Specifications
Using the ASM Activity Monitor
The Activity Monitor opens when you launch Automated Security Manager (ASM). It contains a log of ASM
activities, and provides access to features that let you manage responses to network security threats.
Information on:
Set ASM's Operation Mode•
Confirm Responses•
Undo Selected Actions•
Delete Table Entries•
Clean Up Incidents•
Setting ASM's Operation Mode
ASM can be fully enabled, completely disabled, or set to only search for and record network threats:
Click Disabled to set ASM to an inactive state. In this condition, ASM ignores events from the
intrusion detection system and neither seeks out the sources of network threats nor responds to them.
•
Click Search Only to set ASM to recognize security threats, identify their source ports and record
event information in the Activity Monitor but, not to respond.
•
Click Search and Respond to enable all of ASM's features. In this state, ASM is fully active; threats
are recognized, sources identified, and responses (actions) applied.
•
Confirming Actions for Selected Log Entries
Actions that have been configured for Manual Confirmation Required, allow you to examine specific
events before taking an action:
Select one or more events from the Activity Monitor.1.
Click Confirm Response to apply the configured actions.2.
Undo Action
You can reverse the most recent actions on selected event/action entries in the Activity Monitor:
Select one or more events from the Activity Monitor.1.
Click Undo Selected Actions.2.
Delete Table Entries
You can remove selected event/action entries from the Activity Monitor:
Select one or more events from the Activity Monitor.1.
Click Delete Table Entry. The entries are removed without further confirmation.2.
Using the ASM Activity Monitor 76