Zoho Corp.
Attack Reports
The Attack Reports section includes reports that show details of attacks that have been identified by the firewall. These reports help in identifying the top attackers, the top targets for the attacks and other details like protocol used, the priority of the attack and the status of the attack.
On the top right side of the Report screen, there will be three combo boxes. They are:
• Top 5 • Filter by • Export as
Top 5
The Top 5 combo box lets you choose the level of detail in the reports. By default, the top five values are shown. To show more than 15 values, the report uses only tables. There is an option to display the Graph only.
• Top 5 (graph & table) • Top 10 (graph & table) • Top 15 (table only) • Top 20 (table only) • Top 25 (table only) • Graph only
Below each graph click the Hide Table link to hide the table. Click the Show Table link to see the table again.
Filter by
The Filter by combo box lets you choose the field of filter in the reports. There will be three field values for filtering. They are:
• Source • Destination • Protocol • Summary Export as
The Export as combo box lets you choose the format of the reports for export. There will be two formats for exporting. They are:
• PDF • CSV
Click on the PDF to export this report to PDF. Click on the CSV to export this report to CSV format (comma separated values).
84 Zoho Corp.
The Top Attackers report shows the top source IP addresses or host names from which attacks are originating, along with the protocol used for the attack and the number of hits. The Top Targets report shows the top destination IP addresses or host names that have been attacked, along with the protocol used for the attack and the number of hits.
Drill down from these graphs to see the following details:
Field Description
Attack The name or id (as defined by the firewall) of the attack that was sent or received Destination/
Host The destination host or IP address to which the attack was sent/ The host or IP address that sent the attack Severity The severity level of the attack, as defined by the firewall
Hits The number of times the attack was sent to or received by the same host Subtype The subtype of the attack, as defined by the firewall
Time The time stamp when the attack was sent or received Status The status of the attack that was sent or received Message The attack message generated by the firewall
The Top Protocols Used By Attacks report shows the top protocols used by each attack. The Top Attacks By Priority report shows the top attacks classified based on priority like Alert, Emergency etc.
Drill down from these graphs to see the following details:
Field Description
Host The host or IP address that sent the attack
Destination The destination host or IP address to which the attack was sent Severity/
Protocol The severity level of the attack, as defined by the firewall/ The protocol used to send the attack
Hits The number of times the attack was sent to or received by the same host Subtype The subtype of the attack, as defined by the firewall
Time The time stamp when the attack was sent or received Status The status of the attack that was sent or received Message The attack message generated by the firewall
The Top Attacks with Status report shows the status of the Top Attacks (ID or names) based on the number of hits. Drill down from this graph to see the following details:
Field Description
Attack The name or id (as defined by the firewall) of the attack that was sent or received Host The host or IP address that sent the attack file
Destination The destination host or IP address to which the attack file was sent Protocol The protocol used by the attack to send this attack file
85 Zoho Corp.
Field Description
Hits The number of times the attack file was sent to the same host Subtype The subtype of the attack, as defined by the firewall
Time The time stamp when the attack file was sent Status The status of the attack that was sent or received Message The attack message generated by the firewall
The Top Attacker by unique targets report shows peer to peer attack details. The report lists the hosts from which attacks are originating along with number of
unique/distinct destinations (hosts) targeted. Drill down from this graph to see the following details:
Field Description
Destination The destination host or IP address to which the attack file was sent Attack The name or id (as defined by the firewall) of the attack that was sent or received Protocol The protocol used by the attack to send this attack file
Status The status of the attack that was sent or received Count No. of times the attack file was sent to the destination. Message The attack message generated by the firewall
86 Zoho Corp.
Spam Reports
The Spam Reports section includes reports that show details on spams that have been detected by the firewall. These reports help in identifying the top spams that have affected the network, analyze the extent of damage, and also track the source of the spam attack.
On the top right side of the Report screen, there will be three combo boxes. They are: • Top 5
• Filter by • Export as
Top 5
The Top 5 combo box lets you choose the level of detail in the reports. By default, the top five values are shown. To show more than 15 values, the report uses only tables. There is an option to display the Graph only.
• Top 5 (graph & table) • Top 10 (graph & table) • Top 15 (table only) • Top 20 (table only) • Top 25 (table only) • Graph only
Below each graph click the Hide Table link to hide the table. Click the Show Table link to see the table again.
Filter by
The Filter by combo box lets you choose the field of filter in the reports. There will be three field values for filtering. They are:
• Source • Destination • Protocol • Summary Export as
The Export as combo box lets you choose the format of the reports for export. There will be two formats for exporting. They are:
• PDF • CSV
Click on the PDF to export this report to PDF. Click on the CSV to export this report to CSV format (comma separated values).