search

Alto MONITOR Bedienungsanleitung Seite 17

  • Herunterladen
  • Zu meinen Handbüchern hinzufügen
  • Drucken
  • Seite
    / 18
  • Inhaltsverzeichnis
  • LESEZEICHEN
    • Bewertet. / 5. Basierend auf Kundenbewertungen
Seitenansicht 16
Panorama Administrator’s Guide 161
Monitor Network Activity Use Case: Respond to an Incident Using Panorama
Review Data Filtering Logs
The data filtering log (Monitor > Logs > Data Filtering) is another valuable source for investigating malicious
network activity. While you can periodically review the logs for all the files that you are being alerted on, you can
also use the logs to trace file and data transfers to or from the victim IP address or user, and verify the direction
and flow of traffic: ser ver to client or client to ser ver. To recreate the events that preceded and followed an event,
filter the logs for the victim IP address as a destination, and review the logs for network activity.
Because Panorama aggregates information from all managed firewalls, it presents a good overview of all activity
in your network. Some of the other visual tools that you can use to survey traffic on your network are the
Threat
Map
, Traffic Map, and the Threat Monitor. The threat map and traffic map (Monitor > AppScope > Threat Map or
Traffic Map) allow you to visualize the geographic regions for incoming and outgoing traffic. It is particularly
useful for viewing unusual activity that could indicate a possible attack from outside, such as a DDoS attack. If,
for example, you do not have many business transactions with Eastern Europe, and the map reveals an
abnormal level of traffic to that region, click into the corresponding area of the map to launch and view the
ACC information on the top applications, traffic details on the session count, bytes sent and received, top
sources and destinations, users or IP addresses, and the severity of the threats detected, if any. The threat
monitor (
Monitor > AppScope > Threat Monitor) displays the top ten threats on your network, or the list of top
attackers or top victims on the network.
Update Security Policies
With all the information you have now uncovered, you can sketch together how the threat impacts your
network—the scale of the attack, the source, the compromised hosts, the risk factor—and evaluate what
changes, if any, to follow through. Here are some suggestions to consider:
Copyright © 2007-2014 Palo Alto Networks
Seitenansicht 16
1 2 ... 12 13 14 15 16 17 18

Kommentare zu diesen Handbüchern

Keine Kommentare
Verwandte Produkte und Handbücher für Prozessoren Alto MONITOR
Prozessoren Alto Verb Bedienungsanleitung   (17 Seiten)
Prozessoren Alto Verb Bedienungsanleitung   (35 Seiten)
Prozessoren Alto Verb Bedienungsanleitung   (34 Seiten)
  • Swit-electronics Blaze King YMGI Rtd ZyXEL
  • LG IP-Telefone Siemens Kühlschränke Sherwood DVD Spieler Lexmark Toner & Laserpatronen Propellerhead Musikinstrumente
  • Visioneer Patriot 480 Uniden DXAI4588 Cineroid EVF4RVW Electrolux EUN1101AOW Sony VPCX131KX
  • Gateway GM5643e Bedienungsanleitung Crestron CP2 Spezifikationen Electrolux EHF6140FOK Bedienungsanleitung Jelly-belly Manual Ice Shaver Bedienungsanleitung Mini MINI CLUBMAN Bedienungsanleitung