This article discusses how to use the Endpoint Protection (EPP) Dashboard to get a quick overview of threats detected by EPP in your network.
The EPP Dashboard lets you view the malicious and suspicious threat activity in your network detected by the EPP engines. The page contains a number of widgets that provide visibility for threat activity and the impacted users. The page also lets you add items to the threats filter to drill-down and focus on the relevant threat data and events in your account. For more information about Cato's EPP solution, see Getting Started with Cato's Endpoint Protection (EPP).
The Threats Dashboard page shows the total threat activity over the time range.
Name |
Description |
---|---|
Total Endpoints |
The number of endpoints protected by Cato's EPP solution. |
Assigned Licenses |
The percentage of of EPP licenses that have been used. |
Total Threats Found |
The number of threats found on all endpoints. |
Total Files Quarantined |
The number of files quarantined on all endpoints. |
Time Range |
The time range applied to the page. |
Top Threats |
The most common threats detected on your endpoints. |
Threats per Day |
The number of threats detected per day. |
Threats by Detection Engine |
The number of threats detected by each EPP detection engine. |
Top Threatened Users |
The users with the highest number of threats detected on their endpoint. |
Top Malicious Files |
The most common malicious files detected on your endpoints. |
Top Malicious Hashes |
The most common file hashes detected on your endpoints. |
Version Distribution per Endpoint |
The number of each EPP agent version installed on your endpoints. |
You can choose to filter the data in the EPP Dashboard by automatically updating the filter with the selected item, or manually configuring the filter.
As you hover over an item or field where a filter option is available, the menu icon ( ) appears. Click the icon and select Add to Filter or Exclude from Filter.
The EPP Dashboard now displays data based on your selection. For example, in the Threats by Detection Engine widget, if you add Anti-Malware to the filter, the dashboard only displays analytics and data from threats detected by the Anti-Malware engine.
To continue to add or exclude items to the filter, click the menu icon () again to update the filter and drill-down further.
You can manually configure the filter for greater granularity to analyze threats on your endpoints. After you configure the filter, it is added to the filter bar and the dashboard is automatically updated to show the analytics and data to match the new filter.
To further analyze threats identified by EPP, you can view the events for items within a widget. For example, you can view the events of a threatened user.
0 comments
Please sign in to leave a comment.