The BID/CVE information for IPS violations can provide valuable information about threats that IPS detects. This can provide insight into what action to take to protect your network.
Cloud Edge provides the BID/CVE information for violations that IPS detects in the following locations:
Internet Security logs: Intrusion Prevention Services log message type
The Details column in the raw log view displays the BID/CVE number for the selected IPS violation (you must select the Details column, it is not selected by default).
Top IPS Detection and IPS Detection by Date Internet Security reports and the Summary report
If a BID/CVE is associated with an IPS detection, the number is included in the IPS detection entry.
Intrusion Prevention Services notification
If a BID/CVE is associated with an IPS detection, the number is included in the notification under the Attack ID field.
To see details about an IPS violation, you can look at the IPS rule for that BID/CVE. You can view details about the IPS rule within the IPS screen in the gateway profiles page. Using the attack ID or rule name, search for the IPS rule in the advanced section of the screen.