Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Asset Question Results

SUMMARY Asset results display after you submit a Policy Monitor question. The Risk Score indicates the level of risk that is associated with the question.

The Risk Score calculation is based on the importance factor that is assigned to the question, and the number of results returned for the question.

The following table describes the parameters for asset results:

Table 1: Asset Result Parameters
Parameter Description
IP The IP address of the asset.
Name

The name of the asset, as obtained from the asset profile.

For more information about asset profiles, see the Juniper Secure Analytics Users Guide.

VLAN

The name of the VLAN associated with the asset.

Weight

The weight of the asset, as obtained from the asset profile.

Destination Port(s)

The list of destination ports associated with this asset, in context of the question tests. If multiple ports are associated with this asset and question, this field indicates Multiple and the number of multiple ports. The list of ports is obtained by filtering the connections that are associated with this question to obtain all unique ports where the asset was either the source, destination, or the connection.

Click Multiple (N) to view the connections. This display provides the aggregated connections by port, which is filtered by the asset IP address, and based on the time interval specified in the question.

Protocol(s)

The list of protocols associated with this asset, in context of the question tests. If multiple protocols are associated with this asset and question, this field indicates Multiple and the number of protocols. The list of protocols is obtained by filtering the connections that are associated with this question to obtain all unique protocols where the asset was either the source, destination, or the connection.

Click Multiple (N) to view the Connections. This display provides the aggregated connections by protocol, which is filtered by the asset IP address, and based on the time interval specified in the question.

Flow App(s)

The list of applications associated with this asset, in context of the question tests. If multiple applications are associated with this asset and question, this field indicates Multiple and the number of applications. The list of applications is obtained by filtering the connections that are associated with this question to obtain all unique applications where the asset was either the source, destination, or the connection.

Click Multiple (N) to view the Connections. This display provides the aggregated connections by application, which is filtered by the asset IP address, and based on the time interval specified in the question.

Vuln(s)

The list of vulnerabilities associated with this asset, in context of the question tests. If multiple vulnerabilities are associated with this asset and question, this field indicates Multiple and the number of vulnerabilities.

The list of vulnerabilities is obtained using a list of all vulnerabilities that are compiled from relevant tests and using this list to filter the vulnerabilities detected on this asset. If no vulnerabilities are specified for this question, then all vulnerabilities on the asset are used to compile this list.

Click Multiple (N) to view the Assets. This display provides the aggregated connections by vulnerability, which is filtered by the asset IP address, and based on the time interval specified in the question.

Flow Count

The total flow count associated with this asset, in context of the question tests.

The flow count is determined by filtering the connections that are associated with this question to obtain the flow count total, where asset was either the source, destination, or the connection.

Source(s)

The list of source IP addresses associated with this asset, in context of the question tests. If multiple source IP addresses are associated with this asset and question, this field indicates Multiple and the number of source IP addresses. The list of source IP addresses is obtained by filtering the connections that are associated with this question. The obtained list contains all unique source IP addresses where the asset is the destination of the connection.

Click Multiple (N) to view the Connections. This display provides the aggregated connections by source IP address, which is filtered by the asset IP address based on the time interval that is specified in the question.

Destination(s)

The list of destination IP addresses associated with this asset, in context of the question tests. If multiple destination IP addresses are associated with this asset and question, this field indicates Multiple and the number of destination IP addresses. The list of destination IP addresses is obtained by filtering the connections that are associated with this question. The obtained list contains all unique destination IP addresses where the asset is the source of the connection.

Click Multiple (N) to view the Connections. This display provides the aggregated connections by destination IP address, which is filtered by the asset IP address based on the time interval that is specified in the question.

Flow Source Bytes

The total source bytes associated with this asset, in context of the question test.

The source bytes are determined by filtering the connections that are associated with this question to obtain the source byte total where asset is the source of the connection.

Flow Destination Bytes

The total destination bytes associated with this asset, in context of the question test.

The destination bytes are determined by filtering the connections that are associated with this question to obtain the destination byte total where asset is the destination of the connection.