Stormshield SN series Configuration Manual page 235

Modify
Reset
Refresh
Export results
Reset columns
"FILTER ON" panel
You can add a criterion by dragging and dropping the value from the results field into the panel.
"Vulnerabilities" view
This tab describes the vulnerabilities detected on the host on which the selected user is
connected.
The "Vulnerabilities" view displays the following data:
ID
Name
Family
Severity
Exploit
Workaround
Level
Port
Service
Assigned
Details
"Application" view
This tab describes the applications detected on the host on which the selected user is
connected.
The "Application" view displays the following data:
Page 235/448
Click on this button to modify the filter being used and to edit criteria. For the
"connections" view, the criteria are the following:
By address range or by IP address
l
By source interface
l
By destination interface
l
By destination port
l
By protocol
l
By user (grayed out if a host has been selected in the "hosts" view).
l
For a value of exchanged data higher than the value specified with the cursor.
l
According to the last use of the connection (only saved connections with a last
l
used value lower than the specified value will be displayed).
By rule name
l
If the See all connections (closed or reinitialized connections, etc.) checkbox has
been selected, all connections will be displayed in the table, regardless of their
status.
This button cancels the action of the filter currently in use. If it is a saved customized
filter, this action will not delete the filter.
This button refreshes data shown on the screen.
This button makes it possible to download a file in CSV containing information from the
table. Once a filter is applied, all results matching this filter will be exported.
This button makes it possible to display only columns suggested by default when the
host monitoring window is opened.
Vulnerability ID
Indicates the name of the vulnerability.
Number of hosts affected.
Indicates the level of severity on the host(s) affected by the vulnerability. There are 4
levels of severity: "Low", "Moderate", "High", "Critical".
Access may be local or remote (via the network). It allows exploiting the vulnerability.
Indicates whether a workaround exists.
The alarm level associated with the discovery of this vulnerability.
The network port on which the host is vulnerable (e.g. 80 for a vulnerable web server).
Indicates the name of the vulnerable program (e.g.: lighthttpd_1.4.28)
Indicates the date on which the vulnerability was detected on the host
Additional information about the vulnerability.
SNS - USER CONFIGURATION MANUAL V.3
sns-en-user_configuration_manual-v3 - Copyright © Stormshield 2016
MONITORING