Here's a quick guide to help you set up your very own LANGuardian Security Dashboard. This groups all of the important security reports in one place making it easy for you to protect your network.
The following is just a loose guide of course, you may want to add your own custom
reports, focus only on the internal/external traffic or indeed just the
The maximum number of dashboards you can have on LANGuardian at any one time is 5. If you only have 4, great, if you already have 5 in place then you may need to double up with another dashboard.
To create your new Dashboard ::
Log on to you LANGuardian system and click on the Pencil at the right of the dashboard bar and select Edit.
Enter the name of your new Dashboard or Edit an existing one
(if you already have the 5) and click Save.
All of the reports mentioned below come standard with LANGuardian bar the Ransomware ones which you can find some help with here in a previous Tips Email.
To add these reports to your newly created dashboard simply click on the pencil again to edit it and in the white space start typing the names of the reports you want added.
Add in all the reports, you can spread them out over multiple columns, and click save.
Suggested Security Reports :
- Top Network Events :: Shows the most active IDS events logged over previous hour. These events may need some housekeeping on your side to filter out false positives.
- Inbound TCP Connections :: Shows traffic patterns where the source IP address is outside of your LAN subnets. This report is great for finding suspicious inbound connections into your network.
- Outbound TCP Connections :: Shows activity where a system on your network is connecting to outside of your LAN subnets.
- Network Scanners :: Shows any IP addresses that are creating lots of connections to other hosts.
- Network Scanners by Port :: This expands on Network Scanners by reporting on the port number associated with the scanning.
- Top Proxy Clients :: Shows a list of the most active clients downloading\uploading via proxy servers. While it may not be a typical security type report it is still useful for watching out for clients who may be uploading large volumes of data from your network.
- Rate of File Renames Trend :: This graph shows activity associated with file renames on network shares. It is useful for watching out for Ransomware type activity. An alert can also be configured if it goes above a certain value.
- No. of Renames for the last 24 hrs :: This Custom report show the machines that are performing the most ‘events/renames’ over a certain time period. Great to quickly pinpoint an infected machine.
This new Security Dashboard should give you an excellent base on which to fully customize your LANGuardian system.
This post was put together using screenshots from our
upcoming new release (v14). If you would like to be upgraded to this version,
have any questions or issues regarding this Tips Email or indeed any aspect of
your LANGuardian system then please contact us here at firstname.lastname@example.org.
Be the first to post a reply!