Provides specific information about firewall violations on your network, such as the managed product that detected the violation, the source and destination of the transmission, and the total number of firewall violations
|
Data |
Description |
|---|---|
|
Received |
The date and time Apex Central received the data from the managed product |
|
Generated |
The date and time the managed product generated the data |
|
Product Entity/Endpoint |
Depending on the related source:
|
|
Product |
The name of the managed product or service Example: Apex One, ScanMail for Microsoft Exchange |
Event Type |
The type of event that triggered the detection Example: intrusion, policy violation |
Risk Level |
The Trend Micro assessment of risk to your network Example: High security, low security, medium security |
Traffic/Connection |
The direction of the transmission |
Protocol |
The protocol the intrusion uses Example: HTTP, SMTP, FTP |
Source IP |
The source IP address of the detected threat |
Endpoint Port |
The port number of the endpoint under attack |
Endpoint IP |
The IP address of the endpoint |
Target Application |
The application the intrusion targeted |
Description |
The detailed description of the incident by Trend Micro |
Action |
The action taken by the managed product Example: file cleaned, file quarantined, file passed |
|
Detections |
The total number of detections Example: A managed product detects 10 violation instances of the same type on one computer Detections = 10 |