Provides specific information to help you achieve timely protection against known and zero-day attacks, defend against web application vulnerabilities, and identify malicious software accessing the network
|
Data |
Description |
|---|---|
|
Generated |
The date and time the managed product generated the data |
|
Received |
The date and time Apex Central received the data from the managed product |
|
Server |
The display name of the managed product server |
|
Product Entity/Endpoint |
The name or IP address of the endpoint |
|
Affected IP Address |
The IP address of the endpoint affected by the threat |
|
Reason/Rule |
The Intrusion Prevention Rule triggered by the event |
|
Mode |
The network engine detection mode used by the Intrusion Prevention module |
|
Action |
The action taken by the managed product |
|
Application Type |
The Application Type associated with the Intrusion Prevention Rule triggered by the event |
|
Attack Source |
The source of the detected threat |
|
Source IP Address |
The source IP address of the detected threat |
|
Source MAC Address |
The source MAC address of the detected threat |
|
Source Port |
The source port of the detected threat |
|
Destination IP Address |
The IP address that the threat accessed |
|
Destination MAC Address |
The MAC address that the threat accessed |
|
Destination Port |
The port number that the threat accessed |
|
MAC Address (Interested) |
Depending on the direction of network traffic:
|
|
Protocol |
The protocol that the threat used to enter the network |
|
Direction |
The direction of the transmission |
|
Priority |
The importance of the detection according to the ranking system used by the standalone version of Vulnerability Protection |
|
Severity |
The severity level of the event |