User Manual Part 3

Forensics Tab
SpectraGuard® Enterprise User Guide
163
Event End Time: Displays the event end time. If the event is live, the Event End Time is Ongoing.
Refer to AP Based Threats section or Client Based Threats section for more details about Association, Prevention,
and Admin tabs depending on the threat type.
AP Based Threats
The AP Based Threats Details dialog gives information about the AP based threat, which helps you determine the
actions taken after the threat was detected.
To open the AP Based Threat Details dialog, select an AP Threat row on the Forensics screen, and click Details. The
AP Based Threat Details dialog has the following tabs namely: Association, Prevention, and Admin. By default, the
Association tab appears.
AP Based Threat Details dialog
AP Based Threat Association Tab
Association Tab shows the number of connection attempts that where made to the AP selected for the duration of
the selected Event. The fields in Association Tab are as follows:
AP: In case of AP based threats, AP is the Primary Device. Click AP, the AP Details dialog opens.
Client: Client is the device, which is associated to the Primary Device. Click Client, the Client Details
dialog opens.
Association Start Time: Specifies the start time when the Primary Device associates with the device.
Association End Time: Specifies the end time when the Primary Device ends association with the device.
Locate: Click Locate, the Location dialog opens. Select the AP/Client participating in the event from Locate
Device drop down list. Select Start Time of Association and End Time of Association from At drop down
list. Click Locate the location of the selected device at the selected time is displayed in the Thermometer