Critical Threat Logs

AppRiver's Web Protection works around the clock to shield your network from all known and suspected malware types that are found in every corner of the internet. But Web Protection now monitors your network from within to ensure that any malware that’s already in your system isn’t trying to send information back to its creator. If Web Protection detects malware attempting to send out information, it will generate a Critical Threat Notification and send it to everyone in your notification list. Threats will also be included in the Web Protection logs.

Designed as an early-warning detection initiative, the notification indicates that Web Protection has identified a Botnet, Key Logger or other malicious program that is attempting to send out information from within your network. In other cases, one of the browsers on your network may have been blocked from reaching a site that contains malware. The notification will list the malicious domain, threat type and the number of times the threat has been blocked prior to the notification.  

In addition to the Critical Threat Notifications, these threats are now included in the Web Protection logs for you to access from the Customer Portal. From the Web Protection tab, just click on Logs. To view the Critical Threat logs, select Critical Threat from the Result drop-down menu. You can then choose Entire Day or select a Date Range or a Time Range from the Date Options. You can also choose if you want the logs to display all of the data or the data for a specific Policy, User or Network. Click the Search button to view your requested logs.

In the logs, you will find information such as the date and time of the attempt, Result, Category, Policy, Type, Source, Network IP and URL. These logs will give you a head-start in tracking down potential weaknesses or dangerous activity on your network.