Dashboard

Prev Next

Available in Classic

In Dashboard, you can check the results of detections and actions taken by the security services of Basic Security during the search period. In addition, you receive weekly and monthly reports via email that summarize detection and action results so you can monitor effectively.

Caution
  • Anti-Virus, WAF, Anti-DDoS, and IPS are paid security services exclusive to Security Monitoring Managed. For more information about Security Monitoring Managed, see the Security Monitoring user guide.
  • You can only see the dashboard for the security services you've subscribed to.

Dashboard interface

The Dashboard interface includes the following components:

basicsecurity-dashboard-classic_01_ko

Component Description
① Menu name Current menu name.
② Basic features Inquire about using Basic Security, check its details, and refresh the Dashboard page.
③ Security services Tab menu for each security service.
④ Dashboard Area to view detection and action results by security service.

View Dashboard

You can check the results of detections and actions taken by security services during the search period in tables and graphs. To view the information:

  1. From the NAVER Cloud Platform console's Classic environment, navigate to i_menu > Services > Security > Security Monitoring.
  2. Click the Dashboard menu.
  3. Click the tab menu of the security service for which you want to view the detection and action results.

IDS

When you click the IDS tab menu, you can view the detected attacks within the search period. To view the detection results of IDS:

  1. When the IDS interface appears, click and select the period you want to search from Select period.
    • When entering manually, the maximum search period is 31 days.
  2. To add search conditions, set the necessary items from Zone, Attack type, Attacker IP, and Target IP.
  3. Click [Search].
  4. Check the search results.
    • Registered time: Time the detected security event was registered on the console.
      • You can check the actual detection time of the security event in View details.
    • Zone: The zone where the security event was detected.
    • Attack type: The attack type of the detected security event.
    • Report type: Information according to the analysis result of the detected security event.
      • Analysis report: The report finds that your service is affected and you need to check the issue.
      • Vulnerability action recommended: A vulnerability has been detected on your service, and actions need to be taken.
      • Intrusion analysis: Determined as an intrusion, and emergency actions need to be taken.
    • Attacker IP: Detected attacker IP address.
    • Target IP: IP address targeted for the attack.
    • View: For more information about detection information and load balancer information (when the target of the attack is LB IP) of the security event, click View details.
  5. Click View graph view the statistics for the search results as a graph.
    basicsecurity-dashboard-classic_02_ko
  6. Check the graph.
    • Number of detected attacks by attack type: Hover over to see the number of attacks by attack type.
    • Rate of detected attacks by attack type: Hover over to see the attack rate by attack type. Click an attack type to select only the items to display in the graph.
    • Number of detected attacks by attacker IP: Hover over to see the number of detected attacks by attacker IP.
    • Rate of detected attacks by attacking country: Hover over to see the attack rate by attacking country. Click an attacking country to select only the items to display in the graph.
Note
  • To close the graph you checked from Step 6, click Hide graph.
  • In Step 6, the attacking country is determined through the attacker IP, and the country name is indicated by the country code. For country codes, see ISO 3166-1 alpha-2.

Anti-Virus

When you click the Anti-virus tab menu, you can view the information of detected malware within the search period. In addition, you can check the method that was used to handle the detected malware. To view the detection and action results of Anti-Virus:

  1. When the Anti-Virus interface appears, click and select the period you want to search from Select period.
    • When entering manually, the maximum search period is 31 days.
  2. To add search conditions, set the necessary items from Zone, Detection name/Detection path, and Detected IP.
  3. Click [Search].
  4. Check the search results.
    • Detection time: The time when the security event was detected.
    • Zone: The zone where the security event was detected.
    • Detected name: Name of the detected malware.
    • Detected IP: The IP address where the malware was detected.
    • Detected path: The location where the malware was detected.
    • Action status: Refers to the method used to handle the detected malware and is categorized as Quarantine, Pass, Delete, and so on.
  5. Click View graph view the statistics for the search results as a graph.
  6. Check the graph.
    • Number of detections by detected name: Hover over it to see the number of detections by detected name.
    • Number of detections by detected IP: Hover over it to see the number of detections by detected IP.
Note

To close the graph you checked from Step 6, click Hide graph.