It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Login Sign Up Contact & Support

United States – English (GMT-5)

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Email Security Gateway

Domain Fraud Protection

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Cloud Security Guardian

Load Balancer ADC

Vulnerability Manager

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

Reporting Server

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Web Security Agent

Firewall Policy Manager

Cloud-to-Cloud Backup

RMM (Managed Workplace)

Managed Security Awareness Training (Managed Phishline)

Intronis Backup (ECHOplatform)

MSP Knowledge Base

Site Security Scanner

MSP – Partner Enablement

NextGen Firewall X

Server Backup (Yosemite)

Campus Help Center / Reference

Network Security

Support Services

Barracuda Impersonation Protection
formerly Sentinel

Overview Documentation Training Materials

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Email Security Gateway

Domain Fraud Protection

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Cloud Security Guardian

Load Balancer ADC

Vulnerability Manager

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

Reporting Server

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Web Security Agent

Firewall Policy Manager

Cloud-to-Cloud Backup

RMM (Managed Workplace)

Managed Security Awareness Training (Managed Phishline)

Intronis Backup (ECHOplatform)

MSP Knowledge Base

Site Security Scanner

MSP – Partner Enablement

NextGen Firewall X

Server Backup (Yosemite)

Campus Help Center / Reference

Network Security

Support Services

Login Sign Up Contact & Support

United States – English (GMT-5)

Suspicious Sign Ins

Last updated on 2021-12-03 14:09:02

For important information about suspicious sign-in data and your environment, refer to Getting Started.

Before You Begin

Before Impersonation Protection can collect sign-in data, you must turn on the Microsoft audit log search. To turn on Microsoft audit log search, read and follow Microsoft's instructions.

Viewing Suspicious Sign Ins

To view suspicious sign ins:

Log into Impersonation Protection at https://sentinel.barracudanetworks.com/signin.
Click the menu button in the top left corner and select Account Takeover Protection. Then select the Sign Ins tab.
You can search for an email or account or view sign ins in a list by country or in a map. To view a suspicious sign in, click View or click a spot on the map.
The following information about suspicious activity displays for the account:
- Date – Date and time of sign-in
- Account – Account in your organization that was affected
- IP of sign in – IP origin of the sign in
- User Agent – Method used to access the account
- Location – Country origin of the sign in
- Status – Whether the hacker's login attempt was a success or a failure.

Click View Related Sign Ins to see related sign ins for that account.

Note that sign-in information is kept for 30 days. Related sign ins over 30 days are not visible.

Previous Article Next Article