Administration Portal Help Center Product Info Getting Started FAQs Release Notes
 
Product Info
Getting Started
FAQs
Release Notes
Table Of Contents  

Command and Control Servers Overview

C&C and GeoIP filtering feeds are only available with a premium license. For information on licensed features, see Sky ATP Licensing.

This page lists information on C&C servers that have attempted to contact and compromise hosts on your network. A C&C server is a centralized computer that issues commands to botnets (compromised networks of computers) and receives reports back from them. Botnets can be used to gather sensitive information, such as account numbers or credit card information, or to participate in a distributed denial-of-service (DDoS) attack.

When a host on your network tries to initiate contact with a possible C&C server on the Internet, the SRX Series device can intercept the traffic and perform an enforcement action based on real-time feed information from Sky Advanced Threat Prevention that identifies the C&C server IP address and URL.

Export Data—Click the Export button to download C&C data to a CSV file. You are prompted to narrow the data download to a selected time-frame.

The following information is available on this page.

Table 9: Command & Control Server Data Fields

Field

Definition

C&C Server

The IP address of the suspected Command and Control server.

C&C Threat Level

The threat level of the C&C server as determined by an analysis of actions and behaviors.

Hits

The number of times the C&C server has attempted to contact hosts on your network.

C&C Country

The country where the C&C server is located.

Last Seen

The date and time of the most recent C&C server hit.

Protocol

The protocol (TCP or UDP) the C&C server used to attempt communication.

Client Host

The IP address of the host the C&C server attempted to communicate with.

Action

Te action taken on the communication (permitted or blocked).

Related Documentation

Help us to improve. Rate this article.
Feedback Received. Thank You!

Ask questions in TechWiki

Check documentation in TechLibrary

Rating by you:          
X

Additional Comments

800 characters remaining

May we contact you if necessary?

Name:
Email:

Need product assistance? Contact Juniper Support

Submit