Suspicious Threat Protocol Detection Summary

Provides a summary of suspicious threats detections over a specific protocol. Example: name of the protocol, summary information about the source and destination, the total number of suspicious threats on the network

Table 1. Suspicious Threat Protocol Detection Summary Data View

Data

Description

Protocol

Displays the name of the protocol over which the suspicious threat occurs. Example: HTTP, FTP, SMTP

Unique Policies/Rules

Displays the number of unique policies/rules the source computer violates.

Example: A managed product detects 10 policy violation instances of the same policy on 2 computers.

Unique Policies/Rules = 1

Unique Endpoints

Displays the number of unique computers affected by the suspicious threat.

Example: A managed product detects 10 suspicious threat instances of the same type on 2 computers.

Unique Endpoints = 2

Unique Sources

Displays the number of unique sources where suspicious threats originate.

Example: A managed product detects 10 suspicious threat instances of the same type originating from 3 computers.

Unique Sources = 3

Unique Recipients

Displays the number of unique email message recipients receiving content that violate managed product suspicious threat policies.

Example: A managed product detects 10 suspicious threat violation instances of the same policy on 2 computers.

Unique Recipients = 2

Unique Senders

Displays the number of unique email message senders sending content that violates managed product suspicious threat policies.

Example: A managed product detects 10 suspicious threat violation instances of the same policy coming from 3 computers.

Unique Senders = 3

Detections

Displays the total number of policy/rule violations managed products detect.

Example: A managed product detects 10 violation instances of the same type on one computer.

Detections = 10