The Traffic Blocked by IPS page displays real-time data of traffic blocked by the intrusion prevention system (IPS) of Cloud Firewall. The data includes source locations, destination IP addresses, and applications of the traffic, IPS modules used to block the traffic, and the traffic blocking event details. This topic describes data that is displayed on the Traffic Blocked by IPS page and the operations that you can perform on this page.
Internet Traffic Blocking
The Internet Traffic Blocking tab contains the following sections:
- The Most Blocked Source Locations section displays the source and destination locations of inbound and outbound traffic blocked by the Cloud Firewall IPS.
- The Blocked Destination IP Addresses section displays the destination IP addresses of inbound or outbound traffic blocked
by the Cloud Firewall IPS.
If you want to view details about a blocked destination IP address, click the View Logs icon to go to the Log Audit page. In the log list, you can view the destination port and application of the IP address, and the actions that you can perform on the IP address.
- The Blocked Applications section displays the top five applications whose inbound and outbound traffic is blocked by the Cloud Firewall IPS.
- The Blocking Criteria section displays the percentage of traffic blocked by each IPS module.
- The Detailed Data section displays details about each traffic blocking event, including the risk level,
number of times the event occurred, source IP address, and destination IP address.
In the Detailed Data section, you can perform the following operations:
- Search for events based on the risk level, module, traffic direction, or time range.
- Click View Details in the Action column to check details about a traffic blocking event.