Appendix D
System Rules and Reports
Activity: Network Usage - Top Destination Ports
Activity: New Malware Discovered - All Events.
•
This report lists all the new virus/worm/malware outbreaks discovered by Cisco Incident Control
Server.
Activity: New Malware Discovered - All Events.
•
This report lists all the new virus/worm/malware outbreaks discovered by Cisco Incident Control
Server.
Activity: New Malware Prevention Deployment Failure - All Events.
•
This report lists all devices to which ACL and signature deployment attempts by a Cisco Incident
Control Server, in response to a new virus/worm/malware outbreak, failed.
Activity: New Malware Prevention Deployment Failure - All Events.
•
This report lists all devices to which ACL and signature deployment attempts by a Cisco Incident
Control Server, in response to a new virus/worm/malware outbreak, failed.
Activity: New Malware Prevention Deployment Success - All Events.
•
This report lists all destinations (Cisco IOS IPS devices and IPS appliances) to which Cisco Incident
Control Server has deployed new ACLs and signatures in respond to a new virus/worm/malware
outbreak.
Activity: New Malware Prevention Deployment Success - All Events.
•
This report lists all destinations (Cisco IOS IPS devices and IPS appliances) to which Cisco Incident
Control Server has deployed new ACLs and signatures in respond to a new virus/worm/malware
outbreak.
Activity: New Malware Traffic Match - All Events.
•
This report details the traffic sources and the enforcing devices that match the ACLs and signatures
deployed by the Cisco Incident Control Server in response to a newly discovered malware outbreak.
Activity: New Malware Traffic Match - All Events.
•
This report details the traffic sources and the enforcing devices that match the ACLs and signatures
deployed by the Cisco Incident Control Server in response to a newly discovered malware outbreak.
•
Activity: New Malware Traffic Match - Top Sources.
This report lists the top sources that match the ACLs or signatures dynamically deployed by Cisco
Incident Control Server in response to a new virus/worm/malware outbreak. This indicates that
these sources are likely infected.
Activity: New Malware Traffic Match - Top Sources.
•
This report lists the top sources that match the ACLs or signatures dynamically deployed by Cisco
Incident Control Server in response to a new virus/worm/malware outbreak. This indicates that
these sources are likely infected.
Activity: P2P Filesharing/Chat - All Events.
•
This event details all P2P File sharing or Chat event details.
•
Activity: P2P Filesharing/Chat - All Events.
This event details all P2P File sharing or Chat event details.
Activity: P2P Filesharing/Chat - Top Event Types.
•
78-17020-01
User Guide for Cisco Security MARS Local Controller
List of System Reports
D-23