Security Activities
"Tenant"→"Monitor"→"Security Service"→"Security Activities"
In the Security Service of the Nova SASE platform, a threat is recorded when a user accesses an external network or an external network actively accesses the intranet, and the traffic passes through Nova SASE equipment and matches the intelligence detection library, vulnerability protection, anti-virus, anti-spyware, or security protection.
When a user accesses an external network or an external network actively accesses the internal network, a threat count is generated whenever any rule in the five major libraries is matched, including built-in and custom rules in the intelligence detection library, vulnerability protection, anti-virus, anti-spyware, and security protection, regardless of the rule severity or action. Matches on URL filtering, file filtering, content filtering, email filtering, session restrictions, and blacklists or whitelists do not generate threats or compromised host records.
Click the corresponding blue link name to view more detailed statistics for the application or threat, such as:
- Number of visits generated by each source IP
- Number of visits to each destination IP
- Number of visits generated by each site
- Number of visits generated by each security instance
- Number of visits generated by each VRF
- Number of visits generated by each policy
- View security statistics details here. Supports querying data for the last 12 hours at most.
Overview
Threat
URL Filter
Content Filter
Mail Filter
Traffic Filter
