The Security Events displays insecurity behaviors detected by the device and analysis users and security events. If you have access to the Sangfor Neural-X, you can also see the hot events. The interface is as follows:

Users: The infected user is in red, and the likely infected user is in orange.

Security Event: Display Botnet, Malicious URL, Inside Dos Attack, and Virus.

Hot Events: Access to the Sangfor cloud nerve to get top 10 security events. If the event occurs, the cloud diagram will turn red, and the user can click to check the details.

Filter: You can filter the type of security event.

Block: You can block a user by entering the username or IP address.

Information List: You can check the exact user and security event here.

Users: Click on the username to enter the user tab. You can see the specific occurrence time, description, data packets, risk information, and details.

Endpoint correlation is also available at Sangfor Endpoint Secure products. After the Endpoint Secure correlation, risky users can be blocked by correlation with Endpoint Secure deepened analysis.

Security Events:

Click the Journal to link to Security Event Details, and check the data packet, threat information, and details.