User Manual Part 3
Forensics Tab
SpectraGuard® Enterprise User Guide
160
You can view the threats based on the Time Filter, do one of the following:
Select Time Period and select Last 4 Hours, Last 12 Hours, Last 24 Hours, or Last 48 Hours from the drop-
down list.
Select From click the icon to specify a start date and time. Under To, click the icon to specify an end
date and time and then click Apply.
Threat list is organized such that it is easy to determine whether it is AP based threat or Client based threat, based on
the primary device involved in the threat.
AP Based Threats: These are threats wherein the main participating/effected device is an AP. AP based
threats are sub-categorized as follows:
Rogue AP
Mis-configured AP
Honeypot AP
Banned AP
DoS
Client Based: These are threats wherein main participating/effected device is a Client. Client based threats
are sub-categorized as follows:
Unauthorized Association
Mis-association
Bridging Client
Banned Client
Ad hoc Networks
You can also view the summary information about threats in the form of pie charts under the AP related instances
and Client related instances.
Viewing Threats List
Forensics analysis of threats involve systematic drill down into the threat details. Viewing the threat list is the first of
those actions. Use the following steps to view threat list:
1. In the Location tree, select a location.
2. In the right pane, the threat list displays. The threat list has the following columns: