Threats

In the Threats menu, you can see charts of the security incidents logged in your network, view incident logs and search the intelligence database of Threat Defender.

Threat Defender integrates a continuously active threats subsystem that is designed to handle an optimized data structure and therefore causes no performance losses. It provides a bundle of feeds from multiple sources. These feeds contain various types of data, such as information on downloads of ransomware, C&C server domains and so on.

Threat Defender compares all network traffic flows to these feeds in real time. If a threat indicator is discovered, the policy engine can be used to log the event and/or intercept the concerned traffic.

• Overview
• Incident Logs
  • Incident Details
• Intelligence Database
  • Summary
  • Events
  • Attributes
  • IPS Rules
  • IPS Settings