Managing hosts in ETM Dashboard

Overview

The Hosts view in ETM Dashboard enables you to view Internet activity of host devices on your networks. You can view additional details of hosts that are protected by Bitdefender GravityZone, Malwarebytes, or Webroot Endpoint Protection.

To view additional host details you must configure a connection with the provider. See these articles for more details on specific integrations.

This information is queried & updated daily.

Viewing hosts

To view activities and other details of host devices, click Hosts. The Hosts table appears in the left pane and provides details about each host. 

hosts.png

You can hide columns, sort, or filter any of the details by clicking the three stacked horizontal lines at the right-hand side of each column header and choosing an action.

hosts_2.png

The available columns for each host include:

  • Endpoint security association icon
  • Hostname
  • IP address
  • Mac Address
  • Mac Address vendor
  • Appliance
  • UID
  • Operating System
  • Quota and Quota usage
  • License entitlement
  • Date creation
  • Date updated

Click on a specific host to view additional details.

Summary

By selecting a host, you can view a summary of the host in the Host Details panel at the bottom. The summary includes the same information as the details in the hosts table.

host3.png


Endpoint Security details

The Endpoint Security tab shows details related to the endpoint security software including the engine version and when it was last seen on the network. 

For more details and actions, you can click the link at the top of the screen to launch the web console for the corresponding endpoint management system. 

hosts_4.png

Installed Software

You can see software installed on the endpoint using the Installed Software tab.

hosts_5.png

Sessions

At the bottom of the Host Details panel you can click Sessions to view all active sessions from that host. 

hosts_6.png

The available details for each session include:

  • Timestamp
  • Protocol
  • Hostname
  • Client Port
  • Server
  • Server Port
  • Server Country
  • End Time
  • License entitlement
  • Bypass status
  • Tags

You can hide columns and sort any of the details by clicking the three stacked horizontal lines at the right-hand side of each column header and choosing an action.

Web Events

By clicking Web Events you can view all URLs currently visited by the selected host. The available details for each web event include:

  • Timestamp
  • Hostname
  • Client Port
  • Server
  • Server Port
  • Domain
  • Host
  • URI
  • Method
  • Category
  • Blocked
  • Flagged
  • Reason

You can hide columns and sort any of the details by clicking the three stacked horizontal lines at the right-hand side of each column header and choosing an action.

Applications

By clicking Applications you can view all the web applications currently accessing the Internet from the selected host. 

hosts_8.png

The available details for each application connection include:

  • Application - The detected application based on the connection characteristics.
  • Server - The IP address of the remote server.
  • Server Country - The inferred location of the remote server based on IP address.
  • Category - The application category.
  • Confidence - A confidence level related to the accuracy of the detection.
  • Details - Identifiable metadata associated with the network traffic.
  • Sent - The amount of transferred data during the connection.
  • Received - The amount of received data during the connection.
  • Total - The total volume of transferred data during the connection.
  • Is Bypassed - Whether the connection was excluded from app management.
  • Is Blocked - Whether the connection was blocked.
  • Is Flagged - Whether the connection was flagged.
  • Tags - Any tags that may be associated with the connection.
Follow
Was this article helpful?
2 out of 3 found this helpful
Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.

Powered by Zendesk