Cisco Cisco FirePOWER Appliance 7120
4-14
FireSIGHT System User Guide
Chapter 4 Using the Context Explorer
Understanding the Context Explorer
Understanding the Security Intelligence Section
License:
Protection
Supported Devices:
Series 3, Virtual, X-Series, ASA FirePOWER
Supported Defense Centers:
Any except DC500
The Security Intelligence section of the Context Explorer contains three interactive bar graphs that
display an overall picture of traffic on your monitored network that is blacklisted or monitored by
Security Intelligence. The graphs sort such traffic by category, source IP address, and destination IP
address, respectively; both the amount of traffic (in kilobytes per second) and the number of applicable
connections appear.
display an overall picture of traffic on your monitored network that is blacklisted or monitored by
Security Intelligence. The graphs sort such traffic by category, source IP address, and destination IP
address, respectively; both the amount of traffic (in kilobytes per second) and the number of applicable
connections appear.
For more information on the graphs in the Security Intelligence section, see the following topics:
•
•
•
Viewing the Security Intelligence Traffic by Category Graph
License:
Protection
Supported Devices:
Series 3, Virtual, X-Series, ASA FirePOWER
Supported Defense Centers:
Any except DC500
The Security Intelligence Traffic by Category graph, in bar form, displays counts of network traffic (in
kilobytes per second) and unique connections for the top Security Intelligence categories of traffic on
your monitored network. For each category listed, blue bars represent traffic data and red bars represent
connection data.
kilobytes per second) and unique connections for the top Security Intelligence categories of traffic on
your monitored network. For each category listed, blue bars represent traffic data and red bars represent
connection data.
Hover your pointer over any part of the graph to view more detailed information. Click any part of the
graph to drill down on that information.
graph to drill down on that information.
Note
If you filter on intrusion event information, the Security Intelligence Traffic by Category graph is hidden.