Detailed Firewall Violation Information

Provides specific information about the firewall violations on your network. Example: the managed product that detects the firewall violation, specific information about the source and destination, the total number of firewall violations on the network

Table 1. Detailed Firewall Violation Information Data View
Data	Description
Received	Displays the time that Control Manager receives data from the managed product
Generated	Displays the time that the managed product generates data
Product Entity/Endpoint	This data column displays one of the following: The entity display name for a managed product. Control Manager identifies managed products using the managed product's entity display name The IP address or host name of a computer with an agent (for example, OfficeScan agent) installed
Product	Displays the name of the managed product Example: OfficeScan, ScanMail for Microsoft Exchange
Event Type	Displays the type of event that triggers the violation. Example: intrusion, policy violation
Risk Level	Displays the Trend Micro assessment of risk to your network. Example: High security, low security, medium security
Traffic/Connection	Displays the direction of violation entry
Protocol	Displays the protocol the intrusion uses Example: HTTP, SMTP, FTP
Source IP	Displays the IP address of the computer attempting an intrusion on your network
Endpoint Port	Displays the port number of the computer under attack
Endpoint IP	Displays the IP address of the computer under attack
Target Application	Displays the application the intrusion has targeted
Description	Detailed description of the incident by Trend Micro
Action	Displays the type of action managed products take against policy violations Example: file cleaned, file quarantined, file passed
Detections	Displays the total number of policy/rule violations managed products detect Example: A managed product detects 10 violation instances of the same type on one computer Detections = 10