Potential Vulnerability Attacks

Configure the following event notification to notify administrators when Network VirusWall has detected potential vulnerability attacks.

  1. Go to Detections > Notifications > Event Notifications.

    The Event Notifications screen appears.

  2. Click Network Access Control.

    A list of events appears.

  3. In the Event column, click Potential vulnerability attacks.

    The Potential Vulnerability Attacks screen appears.

  4. Specify the following notification settings.

    Settings

    Description

    Detections

    Specify the amount of potential vulnerability attacks detected by Network VirusWall.

    Period

    Specify the period of time.

    Reported by

    Specify the number of Network VirusWall devices that reported the potential vulnerability attack.
  5. Select recipients for the notification.
    1. From the Available Users and Groups list, select contact groups or user accounts.
    2. Click >.

      The selected contact groups or user accounts appear in the Selected Users and Groups list.

  6. Enable one or more of the following notification methods.

    Method

    Description

    Email message

    To customize the email notification template, use supported token variables or modify the text in the Subject and Message fields.

    For more information, see Standard Token Variables and Network Access Control Token Variables.

    Windows event log

    To customize the notification template, use supported token variables or modify the text in the Message field.

    For more information, see Standard Token Variables and Network Access Control Token Variables.

    SNMP trap

    Apex Central stores SNMP trap notifications in a Management Information Base (MIB). To view the SNMP trap notifications, go to Notifications > Notification Method Settings and click Download MIB file under SNMP Trap Settings.

    Trigger application

    Specify the full path of the application file and any parameters for the command.

    Syslog

    Apex Central can direct syslogs to supported third-party products, including Cisco Security Monitoring, Analysis and Response (MARS).
  7. To test if recipients can receive the event notification, click Test.
  8. Click Save.
Parent topic: Network Access Control Events