Manualshelf

User Guide

ManualsBrandsAlcatel-Lucent ManualsOtherOMNIVISTA SAFEGUARD MANAGER
81828384858687888990
OmniVista SafeGuard Manager Administration Guide
82
Chapter 4: Visualization
2 Search the data displayed locally in the table view by clicking the Find icon in the
Action Bar. A free-form text search field is displayed. Enter a keyword in the text
field to define your search. To search the database, click the Database Search
button in the Find field. For more information on using the search and sort
features, see Chapter 3, General Navigation.
3 Use the navigation tree to the left to view malware incidents by the type of
infection (quarantined, action taken, malware category, detection algorithm), role,
or location. For more information on using the left column fields, see Chapter 3,
General Navigation.
4 Select a row and click Clear to clear the infection event and enable the device. For
example, if the option was set to block the host and the host is infected, the device
sends an alert. OmniVista SafeGuard Manager takes the appropriate action to
either just log or block it. When you select Clear, you remove the malware event
and tell OmniVista SafeGuard Manager to let the host pass through.
5 Select a row and click Whitelist, which adds a white list to the user and any traffic
from the user will not be considered for malware detection. A confirmation dialog
box displays asking you to select Yes to proceed or No to cancel.
6 Click User Details to get a detailed view of the user activity.
7 Highlight an incident to get a detailed view of the selected malware instance. The
Infection Details view at the bottom of the screen shows the detailed view of the
Protocol Protocol being used: TCP or UDP.
History History of the last 8 malware incidents. When you place your cursor on
the history column, a tooltip displays up to 8 IP addresses related to
the specific incident. This is very helpful for diagnostic purposes, to see
what algorithm was used to determine that this is actually an incident
and what other IP address are impacted.
Cleared Time Time the malware is cleared. The cleared time is shown in History view
only.
Authentication Status Authentication status for the user, authenticated or unauthenticated.
Authentication Role Authentication role for the user.
User Status User Status: Active or inactive.
NOTE: A malware event can be cleared either at the device level or
through OmniVista SafeGuard Manager. After the device detects that
the malware does not exist, it can send a clear event or the user can clear
the event from OmniVista SafeGuard Manager.
Table 12 Malware Attributes (continued)
Attribute Description