The Security Events display insecurity behaviors detected by the device and analyzes users and security events. If you can access the Sangfor Neural-X, you can also see the hot events. The interface is as follows:

Users: An infected user is marked in red, whereas a user likely to be infected is marked in orange.

Security Event: Display Botnet, Malicious URL, Inside Dos Attack, and Virus

Hot Events: Access the Sangfor cloud nerve to get the top 10 security events. If the event occurs, the cloud diagram will turn red, and the user can click to check the details.

Filter: You can filter the type of security event.

Block: You can block a user by entering the username or IP address.

Information List: You can check the exact user and security event here.

Users: Click on the username to enter the user tab. You can see the specific occurrence time, description, data packets, risk information, and details.

Endpoint correlation is also available at Sangfor Endpoint Secure products. After the Endpoint Secure correlation, risky users can be blocked by correlation with Endpoint Secure deepened analysis.

Security Events:

Click the event to link to Security Event Details, and check the data packet, threat information, and details.