Managing hosts in Command Center

Overview

The Hosts view in Command Center enables you to view real time Internet activity of host devices on your networks. You can view additional details of hosts that are protected by Webroot Endpoint Protection or Malwarebytes.

To view additional host details you must configure a connection with the Webroot or Malwarebytes Cloud Management system. See Managing Endpoints Via Malwarebytes Integration and Managing Endpoints via Webroot Integration for more details.

Viewing hosts

To view activities and other details of host devices, click Hosts. The Hosts table appears in the left pane and provides details about each host. 

endpoint-hosts.png

You can hide columns, sort, or filter any of the details by clicking the arrow to the right of each column and choosing an action.

Screen_Shot_2018-11-29_at_10.45.34_AM.png

The available columns for each host include:

  • Appliance
  • Hostname
  • UID
  • Username
  • IP address
  • Mac Address
  • Mac Address vendor
  • Operating System
  • Quota and Quota usage
  • License entitlement
  • Date creation
  • Date updated

Click on a specific host to view additional details.

Summary

By selecting a host, you can view a summary of the host in the Host Details panel at the bottom. The summary includes the same information as the details in the hosts table.

endpoint-summary.png

Endpoint Security details

The Endpoint Security tab shows details related to the endpoint security software including the engine version and when it was last seen on the network. 

For more details and actions, you can click the link at the top of the screen to launch the web console for the corresponding endpoint management system. 

endpoint-details.png

Installed Software

You can see all software installed on the endpoint using the Installed Software tab.

endpoint-installed-software.png

Sessions

At the bottom of the Host Details panel you can click Sessions to view all active sessions from that host. 

Screen_Shot_2019-01-17_at_2.35.10_PM.png

The available details for each session include:

  • Timestamp
  • Protocol
  • Hostname
  • Client Port
  • Server
  • Server Port
  • Server Country
  • End Time
  • License entitlement
  • Bypass
  • Tags

You can hide columns and sort any of the details by clicking the arrow to the right of each column and choosing an action.

Web Events

By clicking Web Events you can view all URLs currently visited by the selected host.

Screen_Shot_2019-01-17_at_2.31.38_PM.png

The available details for each web event include:

  • Timestamp
  • Hostname
  • Client Port
  • Server
  • Server Port
  • Domain
  • Host
  • URI
  • Method
  • Category
  • Blocked
  • Flagged
  • Reason

You can hide columns and sort any of the details by clicking the arrow to the right of each column and choosing an action.

Applications

By clicking Applications you can view all the web applications currently accessing the Internet from the selected host. 

Screen_Shot_2019-01-17_at_2.11.50_PM.png

The available details for each application connection include:

  • Server - The IP address of the remote server.
  • Server Country - The inferred location of the remote server base on IP address.
  • Application - The detected application based on the connection characteristics.
  • Category - The application category.
  • Confidence - A confidence level related to the accuracy of the detection.
  • Details - Identifiable metadata associated with the network traffic.
  • Sent - The amount of transferred data during the connection.
  • Received - The amount of received data during the connection.
  • Total - The total volume of transferred data during the connection.
  • Is Bypassed - Whether the connection was excluded from app management.
  • Is Blocked - Whether the connection was blocked.
  • Is Flagged - Whether the connection was flagged.
  • Tags - Any tags that may be associated with the connection.
Follow
Was this article helpful?
1 out of 1 found this helpful
Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.

Powered by Zendesk