Suggests about alerts and reports
Hi!
I try using NFA to catch viruses (trojan programs) sending packets on different destinations by port 25 (smtp).
I noticed that to view alert' report in details is very uncomfortable, because I can only see report and nothing more. I haven't possibilty to group information by categories (by source ip, by destination ip, by size). Only thing I can do is to sort by bytes or no of packet.
Also, I wonder why there is not criteria by size of packets in Alert Profile Management. It would be good criteria to set min and max size of packets (in my case viruse sends messages equal 144 bytes).
Thanks for attention.
New to ADSelfService Plus?