Navigation
Table of Contents
Guide That Contains This Content
[+] Expand All
[-] Collapse All
Spotlight Connector Session Cookies and Locations
As part of the overall Security Intelligence solution, WebApp Secure sends information on malicious cookies and IP session to Spotlight Connector. WebApp Secure recommends a threat level for the session cookie based on a set of criteria and how malicious the associated attacker is deemed to be. Note that all sessions are not sent to the Spotlight Connector, only malicious items.
- Low threat levels (4-5) incorporate IP addresses and hosts where the threat is not as severe, the malicious activity has not been seen for a long period of time, or there is evidence of both malicious and non-malicious activity on the same host.
- Medium threat (6-7) levels represent a moderate threat and are unlikely to be non-malicious.
- High threat levels (8-10) represent severe threats at a very high level of certainty.
To view session cookies and locations sent to the Spotlight Connector, in the WebApp Secure Web UI, navigate to Juniper Spotlight > Spotlight Connector. There you will find a Session Cookies tab and a Locations tab.
Figure 1: Spotlight Connector Session Cookies
Figure 2: Spotlight Connector Locations
