Provides specific information to help you achieve
timely protection against known and zero-day attacks, defend against web
application vulnerabilities, and identify malicious software accessing the
network
|
Data
|
Description
|
|
Generated
|
The date and time the managed product generated the
data
|
|
Received
|
The date and time Apex Central received
the data from the managed product
|
|
Server
|
The display name of the managed product server
|
|
Product Entity/Endpoint
|
The name or IP address of the
endpoint
|
|
Affected IP Address
|
The IP address of the endpoint affected by the threat
|
|
Reason/Rule
|
The Intrusion Prevention Rule triggered by the event
|
|
Mode
|
The network engine detection mode used by the Intrusion Prevention
module
|
|
Action
|
The action taken by the managed product
|
|
Application Type
|
The Application Type associated with the
Intrusion Prevention Rule triggered by the event
|
|
Attack Source
|
The source of the detected threat
|
|
Source IP Address
|
The source IP address of the detected threat
|
|
Source MAC Address
|
The source MAC address of the detected threat
|
|
Source Port
|
The source port of the detected threat
|
|
Destination IP Address
|
The IP address that the threat accessed
|
|
Destination MAC Address
|
The MAC address that the threat accessed
|
|
Destination Port
|
The port number that the threat accessed
|
|
MAC Address (Interested)
|
Depending on the direction of network traffic:
|
|
Protocol
|
The protocol that the threat used to enter the
network
|
|
Direction
|
The direction of the transmission
|
|
Priority
|
The importance of the detection according to the ranking system used by
the standalone version of Vulnerability Protection
|
|
Severity
|
The severity level of the event
|