A default collection of widgets is provided for Kaspersky NGFW, OSMP, and KUMA, grouped into separate layouts based on security functions of Kaspersky NGFW. The widgets display network security data analytics based on custom events received from Kaspersky NGFW. For details about layouts and widgets, see the Kaspersky Symphony XDR: Open Single Management Platform Help and the KUMA Help.
[OOTB] NGFW Aggregated Dashboards
The [OOTB] NGFW Aggregated Dashboards layout contains the following default widgets with general analytics for Kaspersky NGFW protection functions:
NGFW. Firewall Sessions & Actions – the count of different types of actions applied in security rules for which logging is enabled.
NGFW. DNS Security Sessions & Actions – the number of actions of different types applied in DNS Security profiles for which logging is enabled.
NGFW. Web Control Sessions & Actions – the number of actions of different types applied in Web Control profiles for which logging is enabled.
NGFW. IDPS Sessions & Actions – the number of actions of different types applied in IDPS profiles for which logging is enabled.
NGFW. Anti-Virus Sessions & Actions – the number of actions of different types applied in Anti-Virus profiles for which logging is enabled.
[OOTB] NGFW IDPS & File Web Antivirus
The [OOTB] NGFW IDPS & File Web Antivirus layout contains the following default widgets with analytics for IDPS and File Anti-Virus profiles:
IDPS profile widgets:
NGFW. IDPS. Top 5 Threats Name – five threats most frequently detected by IDPS profiles.
NGFW. IDPS. Top-5 MITRE Tactics & Techniques – five tactics and techniques of the MITRE ATT&CK matrix most frequently detected by IDPS profiles.
NGFW. IDPS. Top 5 Threats Type – five threat types most frequently detected by IDPS profiles.
NGFW. IDPS. Top-5 Destination IP Addresses by Blocked Traffic – five destination IP addresses with the greatest volume of traffic blocked by IDPS profiles.
NGFW. IDPS. Top-5 Source IP Addresses by Blocked Traffic – five source IP addresses with the greatest volume of traffic blocked by IDPS profiles.
File Anti-Virus profile widgets:
NGFW. File Antivirus. Top 5 Threats Name – five threats most frequently detected by IDPS profiles.
NGFW. File Antivirus. Top-5 Destination IP Addresses by Blocked Traffic – five destination IP addresses with the greatest volume of traffic blocked by Anti-Virus profiles.
NGFW. File Antivirus. Top-5 Source IP Addresses by Blocked Traffic – five source IP addresses with the greatest volume of traffic blocked by Anti-Virus profiles.
[OOTB] NGFW DNS Security
The [OOTB] NGFW DNS Security layout contains the following default widgets with analytics for DNS Security profiles:
NGFW. DNS Security. Top-5 Threats Types for Blocked Addresses – five most common threat types from IP addresses blocked by DNS Security profiles.
NGFW. DNS Security. Top-5 Threats Types for Redirected Addresses – five most common threat types from IP addresses redirected by DNS Security profiles.
NGFW. DNS Security. Top-5 Source IP Addresses by Blocked Traffic – five source IP addresses with the greatest volume of traffic blocked by DNS Security profiles.
NGFW. DNS Security. Top-5 Redirected Hostnames – five domains most frequently redirected by DNS Security profiles.
NGFW. DNS Security. Top-5 Destination IP Addresses by Blocked Traffic – five destination IP addresses with the greatest volume of traffic blocked by DNS Security profiles.
NGFW. DNS Security. Top-5 Source IP Addresses by Redirected Traffic – five source IP addresses most frequently redirected by DNS Security profiles.
NGFW. Web Control. Top-5 Categories of Sites by action "Show Warning page" – five categories of websites for which a warning from Web Control profiles was most frequently displayed.
NGFW. Web Control. Top-5 Categories of Sites by action "Show Blocking page" – five categories of websites for which the blocking page from Web Control profiles was most frequently displayed.
NGFW. Web Control. Top-5 Source IP Addresses by action "Show Warning page" – five categories of source IP addresses for which a warning from Web Control profiles was most frequently displayed.
NGFW. Web Control. Top-5 Source IP Addresses by action "Show Block page" – five categories of source IP addresses for which the blocking page from Web Control profiles was most frequently displayed.
Web Anti-Virus profile widgets:
NGFW. URL Reputation Checker. Top 5 Web Categories for Blocked URLs – five web URL categories most frequently blocked by Web Anti-Virus profiles.
NGFW. URL Reputation Checker. Top-5 Destination IP Addresses by Blocked Traffic – five destination IP addresses with the greatest volume of traffic blocked by Web Anti-Virus profiles.
[OOTB] NGFW Firewall
The [OOTB] NGFW Firewall layout contains the following default widgets with analytics on firewall security rules:
NGFW. Top-5 Application Services by Sessions – five most used application services by the number of sessions.
NGFW. Top-5 Application Services by Traffic, MB – five most used application services by traffic volume, in MB.
NGFW. Top-5 Application Protocols by Sessions – five most used application protocols by number of sessions.
NGFW. Top-5 Application Protocols by Traffic, MB – five most used application protocols by traffic volume, in MB.
NGFW. Top-5 Client Applications by Sessions – five most used client applications by number of sessions.
NGFW. Top-5 Client Applications by Traffic, MB – five most used client applications by traffic volume, in MB.
NGFW. Top-5 Source IP by Traffic, MB – five source IP addresses with the highest traffic volume, in MB.
NGFW. Top-5 Destination IP by Traffic, MB – five destination IP addresses with the highest traffic volume, in MB.
NGFW. Top-5 Web Sites by Sessions – five domains with the greatest number of sessions.
NGFW. Top-5 Web Sites by Traffic, MB – five domains with the highest traffic volume, in MB.