Manualshelf

Reference Guide

ManualsBrandsDell ManualsConverged InfrastructureEncryption
51525354555657585960
Navigate the Dell Server
48
enterprise or for a specific endpoint. To view threat events of a specific endpoint, from the Enterprise
Threat Events tab, select the endpoint's device in the Device ID column.
To view threat events in the enterprise, follow these steps:
1. In the left pane, click Populations > Enterprise.
2. Click the Threat Events tab.
3. Select the desired severity level and time period to display events.
To view threat events on a specific endpoint, follow these steps:
1. In the left pane, click Populations > Endpoints.
2. Search or select a hostname, then the Threat Events tab.
Manage Enterprise Advanced Threats
Advanced Threats tab
If the Advanced Threat Prevention service is provisioned and licenses are available, the Advanced
Threats tab provides a dynamic display of detailed events information for the entire enterprise, including
a list of the devices on which events occurred and any actions taken on those devices for those events.
For information about provisioning the service, see Provision Advanced Threat Prevention Service
.
To access the Enterprise Advanced Threats tab, follow these steps:
1. In the left pane, click Populations > Enterprise.
2. Select the Advanced Threats tab.
Information about events, devices, and actions are organized on the following tabs:
Protection
- Lists potentially harmful files and scripts and details about them, including the devices on
which the files and scripts are found.
Agents - Provides information about devices running the Advanced Threat Prevention client as well as the
option to export the information or remove devices from the list.
Global List - Lists files in the Global Quarantine and Safe list and provides the option to move files to
these lists.
Options - Provides a way to integrate with Security Information Event Management (SIEM) software using
the Syslog feature as well as export Advanced Threat data.
Certificate - Allows certificate upload. After upload, certificates display on the Global List tab and can be
Safe listed.
Tables on the tabs can be organized in these ways:
Add or remove columns from the table - Click the arrow next to any column header, select Columns, then
select the columns you want to display. Clear the check box of columns to hide.
Sort the data - Click a column header.
Group by a column - Drag the column header up, until it turns green.
Filter based on data of one column - click the down-arrow on any column to display the context menu, and
select Filter.
Advanced Threat Events tab