Detailed Firewall Violation Information

Provides specific information about the firewall violations on your network. Example: the managed product that detects the firewall violation, specific information about the source and destination, the total number of firewall violations on the network

Table 1. Detailed Firewall Violation Information Data View




Displays the time that Control Manager receives data from the managed product.


Displays the time that the managed product generates data.

Product Entity/Endpoint

This data column displays one of the following:

  • The entity display name for a managed product. Control Manager identifies managed products using the managed product's entity display name.

  • The IP address or host name of a computer with a client (for example OfficeScan client) installed, that is under attack.


Displays the name of the managed product.

Example: OfficeScan, ScanMail for Microsoft Exchange

Event Type

Displays the type of event that triggers the violation. Example: intrusion, policy violation

Risk Level

Displays the Trend Micro assessment of risk to your network.

Example: high security, low security, medium security


Displays the direction of violation entry.


Displays the protocol the intrusion uses.

Example: HTTP, SMTP, FTP

Source IP

Displays the IP address of the computer attempting an intrusion on your network.

Endpoint Port

Displays the port number of the computer under attack.

Endpoint IP

Displays the IP address of the computer under attack.

Target Application

Displays the application the intrusion targets.


Detailed description of the incident by Trend Micro.


Displays the type of action managed products take against policy violations.

Example: file cleaned, file quarantined, file passed


Displays the total number of policy/rule violations managed products detect.

Example: A managed product detects 10 violation instances of the same type on one computer.

Detections = 10