This tab contains a collection of widgets meant to provide a snapshot of the general security situation of the whole network.
The top part of this tab includes three widgets that represent general network information. You can check the general count of events since the first day of the year and the amount of events per second over the last 24 hours. In the middle there is a gauge meter that shows the overall threat level of the network over the last 7 days and the previous week. These values are calculated using an algorithm that takes into account the alert priorities, weights and maximum limits, all of which are configurable by domain. See Installing the Security Insights application to learn more.
One of the foundations of cyber security is to understand normal behavior and trends, in order to make decisions when changes occur. These widgets help you do it, displaying general trends related to threats, alerts and anonymous traffic, comparing current values with values of the last day and week.
The next area in this tab is related to alerts. Alerts are very important to complement the insights, and we have configured a set of more than twenty alerts based on firewall and web logs. Admin users can edit these alerts and their priorities, as well as adding new alerts. Here is the complete list of alerts and their definitions.
The punch card widget shows the distribution of triggered security alerts over the last 24 hours, and the table lists the count of the most triggered ones. You can also see the distribution of alerts by priority over the last 24 hours in the pie chart, and the most recent trriggered alerts in the table next to it.
Alerts are distributed in two ways: by priority and by tier. Priority is defined in the AlertDescription lookup file, using values from 1 to 5, where 1 is the highest priority.
Alerts, threats and anonymous traffic evolution
The bottom section of this tab shows the evolution and trend of alerts, threats and anonymous traffic over the last 12 months, through their corresponding heat calendar and line chart.