Managing hosts in ETM Dashboard
Overview
The Hosts view in ETM Dashboard enables you to view Internet activity of host devices on your networks. You can view additional details of hosts that are protected by Bitdefender GravityZone, Malwarebytes, or Webroot Endpoint Protection.
To view additional host details you must configure a connection with the provider. See these articles for more details on specific integrations.
- Managing endpoints via Bitdefender GravityZone integration
- Managing Endpoints via Malwarebytes Integration
- Managing Endpoints via Webroot Integration
This information is queried & updated daily.
Viewing hosts
To view activities and other details of host devices, click Hosts. The Hosts table appears in the left pane and provides details about each host.
You can hide columns, sort, or filter any of the details by clicking the three stacked horizontal lines at the right-hand side of each column header and choosing an action.
The available columns for each host include:
- Endpoint security association icon
- Hostname
- IP address
- Mac Address
- Mac Address vendor
- Appliance
- UID
- Operating System
- Quota and Quota usage
- License entitlement
- Date creation
- Date updated
Click on a specific host to view additional details.
Summary
By selecting a host, you can view a summary of the host in the Host Details panel at the bottom. The summary includes the same information as the details in the hosts table.
Endpoint Security details
The Endpoint Security tab shows details related to the endpoint security software including the engine version and when it was last seen on the network.
For more details and actions, you can click the link at the top of the screen to launch the web console for the corresponding endpoint management system.
Installed Software
You can see software installed on the endpoint using the Installed Software tab.
Sessions
At the bottom of the Host Details panel you can click Sessions to view all active sessions from that host.
The available details for each session include:
- Timestamp
- Protocol
- Hostname
- Client Port
- Server
- Server Port
- Server Country
- End Time
- License entitlement
- Bypass status
- Tags
You can hide columns and sort any of the details by clicking the three stacked horizontal lines at the right-hand side of each column header and choosing an action.
Web Events
By clicking Web Events you can view all URLs currently visited by the selected host. The available details for each web event include:
- Timestamp
- Hostname
- Client Port
- Server
- Server Port
- Domain
- Host
- URI
- Method
- Category
- Blocked
- Flagged
- Reason
You can hide columns and sort any of the details by clicking the three stacked horizontal lines at the right-hand side of each column header and choosing an action.
Applications
By clicking Applications you can view all the web applications currently accessing the Internet from the selected host.
The available details for each application connection include:
- Application - The detected application based on the connection characteristics.
- Server - The IP address of the remote server.
- Server Country - The inferred location of the remote server based on IP address.
- Category - The application category.
- Confidence - A confidence level related to the accuracy of the detection.
- Details - Identifiable metadata associated with the network traffic.
- Sent - The amount of transferred data during the connection.
- Received - The amount of received data during the connection.
- Total - The total volume of transferred data during the connection.
- Is Bypassed - Whether the connection was excluded from app management.
- Is Blocked - Whether the connection was blocked.
- Is Flagged - Whether the connection was flagged.
- Tags - Any tags that may be associated with the connection.
Comments
0 comments
Please sign in to leave a comment.