...
...
...
...
| Note |
|---|
To fully use this screen, you must add the following permission to your account:
|
You can use
...
the Health Overview
...
screen to see the overall health status of virtual machines that contain the installed Armor Anywhere agent.
...
| Note |
|---|
If you are a new user, then you may need to install the Armor Anywhere agent in order to receive data to populate this screen. To learn how to install the agent, see Installation. |
The top of
...
the Health Overview
...
screen contains four types of information, displayed in various widgets.
...
Widget | Description |
|---|---|
Overall Health Score | This widget displays an average of |
...
the Protection, |
...
Detection, |
...
and Response |
...
scores.
|
...
Protection This score is based on the stability of the Armor agent and any corresponding subagents. |
...
For more information, see |
...
...
. Detection This score is based on the incoming activity (log activity) of the Armor agent and any corresponding subagents. For more information, see |
...
...
. Response This score is based on the response time for a support ticket between you and Armor. For more information, see |
...
...
Score range | Health status |
|---|---|
| 10 - 8 | Good |
| 7 - 4 | Fair |
| 3 - 1 | Poor |
...
Critical Incidents
This widget displays the number of open or pending support tickets that are considered highly important, security-focused incidents, known as Critical Incidents.
Internally, when Armor Support reviews a support ticket, a support personnel can label the ticket as a Security Incident. These tickets will be given a severity rating (low, medium, high, critical), and then displayed in the Security Incidentsscreen. A Security Incident with a Critical status is also known as a CriticalIncident.
In the Security Incidents screen, you will only see an incident if you are listed as a recipient on the support ticket or if you opened the support ticket.
Armor Support, you, or someone on your account can open a support ticket that can eventually evolve into an incident.
To learn more about the Security Incident screen, see:
...
Logs Parsed (Past 24h)
...
This widget displays the number of logs that Armor has received and analyzed in the past 24 hours.
...
Vulnerabilities
...
.  | |
Vulnerabilities | This widget displays the number of detected vulnerabilities, based on the information from the weekly vulnerabilities report. |
...
|
...
A vulnerability scan takes place every Sunday at 10:00 PM, local server time. After a scan is complete, the corresponding report is added to the |
...
Vulnerability Scanning |
...
screen of the Armor Management Portal (AMP). Additionally, this widget is updated based on the scan. |
...
To learn about the |
...
Vulnerability Scanning |
...
...
| hidden | true |
|---|
Health Overview dashboard
You can use the Health Overview screen to see the overall health status of instances that contain the installed Armor Anywhere agent.
...
screen |
...
, see |
...
| hidden | true |
|---|
...
Overview
The Vulnerabilities widget in the Security Dashboard graphically displays detected vulnerabilities from the weekly vulnerabilities report.
...
...
Understand Vulnerability data
The widget displays and organizes the detected vulnerabilities based on the severity of the vulnerability.
| Note |
|---|
You can hover over a severity level to review the pop-up message. This message explains the range of the CVSS score used to determine the vulnerability's severity level. |
You can click a specific vulnerability severity, and you will be redirected to the Scan Details screen with the table already filtered to the severity you selected.
| Note |
|---|
The Aggregate CVSS Score is the total CVSS score for each vulnerability, multiplied by the number of hosts. You can use this score to determine how your security risks increase (or decrease) from week to week. |
...
. |
...
Security Incidents |
...
Overview
...
| hidden | true |
|---|
Service Health
Overview
This widget displays the security status of instances that contain the installed agent. (The status of the agent determines the status of the corresponding instance.)
| Note |
|---|
Instances without an installed agent are not included in this widget; however, these instances are still displayed in the Virtual Machines screen as Unprotected. |
In the widget, you can click a specific status (Needs Attention or OK), and you will be redirected to the Virtual Machines screen with the table filtered to the selected status.
| Note |
|---|
The overall status of your agent is based on the status of the agent's subcomponents: Malware Protection, FIM, and Patching. Your agent's status is based on the worst status of the subcomponents. |
...
| hidden | true |
|---|
Health Overview
You can use the Health Overview screen to see the overall health status of instances that contain the installed Armor Anywhere agent.
| Note |
|---|
If you a new user, then you may need to install the Armor Anywhere agent in order to receive data to populate this screen. To learn how to install the agent, see Installation. |
The top of the Health Overview screen contains four types of information, displayed in various widgets.
...
This widget displays an average of the Protection, Detection, and Response scores.
- Protection
- This score focuses on the stability of the Armor Anywhere agent and the corresponding subagents.
- For more information, see ANYWHERE Protection Dashboard.
- Detection
- This score focuses on the incoming activity of the Armor Anywhere agent and the corresponding subagents
- For more information, see ANYWHERE Detection Dashboard.
- Response
- This score focuses on the time between responses for a support ticket.
- For more information, see ANYWHERE Response Dashboard.
| Score range | Health status |
|---|---|
| 10 - 8 | Good |
| 7 - 4 | Fair |
| 3 - 1 | Poor |
...
Total | This widget displays the number of open or pending support tickets that are considered highly important, security-focused incidents, known as Critical |
...
Incidents. |
...
Internally, when Armor Support reviews a support ticket, |
...
a support personnel can label the ticket as |
...
a Security Incident. These tickets will be given a severity rating (low, medium, high, critical), and then displayed in the Security Incidents screen. A Security Incident with a Critical status is also known as a Critical Incident. In the Security Incidents screen, you will only see an incident if you are listed as a recipient on the support ticket or if you opened the support ticket. |
...
Armor Support, you, or someone on your account can open a support ticket that can eventually evolve into an incident. To learn more about |
...
the Security |
...
Incidents screen, see Incidents. Under Security Alerts Needing Attention, you can click a specific incident, |
...
and then you will be redirected to |
...
the Security Incident |
...
screen with the table already filtered. | |
Logs Parsed (Past 24h) | This widget displays the number of logs that Armor has received and analyzed in the past 24 hours |
...
For Armor Complete users, these logs are collected by the Armor agent.
...
. |
...
This widget displays the number of detected vulnerabilities from the weekly vulnerabilities report.
A vulnerability scanning takes place every Sunday at 10:00 PM, local server time. After a scan is complete, the Armor Management Portal (AMP) will update with a new report in the Vulnerability Scanning screen, as well as update the widget.
| Note |
|---|
To learn about the Vulnerability Scanning screen, see ANYWHERE Vulnerability Scanning. |
...
| hidden | true |
|---|
Overview
The Security Dashboard in the Armor Management Portal (AMP) displays the various statuses of your servers:
- Green indicates a server in a Secured status.
- Yellow indicates a server in a Warning status.
- Red indicates a server in a Critical status.
...
The overall status of your server is based on the individual status of your server's subcomponents. Your server contains three subcomponents:
- Malware Protection
- FIM
- Patching
Armor reviews the status of your three subcomponents and labels your server based on the status of your most critical subcomponent.
For example, if Malware Protection and FIM are both in a Secured status, but Patching is in a Critical status, then overall, your server is labeled as Critical.
In another example, if Malware Protection is in a Critical status, FIM is in a Warning status, and Patching is in a Secured status, then overall, your server is labeled as Critical.
...
Troubleshoot Malware Protection
...
Troubleshoot FIM
...