Use the information to achieve timely protection against known and zero-day attacks, defend against web application vulnerabilities, and identify malicious software accessing the network.
|
Data |
Description |
|---|---|
|
Received |
The date and time Apex Central received the data from the managed product |
|
Generated |
Displays the time that the managed product generates data. |
|
Server |
Displays the host name of the managed product server. |
|
Source IP |
IP address of the intrusion source |
|
Source MAC |
MAC address of the intrusion source |
|
Source Port |
Port number of the intrusion source |
|
Destination IP |
IP address of the intrusion destination |
|
Destination MAC |
MAC address of the intrusion destination |
|
Destination Port |
Port number of the intrusion destination |
|
MAC (Interested) |
Displays the MAC address of the target endpoint (source or destination). For an intrusion occurring within the network, the Interested MAC is the source MAC address. If the traffic is an external traffic, the Interested IP is the destination MAC address. |
|
Mode |
Inline or tap |
|
Action |
Displays the type of action managed products take against intrusions. Example: prevent, detect |
|
Direction |
Communication direction |
|
Rank |
Intrusion rank |
|
Severity |
Intrusion severity |
|
Protocol |
Protocol used during intrusion |
|
Application |
Vulnerable applications |
|
Reason |
Reason for denied packets |