Provides a summary of suspicious threat detections over a specific protocol. Example: name of the protocol, summary information about the source and destination, the total number of suspicious threats on the network
Data |
Description |
|---|---|
Protocol |
Displays the name of the protocol over which the suspicious threat occurs. Example: HTTP, FTP, SMTP |
Unique Policies/Rules |
Displays the number of unique policies/rules the source computer violates. Example: A managed product detects 10 policy violation instances of the same policy on 2 computers. Unique Policies/Rules = 1 |
Unique Endpoints |
Displays the number of unique computers affected by the suspicious threat. Example: A managed product detects 10 suspicious threat instances of the same type on 2 computers. Unique Endpoints = 2 |
Unique Sources |
Displays the number of unique sources where suspicious threats originate. Example: A managed product detects 10 suspicious threat instances of the same type originating from 3 computers. Unique Sources = 3 |
Unique Recipients |
Displays the number of unique email message recipients receiving content that violates managed product suspicious threat policies. Example: A managed product detects 10 suspicious threat violation instances of the same policy on 2 computers. Unique Recipients = 2 |
Unique Senders |
Displays the number of unique email message senders sending content that violates managed product suspicious threat policies. Example: A managed product detects 10 suspicious threat violation instances of the same policy coming from 3 computers. Unique Senders = 3 |
Detections |
Displays the total number of policy/rule violations managed products detect. Example: A managed product detects 10 violation instances of the same type on one computer. Detections = 10 |