Maps

  • Geo Map page lays out hosts in a geographic map to give visual insights into the geographical locations of seen hosts
  • The Host Map, clusters the active hosts to quickly identify outliers
  • Analysis Maps, used to analyse the network and find possible misconfiguration/intruders

Geo Map

The Hosts Geo Map page provides world map where hosts are arranged according to their geographical position. Geolocation must be enabled.

Geo Map

The Hosts Geo Map Summary Page

Host Map

The page shows a bubble chart with visual data clustering, according to a selectable criteria. Anomalies can be easily spotted by looking at the groups which are distant from the others.

Hosts Map

The Hosts Map page

Analysis Maps

These maps are accessible from the Analysis entry and there are a total of 3 types of Analysis Maps:

  • Service Map
  • Periodicity Map
  • Asset Map

Service Map

Service Map

Service Map

The Service Map contains all the services inside a local network. Only local hosts are shown here. Both Periodicity Map (below) and Service Map have a table format, available by clicking the second icon, starting from the left. A detailed article describing the Service Map Page.

Service Map Table

Service Map Table

Note

Service Map is available only with Enterprise L license

Periodicity Map

Periodicity Map

Periodicity Map

The Periodicity Map contains the periodic flows of a network, with all the related information, including the frequency, the observation number and so on. A detailed article describing the Periodicity Map Page.

Note

Periodicity Map is available only with Enterprise L license

Asset Map

Asset Map

Asset Map

The Asset Map contains the asset available in a network and flows flowing towards them; the current Assets available are:
  • DNS Server
  • SMTP Server
  • NTP Server
  • POP Server
  • IMAP Server

A detailed article describing the Asset Map Page.

Note

Asset Map is available only with Enterprise L license