Contents

Monitor APT Blocker Activity

After you enable APT Blocker, you can monitor APT Blocker activity from Fireware Web UI on the Subscription Services Dashboard page.

  1. Select DASHBOARD > Subscription Services.
  2. Scroll to the APT Blocker section.

For more information, see Subscription Services.

In Firebox System Manager, the Subscription Services tab shows current Firebox device statistics about APT Blocker activity that occurred after the last device restart.

For more information, see Subscription Services Statistics (Subscription Services).

APT Blocker status information includes these statistics:

  • Scans Performed
  • Prevented objects (files)
  • Notified objects (files)
  • Quarantined objects (files)

Examine APT Threats

If you have enabled logging for APT Blocker, you can find more information about the APT threat in the traffic log messages.

To view information about the APT Blocker threat actions, from Fireware Web UI:

  1. Select Dashboard > Traffic Monitor.
    The Traffic Monitor page appears.
  2. Scroll to find an APT Blocker log message.
  3. Click the APT log message.
    The APT Threat Information dialog box appears.

For more information, see View APT Threat Information.

To look up APT Blocker threat information, from Policy Manager:

  1. Start Firebox System Manager for your device.
  2. Select the Traffic Monitor tab.
  3. Right-click a traffic log message and select Lookup APT Information.

For more information, see View APT Threat Information.

APT Blocker Reports

All reports for APT Blocker are available in WatchGuard Cloud and Dimension.

APT Blocker activity appears in these dashboards and reports:

  • Security Dashboard
  • Executive Summary Report
  • APT Blocker Summary and Detail Reports
  • PCI Compliance Report

For more detailed information on reports and their contents, seeWatchGuard Cloud Device Reports and About Dimension Reports.

Enable APT Blocker Logging for Reports

To make sure APT Blocker activity is logged for reports:

  • Select Enable logging for reports in the proxy policies that use APT Blocker.
  • Select the Log check box when you Configure APT Blocker.

Enable Notifications for APT Blocker

When an APT malware threat is detected, it is very important that you are notified of the event.

To configure APT Blocker notifications:

  1. Select the Alarm check box when you Configure APT Blocker.
  2. Click Notification Settings to configure the types of alerts you want to receive when an APT is detected.

See Also

About APT Blocker

Configure APT Blocker

Give Us Feedback  ●   Get Support  ●   All Product Documentation  ●   Technical Search