McAfee® Host Intrusion Prevention 6.1 Product Guide

Maintenance

 

Running reports

Top 10 Attacked Nodes for IPS

Use this report to view a bar chart of the top 10 hosts where IPS events are triggered.

Details include:

Initial View

Level 1 Drill Down

Level 2 Drill Down

 

 

 

 

 

 

„

Host Name >

„

Host Name

„

OS User

„

Event Count

„

Signature >

„

Reaction

 

 

„

Count

„

Process

 

 

 

 

„

Source IP

 

 

 

 

„

Incident Time

 

 

 

 

„

Recording Time

 

 

 

 

„

Severity Level

 

 

 

 

„

Event description

 

 

 

 

„

Advanced details

 

 

 

 

 

 

8

Filters on platform and signature type.

Top 10 Triggered Signatures

Use this report to view a bar chart of the 10 most triggered IPS signatures. Details include:

Initial View

Level 1 Drill Down

Level 2 Drill Down

 

 

 

 

 

 

„

Signature Name >

„

Signature Name

„

OS User

„

Event Count

„

Process >

„

Reaction

 

 

„

Count

„

Node name

 

 

 

 

„

Source IP

 

 

 

 

„

Incident Time

 

 

 

 

„

Recording Time

 

 

 

 

„

Severity Level

 

 

 

 

„

Event description

 

 

 

 

„

Advanced details

 

 

 

 

 

 

Filters on platform and signature type.

Blocked Application Summary

Use this report to view a summary of blocked application events per application. Details include:

Initial View

Drill Down

 

 

 

 

„

Application

„

Host Name

 

Description >

„

Host IP

 

 

„

Event Count

„

Event time

 

 

 

 

„

Process name

 

 

„

Application path

 

 

„

Application version

 

 

„

Application hash

 

 

 

 

Filters on application description and event time.

128

Page 128
Image 128
McAfee 6.1 manual Top 10 Attacked Nodes for IPS, Top 10 Triggered Signatures, Blocked Application Summary