Table 118 – H3C Technologies H3C SecCenter UTM Manager User Manual

137

Table 118 Fields of the event snapshot lists

Field Description

Attack/Virus Destination
IP, Source IP,
Destination/Source Ports,

Protocol

Attack protection lists include statistics on total attack events, attack events

blocked, attack source IP addresses, attack destination IP addresses, and attack
event types.
Virus protection lists include statistics on total virus events, virus events blocked,
virus destination IP addresses, and virus event types.
DDoS attack lists include statistics on DDoS events DDoS attack and destination IP
addresses.

Event Count

Count of the events

Percentage

Percentage of the events

In the Details column of an event snapshot list, you can click the

icon of an attack/virus/DDoS

attack event to enter event details page. For more information, see “

Attack event details

”, “

Displaying

virus event details

”, or “

Displaying DDoS event details

.”

Each attack event name is a link. You can click the link to view the event’s detailed information, including

severity, description, and application. For more information, see

Figure 126

.

In addition to the Snapshot tab, there are Attack Protection tab (see

Figure 129

) Virus Protection tab (see

Figure 130

), and DDoS Attack tab, which provide realtime monitoring reports of attack events and virus

events of the devices. The system collects statistics on the attack/virus information during the last hour,

presenting a trend graph comparing the counts of blocked attack/virus events and the other attack/virus

events as well as trend graphs of attack events by severity level and by protocol. Under the trend graphs

are Top N lists showing the detailed event statistics, including Top N events, sources, targets, ports, and

protocols.