Detailed Intrusion Prevention Information

Provides specific information to help you achieve timely protection against known and zero-day attacks, defend against web application vulnerabilities, and identify malicious software accessing the network

Data

Description

Generated

The date and time the managed product generated the data

Received

The date and time Apex Central received the data from the managed product

Server

The display name of the managed product server

Product Entity/Endpoint

The name or IP address of the endpoint

Affected IP Address

The IP address of the endpoint affected by the threat

Reason/Rule

The Intrusion Prevention Rule triggered by the event

Mode

The network engine detection mode used by the Intrusion Prevention module

Action

The action taken by the managed product

Application Type

The Application Type associated with the Intrusion Prevention Rule triggered by the event

Attack Source

The source of the detected threat

Source IP Address

The source IP address of the detected threat

Source MAC Address

The source MAC address of the detected threat

Source Port

The source port of the detected threat

Destination IP Address

The IP address that the threat accessed

Destination MAC Address

The MAC address that the threat accessed

Destination Port

The port number that the threat accessed

MAC Address (Interested)

Depending on the direction of network traffic:

  • The Source MAC Address of inbound network traffic

  • The Destination MAC Address of outbound network traffic

Protocol

The protocol that the threat used to enter the network

Direction

The direction of the transmission

Priority

The importance of the detection according to the ranking system used by the standalone version of Vulnerability Protection

Severity

The severity level of the event