Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01 Manual page 152

Configuring Intrusion Detection and Prevention Devices Guide
Table 61: NSM DI/IDP Predefined Reports (continued)
Report
All Attacks Prevented by Severity (last 24
hours)
All Attacks Over Time (last 7 days)
All Attacks Prevented Over Time (last 7
days)
All Attacks Over Time (last 30 days)
All Attacks Prevented Over Time (last 30
days)
Critical Attacks (last 24 hours)
Critical Attacks Prevented (last 24 hours)
Critical through Medium Attacks (last 24
hours)
Critical through Medium Attacks Prevented
(last 24 hours) (last 24 hours)
Top 50 Scan Sources (last 7 days)
Top 50 Scan Targets (last 7 days)
Profiler - New Hosts (last 7 days)
Profiler - New Ports (last 7 days)
Profiler - New Protocols (last 7 days)
Top IDP Rules
Table 62: NSM Profiler Predefined Reports
Report
Top 10 Peers by Count
136
Description
Number of attacks prevented by severity level (set in attack objects).
All attacks detected during the last 7 days.
All attacks prevented during the last 7 days.
All attacks detected during the last 30 days.
All attacks prevented during the last 30 days.
All attacks categorized as "critical" detected during the past 24 hours.
All attacks categorized as "critical" prevented during the past 24 hours.
All attacks categorized as either "critical" or " medium" detected during the past
24 hours.
All attacks categorized as either "critical" or "medium" prevented during the past
24 hours.
IP addresses that have most frequently performed a scan of a managed device.
IP addresses that have most frequently been the target of a scan over the last 7
days.
New hosts listed in the Profiler over the last 7 days.
New ports listed in the Profiler over the last 7 days.
New protocols listed in the Profiler over the last 7 days.
The total number of log entries generated by specific rules in your IDP policies.
You can use the Top Rules report to identify those rules that are generating the
most log events. This enables you to better optimize your rulebases by identifying
those rules that are most and least effective. You can then modify or remove those
rules from your security policies.
Table 62 on page 136 describes Profiler predefined reports. These reports are related to
activity by hosts in your network.
Description
Ten source and destination IP addresses that appeared most frequently in the
Profiler logs.
Copyright © 2010, Juniper Networks, Inc.