Cybermap
The cybermap allows the visualization of the origin of the public IP addresses having communicated on the network.
The flows displayed are grouped by public IP address. The volume is therefore the sum total of the incoming and outgoing volume for each flow to this IP address.
Selector
The selector allows you to change the sorting of the IP addresses and the direction of the flows.
The different sorting of IP addresses are as follows:
By threats: The flows will be sorted by decreasing order of danger of the threats represented by the public IP addresses.
By flow volume: IP addresses will be sorted in descending order of the total volume (sum of incoming and outgoing volume) of flows grouped by public IP address.
By flow count: IP addresses will be sorted by flow count to the public IP address.
The flow direction allows you to filter on OUT flows only, IN flows only, or both.
The selection of non-open hours only allows you to retrieve only the flows that have transited during the non-working hours of the device.
Legend
On the map, the icons of the IP address threats are displayed.
If the IP address cannot be represented by an icon, then the flag of the country of origin is displayed.
The location of IP addresses is retrieved from ipdata.
It is possible that the location is only accurate to one country. In this case, the marker will be displayed in the center of the country in question.
If several IP addresses are on the same point on the map, then a flashing cluster with the country flag is displayed. If the cluster contains a qualified threat (e.g. Trojan horse), then the following icon appears:
The color of the flows to each IP address is determined by the directions of the flows:
If the IP address is toxic and at least one flow is OUT, then it will be displayed in red.
If the IP address is toxic and all flows are IN, then it will be displayed in orange.
If the IP address is not toxic, then it will be displayed in green.
Dernière mise à jour
Cet article vous a-t-il été utile ?