instances found in network
traffic, such as the managed product that detected the spyware/grayware, the
protocol the spyware/grayware used to enter your network, and specific information
about the source and destination of the spyware/grayware
Network Spyware/Grayware Data View
|
Data
|
Description
|
|
Received
|
The date and time Trend Micro Apex Central received
the data from the managed product
|
|
Generated
|
The date and time the managed product generated the
data
|
|
Product Entity/Endpoint
|
Depending on the related source:
|
|
Product
|
The name of the managed product or service
Example: Apex One, ScanMail for Microsoft Exchange
|
|
Spyware/Grayware
|
The name of the security threat
|
|
Traffic/Connection
|
The direction of the transmission
|
|
Protocol
|
The protocol that the threat used to enter the
network
Example: HTTP, SMTP, FTP
|
|
Endpoint IP
|
The IP address that the threat accessed
|
|
Endpoint
|
The IP address or name of the endpoint that the
threat accessed
|
|
Endpoint Port
|
The IP port number that the threat accessed
|
|
Endpoint MAC
|
The MAC address that the threat accessed
|
|
Source IP
|
The source IP address of the detected threat
|
|
Source Host
|
The IP address or name of the endpoint from which
the security threat originated
|
|
Source Port
|
The source IP address port number of the detected
threat
|
|
Source MAC
|
The source MAC address of the detected threat
|
|
User
|
The logged on user name at the time of the event
|
|
File
|
The name of the file object that the threat
accessed
|
|
Result
|
The result of the action taken by the managed
product
Example: successful, further
action required
|
|
Action
|
The action taken by the managed product
Example: File cleaned, File
quarantined, File deleted
|
|
Detections
|
The total number of detections
Example: Apex One detects 10 spyware/grayware instances
of the same spyware/grayware on one computer.
Detections = 10
|
|
Cloud Service Vendor
|
The name of the cloud service vendor
|