Detailed Firewall Violation Information

Provides specific information about firewall violations on your network, such as the managed product that detected the violation, the source and destination of the transmission, and the total number of firewall violations

Table 1. Detailed Firewall Violation Information Data View




The date and time Apex Central received the data from the managed product


The date and time the managed product generated the data

Product Entity/Endpoint

Depending on the related source:

  • The display name of the managed product server in Apex Central

  • The name or IP address of the endpoint


The name of the managed product or service

Example: Apex One, ScanMail for Microsoft Exchange

Event Type

The type of event that triggered the detection

Example: intrusion, policy violation

Risk Level

The Trend Micro assessment of risk to your network

Example: High security, low security, medium security


The direction of the transmission


The protocol the intrusion uses

Example: HTTP, SMTP, FTP

Source IP

The source IP address of the detected threat

Endpoint Port

The port number of the endpoint under attack

Endpoint IP

The IP address of the endpoint

Target Application

The application the intrusion targeted


The detailed description of the incident by Trend Micro


The action taken by the managed product

Example: file cleaned, file quarantined, file passed


The total number of detections

Example: A managed product detects 10 violation instances of the same type on one computer

Detections = 10