Maps¶

Geo Map page lays out hosts in a geographic map to give visual insights into the geographical locations of seen hosts
The Host Map, clusters the active hosts to quickly identify outliers
Analysis Maps, used to analyse the network and find possible misconfiguration/intruders

Geo Map¶

The Hosts Geo Map page provides world map where hosts are arranged according to their geographical position. Geolocation must be enabled.

The Hosts Geo Map Summary Page

Host Map¶

The page shows a bubble chart with visual data clustering, according to a selectable criteria. Anomalies can be easily spotted by looking at the groups which are distant from the others.

The Hosts Map page

Analysis Maps¶

These maps are accessible from the Analysis entry and there are a total of 3 types of Analysis Maps:

Service Map
Periodicity Map
Asset Map

Service Map¶

Service Map

The Service Map contains all the services inside a local network. Only local hosts are shown here. Both Periodicity Map (below) and Service Map have a table format, available by clicking the second icon, starting from the left. A detailed article describing the Service Map Page.

Service Map Table

Note

Service Map is available only with Enterprise L license

Periodicity Map¶

Periodicity Map

The Periodicity Map contains the periodic flows of a network, with all the related information, including the frequency, the observation number and so on. A detailed article describing the Periodicity Map Page.

Note

Periodicity Map is available only with Enterprise L license

Asset Map¶

Asset Map

The Asset Map is a map containing information about services active in a network (e.g. hosts acting as DNS servers).

The services currently supported are:

DNS Server

SMTP Server

NTP Server

POP Server

IMAP Server

A detailed article describing the Asset Map Page.

Note

Asset Map is available only with Enterprise L license