Detailed Intrusion Prevention Information

Use the information to achieve timely protection against known and zero-day attacks, defend against web application vulnerabilities, and identify malicious software accessing the network.

Data

Description

Received

Displays the time that Control Manager receives data from the managed product.

Generated

Displays the time that the managed product generates data.

Server

Displays the host name of the managed product server.

Source IP

IP address of the intrusion source

Source MAC

MAC address of the intrusion source

Source Port

Port number of the intrusion source

Destination IP

IP address of the intrusion destination

Destination MAC

MAC address of the intrusion destination

Destination Port

Port number of the intrusion destination

MAC (Interested)

Displays the MAC address of the target endpoint (source or destination). For an intrusion occurring within the network, the Interested MAC is the source MAC address. If the traffic is an external traffic, the Interested IP is the destination MAC address.

Mode

Inline or tap

Action

Displays the type of action managed products take against intrusions.

Example: prevent, detect

Direction

Communication direction

Rank

Intrusion rank

Severity

Intrusion severity

Protocol

Protocol used during intrusion

Application

Vulnerable applications

Reason

Reason for denied packets