Views:

Provides specific information about the spyware/grayware instances found in network traffic, such as the managed product that detected the spyware/grayware, the protocol the spyware/grayware used to enter your network, and specific information about the source and destination of the spyware/grayware

Table 1. Network Spyware/Grayware Data View

Data

Description

Received

The date and time Apex Central received the data from the managed product

Generated

The date and time the managed product generated the data

Product Entity/Endpoint

Depending on the related source:

  • The display name of the managed product server in Apex Central

  • The name or IP address of the Security Agent endpoint

Product

The name of the managed product or service

Example: Apex One, ScanMail for Microsoft Exchange

Spyware/Grayware

The name of the security threat

Traffic/Connection

The direction of the transmission

Protocol

The protocol that the threat used to enter the network

Example: HTTP, SMTP, FTP

Endpoint IP

The IP address that the threat accessed

Endpoint

The IP address or name of the endpoint that the threat accessed

Endpoint Port

The IP port number that the threat accessed

Endpoint MAC

The MAC address that the threat accessed

Source IP

The source IP address of the detected threat

Source Host

The IP address or name of the endpoint from which the security threat originated

Source Port

The source IP address port number of the detected threat

Source MAC

The source MAC address of the detected threat

User

The logged on user name at the time of the event

File

The name of the file object that the threat accessed

Result

The result of the action taken by the managed product

Example: successful, further action required

Action

The action taken by the managed product

Example: File cleaned, File quarantined, File deleted

Detections

The total number of detections

Example: Apex One detects 10 spyware/grayware instances of the same spyware/grayware on one computer.

Detections = 10

Cloud Service Vendor

The name of the cloud service vendor