The Overview main menu tab provides access to the product Dashboards and to the Topology page.
Dashboards Tab
The Dashboards available on this tab vary based on your product subscriptions.
- For Cloud Defender customers, this tab houses all individual solution dashboards, including:
- Remediations & Continuous Scans
- Network IDS
- Log Management
- Web App IDS
- Scans
- Cloud Insight customers will see two dashboards--Incidents and Remediations & Continuous Scans. The Topology tab is also available.
- Threat Manager customers will see two dashboards--Network IDS and Scans.
- Web Security Manager Premier customers will see an additional WAF dashboard.
Scans
A scan detects and identifies network and host vulnerabilities in your environment. Scans can perform external attack simulations as well as comprehensive vulnerability checks including registry evaluation. Scans can also help you meet compliance requirements, such as PCI compliance.
The following table describes the types of scans that are supported:
|
Scan Type |
Description |
|
Internal |
An internal scan runs from the Alert Logic appliance in your environment. When you define a scan, you can specify credentials to use with the internal scan. If you specify credentials, Alert Logic Threat Manager™ can log on to each host on your network and collect information about the host while it performs comprehensive vulnerability checks, including registry setting evaluation. If you do not specify credentials, Threat Manager scans your network without logging on to each host and performs as many checks as possible. You can enable and disable internal scanning from the Appliances interface in the Alert Logic user interface (UI). For more information about this feature, see "Enable scans". |
|
External |
An external scan runs from the Alert Logic data centers against your environment. This type of scan simulates attacks from outside your network and identifies potential issues from these attack types. This type of scan also helps you meet compliance requirements. |
|
PCI |
A PCI scan is a special type of external scan that is used specifically for Payment Card Industry (PCI) compliance requirements. This is also performed externally from the Alert Logic data centers and performs a scanning specifically tailored for achieving PCI compliance. |
From the Scans tab, you can create new scans, edit existing scan definitions, and view scan results. You can also define and schedule scans to run on a regular basis during periods of low network activity to help you proactively identify vulnerabilities across your organization.
After you have created a scan, you can modify its definitions. For example, you can change what IP addresses are scanned, when the scan is scheduled to run, or the credentials used to log in to host machines.
PCI Scans
Through the Alert Logic console, you can schedule external PCI scans that are required for PCI compliance. You can quickly and easily view the results of those scans in the Alert Logic console, and then work with Alert Logic, as needed, to resolve vulnerabilities and prove compliance to auditors.
Alert Logic External PCI scanning is different from internal and external vulnerability scanning in that it includes a web application heuristic scan in addition to the standard FusionVM scan engine.
For more information, refer to our Scans help documentation and Running External PCI Scans knowledge base article.
Topology Tab
The Topology page displays an interactive diagram that uses color-coded icons to show the distribution of exposures and threats across your network assets. Topology allows you to select regions or assets in order to see details about the item, exposures, and remediations for those exposures.
Comments
0 comments
Please sign in to leave a comment.