Views:
Learn about the views and widgets available on the Network Overview dashboard, which provides an at-a-glance perspective into your organization's network security posture.
The following table outlines the default widgets displayed on the Network Overview dashboard in the Network Security app (Network SecurityNetwork Overview).
Widget
Description
Detection Highlights (supports all Network Security solutions)
Displays the number of detections for key network threat types. The detection values displayed are based on the Network Security solution you specify from the Data Source pulldown menu (either Deep Discovery Inspector, Virtual Network Sensor, TippingPoint, TippingPoint Network Sensor, or all four) and the time period you specify (the pulldown menu default is Last 7 days). The number of Workbench alerts related to these detections is also displayed.
Detection numbers are provided for the following threat types:
  • Command and Control (C&C) communication
  • Reconnaissance
  • Ransomware
  • Exploit attempts
  • Lateral movement
Top Affected Hosts/IP Addresses (supports all Network Security solutions)
Lists the IP addresss and hostnames in your network with the most filter detections and highest severity ratings.
MITRE ATT&CK® Mapping for Network (supports all Network Security solutions)
Makes use of the ATT&CK® tactics and techniques detected across your network.
Scanned Traffic Summary (Deep Discovery Inspector / Virtual Network Sensor tab, TippingPoint tab)
Provides an overview of scanned traffic, protocols, and discovered devices in your network environment. The widget supports both Network Inspector and Deep Discovery Inspector version 6.6 or later.
Monitored Network Throughput (Deep Discovery Inspector / Virtual Network Sensor tab) Provides an overview of the network traffic monitored by Virtual Network Sensor. Enables you to view the 30-day average traffic volume, assess total bandwidth capacity, and track network traffic levels down to the minute both for individual appliances and across the network environment.
Inspection Events Summary (TippingPoint tab) Displays the number of hits (Blocked and Permitted) detected in your environment and how you have configured filters to mitigate the risk to your network.
Virtual Patching Activity (TippingPoint tab) Displays the CVEs detected in your environment and how you have enabled virtual patching filters to mitigate the risk to your network.