The Breach Awareness page displays intrusion events that are detected by the intrusion
prevention system (IPS) and the details of the intrusion events.
Prerequisites
The
Breach Awareness page displays the detected intrusion events only after you enable Internet Firewall.
For information about how to enable Internet Firewall, see
Enable firewalls.
Procedure
- Log on to the Cloud Firewall console.
- In the left-side navigation pane, choose .
- On the Breach Awareness page, view the details of intrusion events.

On the
Breach Awareness page, you can perform the following operations based on your business requirements:
- View the intrusion event list
In the intrusion event list, view the information such as risk levels, the UIDs and
IP addresses of affected assets, and event status.
- Search for intrusion events
Specify the filter conditions or enter search conditions in the search box above the
intrusion event list, and click Search to search for intrusion events. The filter conditions include risk levels, event
types, event status, and detection time range. The search conditions include instance
IP addresses, instance IDs, instance names, and UIDs. Fuzzy match is supported.
- Ignore intrusion events
In the intrusion event list, find an intrusion event that is considered as a normal
event and click Ignore in the Actions column to ignore the intrusion event.
Note After you ignore an intrusion event, the intrusion event is removed from the intrusion event list,
and Cloud Firewall no longer generates alerts for this event.
- View the details of an intrusion event
In the intrusion event list, find an intrusion event whose details you want to view
and click View Details in the Actions column. In the Details panel, view the details of the intrusion event and the security
suggestions.
Note The Block feature does not take effect on a single event. If you click Block, the intrusion prevention feature provided by Cloud Firewall is enabled.