WANGUARD 5.2 User Manual & Administrator's Guide
Anomaly#
If the Filter mitgates an anomaly it contains the link to the Anomaly Report.
Otherwise will display the message “Filter ofine”.
IP Address
The IP address from your network involved in the trafc anomaly. If the IP address is clicked
then a new tab opens with data specifc to the IP address.
IP Group
The IP Group of the IP address.
Decoder
The trafc type that exceeded the threshold:
TCP+SYN, TCP, UDP, ICMP, OTHER.
IPs
The number of unique IP addresses detected making trafc with the atacked IP address.
Pkts/s
The total packets/second throughput towards the atacked IP address.
Bits/s
The total bits/second throughput towards the atacked IP address.
Dropped
It represents the rate of packets dropped in the capturing process. When the number is high it
indicates a performance problem.
Load
The load of the operatng system for the last 5 minutes.
Peak CPU%
The maximum CPU percent used by the Filter process.
RAM
The amount of memory used by the Filter process.
Start Time
The date when the Filter started to mitgate the anomaly.
Sensors
When you click a Sensor's name anywhere in the Console, the Sensor's tab is opened. The Sensor tab
includes few sub-tabs located on the botom side. All sub-tabs use the following common toolbar felds:
●
Sensors
Select the Sensors you're interested in or “All” to select all Sensors. Multple selectons can be made.
Administrators can flter what Sensors are available to users.
●
Time Frame
Select predefned tme-frames or enter your own by selectng “Custom...”.
Sensor Dashboard
The Sensor Dashboard allows you to group the most relevant data a Sensor can give you to a single tab.
The Sensor Dashboard's confguraton does not apply to a partcular Sensor. The changes you make here will
be visible for each Sensor.
The operaton of Dashboards is documented in the Reports » Dashboards chapter on page 16.
- 20 -
Содержание Wanguard 5.2
Страница 1: ......