Reputation and IP Monitoring¶
The source and destination of the traffic (LAN IP/WAN IP) allow different actions to facilitate a more comprehensive analysis of the origin and destination of the traffic passing through our network. To do this, we must go to the data table and place the mouse over one of the values found there. To the right of it, a triangular icon pointing downwards will appear. By clicking it, the known menu will expand, which also contains the options we will see below.
Create Object¶
This option allows you to put a name and/or description that helps to identify an item more quickly and easily. For example, if we know the machine associated with a particular IP address, this option allows you to change its name to facilitate its recognition.
Renaming an IP, creating a network object
External sources¶
We also find the option to consult external sources to help us identify the location and reputation of the consulted IPs.
- Whois.sc
IP Reputation, Whois.sc
Basic Source Search¶
It is possible to get a complete summary of the information associated with the consulted IPs. By selecting this option, a popup window will appear with two tabs:
- Whois: shows the result of the Manager's query to whois, and from where it is obtained. It also shows, among other information, who owns that IP, reputation, etc.
- DNS: the Manager performs a reverse resolution that allows us to know the DNS associated with the consulted IP.
IP Reputation, Basic Source Search