Device and Rule Question Results
SUMMARY Device and rule results display after you submit a Policy Monitor question. The Risk Score displayed indicates the level of risk that is associated with the question.
The Risk Score calculation is based on the importance factor that is assigned to the question, and the number of results returned for the question.
The following table describes the parameters for devices and rules results.
Parameter | Description |
---|---|
Device IP | The IP address of the device. |
Device Name | The name of the device, as obtained from the configuration monitor. |
Device Type |
The type of device, as obtained from the asset profile. For more information about asset profiles, see the Juniper Secure Analytics Users Guide. |
List | The name of the rule from the device. |
Entry | The entry number of the rule. |
Action | The action associated with the relevant rule from the device. The options are permit, deny, or NA. |
Source(s) |
The source network associated with this asset. Sources with a hyperlink indicate an object group reference. Click the link to view detailed information about one or more object group references. |
Source Service(s) | The source ports and the comparison that is associated with the relevant rule from the device are shown in the following format: <comparison>:<port> Where <comparison>might include one of the following options: eq - Equal ne - Not equal lt - Less than gt - Greater than For example, if the parameter indicates ne:80, any port other than 80 applies this source service. If the parameter indicates lt:80, the range of applicable ports is 0 - 79. This parameter displays the source port for the device rule. If no port exists for this device rule, the term NA is displayed. Source services with a hyperlink indicate an object group reference. Click the link to view detailed information about one or more object group references. |
Destination(s) |
The destination network associated with the relevant rule from the device. Destinations with a hyperlink indicate an object group reference. Click the link to view detailed information about one or more object group references. |
Destination Service(s) | The destination ports and the comparison that is associated with the relevant rule from the device is displayed in the following format: <comparison>:<port> Where <comparison>might include one of the following options: eq - Equal ne - Not equal lt - Less than gt - Greater than For example, if the parameter indicates ne:80, any port other than 80 applies to this destination service. If the parameter indicates lt:80, the range of applicable ports is 0 - 79. This parameter displays the destination port for the device rule. If no port exists for this device rule, the term NA is displayed. Destination services with a hyperlink indicate an object group reference. Click the link to view detailed information about one or more object group references . |
User(s)Group(s) |
The users or groups that are associated with the relevant rule from the device. |
Protocol(s) | The protocol or group of protocols that are associated with the relevant rule from the device. |
Signature(s) | The signature for this device, which is only displayed for a device rule on an IP device. |
Applications |
The applications that are associated with the relevant rule from the device. |