We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

This Firmware Version Is End-Of-Support

Documentation for this product is no longer updated. Please see https://campus.barracuda.com/doc/71862301/ for further information on our EoS policy.

Threat Scan Page

  • Last updated on

The Threat Scan page lists all threats that are detected by the Intrusion Prevention System (IPS), the Virus Scanner service, and Advanced Threat Detection (ATD). For information on these features, see: Application Control 2.0. To access the Threat Scan page, open the FIREWALL tab and select the Threat Scan icon.

threat_scan.png

Information Display

The information on the Threat Scan page is listed according to the security features (e.g., IPS, ATD, Virus Scanner service etc...) that are enabled on the Barracuda NG Firewall. The columns display the following details:

  • AID – Displays the application ID.
  • Action – The action performed by the IPS engine.
  • Scan Type – The scan type.
  • Org – The origin of the session.
  • Scan Result – The scan result.
  • IPS Severity – The event severity.
  • IPS Category – The event category.
  • Ref/CVE – Displays the reference.
  • Info – Additional information (for example: IPS Warning).
  • Rule – The affected firewall rule.
  • Affected Operating System – The affected system.
  • Count – Displays the count.
  • Last – The last access time (h/m/s).
  • IP Proto – The IP protocol.
  • Port – The affected port.
  • Service – The affected service.
  • Source – Displays the affected source IP address.
  • Destination – Displays the affected destination IP address.
  • User – The affected user.
  • Interface – The affected interface.
  • MAC – The MAC address of the affected system.
  • Src / Dst NAT – Displays the source / destination NAT address.
  • Output-IF – The output Interface.
  • OutRoute – Displays the routing details.
  • Next Hop – Displays the next hop address.
  • IPS Rule Id – The ID of the IPS rule.
  • URL Category – Displays the URL category.

Status Icons

The status of firewall connections is indicated by the following icons:

New Icon

Old Icon

Description
allow.pngallow_old.pngAllow
block.pngblock_old.pngBlock
fail.pngfail_old.pngFail (audit Log) Warning/Scan (History Threat Scan)
drop.pngdrop_old.pngDrop
select.pngselect_old.pngBox Selected (audit Log)
ips_sev.pngips_sev_old.pngIPS Severity
app1.pngapp1_old.pngThreat Type = App Ctrl
appctrl.pngappctrl_old.pngThreat Type = Virus Scan
ips.pngips_old.pngThreat Type = IPS

Available Filter Options

To create a filter, click the arrow icon next to the Traffic Selection section to expand the dropdown list and select the required checkboxes: 

  • Forward – Displays the traffic on the Forwarding Firewall.
  • Loopback – Traffic over the loopback interface.
  • Local In – Displays the incoming traffic on the box firewall.
  • Local Out – Displays the outgoing traffic from the box firewall.
  • IPv6 – IPv6 traffic.

To define filters for specific properties, click the + icon.

Last updated on