Previous Topic

Next Topic

Book Contents

Book Index

Security Templates

Security templates capture failed login activity and user/IP lockout activity on MOVEit DMZ and Ipswitch Analytics to help you locate suspicious activity (defined as an excessive number of failed access attempts).

Note: Only Administrator and System Administrators can access Security templates.

Template Name

Description

Summary or Detailed

Fields

Excessive Failed Login Summary by IP

Shows the number of login failures for each IP.

Summary

Server
IP
Login Failure Count

Excessive Failed Login Summary by User

Shows the number of login failures for each user.

Summary

Server
Username
Login Failure Count

Failed Login Details

Shows detailed information about users' failed login attempts, including a status message that provides additional information.

Detailed

Server
Username
Timestamp
IP
Status Message

Lockout Details

Shows user lockouts and reactivations, and IP lockouts and unlocks.

Detailed

Server
Username
IP
Target
Lockout Action
Timestamp

DLP Violations Allowed and Blocked

Includes Data Loss Prevention (DLP) violations and files and packages that were scanned and subsequently allowed into the MOVEit system..

Note: Before you can run the DLP Violations Blocked and Allowed report, you must be scanning for incoming files on MOVEit DMZ or Central, and have a DLP scanner configured properly. See The MOVEit DMZ Administrator's Guide for more information.

Detailed

Organization
Username
Target
Status Message
Timestamp
IP

DLP Violations Blocked

Includes both anti-virus (AV) detections and Data Loss Prevention (DLP) violations.

Note: Before you can run the DLP Violations Blocked report, you must be scanning for incoming files on MOVEit DMZ or Central, and have a DLP scanner configured properly. See The MOVEit DMZ Administrator's Guide for more information.

Detailed

Organization
Username
Target
Status Message
Timestamp
IP