The Security Summary report gives you an overview of the traffic and security events for all of your customers during the selected time period. When you search for a specific customer, overview information updates so that it is specific to the customer.
- Navigate to Centralized Reports > Security Summary.
Similar to the Overview report, the primary goal of this report is to allow you to establish a benchmark for what you'd expect to see from your customer base. This lets you identify problems, such as botnet traffic, which would indicate a potential infection.
There are several sortable columns, including:
- Malware Prevented—The number of DNS queries blocked because the domains are believed to be distributing malware.
- Botnet Contained—The number of DNS queries blocked because the domains are believed to be command and control servers used by infected machines to join a botnet. Botnet traffic may indicate that there are infected machines on the customer's network.
- Total Blocked—The total number of blocked queries, including blocks by category settings, destination lists, and other categories.
Sorting by column—the most critical sort—lets you identify customers that are receiving particular value from Umbrella based on the number of threats prevented, or those which might require special attention due to infected machines reaching out to botnet command and control.