Enhancements to the Zyxel Networks Security Router Threat Report

Zyxel_Richard

Enhancements to the Zyxel Networks Security Router Threat Report

Zyxel Networks is committed to continuously improving the security and user experience of our products. In our latest Nebula 17.30 update, we've introduced significant enhancements to the Security Router Threat Report feature, ensuring our users have more intuitive and actionable insights into their network's security posture. Here's an overview of the key updates and how they benefit your security management.

Pie Chart Visualization

Previously, the Threat Report displayed threats detected by category in a ring chart on the main dashboard. With the update to version 17.30, this visualization has evolved into a full pie chart. This new design allows users to hover over any segment of the pie chart to see a pop-up text indicating the threat category and its proportion of the total threats detected. It's important to note that the initial mockup colors were placeholders, with the correct color for ransomware being yellow in the final version.

Consolidated Threat Insights

In the enhanced Threat Report, the sections for threats detected by category and by client have been merged into a single, more streamlined section with two distinct parts. This design change makes it easier to navigate and interpret the data.

Threats Detected by Category

Minor but impactful changes have been made to how threats detected by category are displayed. The updated design now includes hyperlinked categories (indicated by blue text) that users can click to drill down into more detailed information. This click-through functionality reveals a breakdown of the specific websites or IPs associated with each category and, further, the clients that have attempted to access these malicious domains. This layered approach to displaying information addresses feedback that the previous design was not as intuitive as it could be.

Threats Detected by Client

For insights on the client side, the report now offers a detailed view of the top clients attempting to access malicious websites. Clicking on a client name reveals the domains or IPs they have tried to access, providing a clearer picture of the threat landscape from a client perspective.

Enhanced Threat Management Tools

The update also introduces new tools to the Threat Report page, improving the manageability of false positives and suspicious activities. If a website is incorrectly blocked (a false positive), administrators can now easily add it to the exception list directly from the Threat Report. This action moves the domain to the allowed domain list in your threat management settings, ensuring necessary business operations are not inadvertently disrupted.

Furthermore, if a client shows an unusually high number of access attempts to malicious sites in a short period, this could indicate a compromised device. Administrators have the option to apply a block policy to such clients directly from the Threat Report, streamlining the response to potential threats. This blocking action is equivalent to blocking the client on the security router's client page, facilitating consistent security policy enforcement across the network.

Additionally, the ability to block an entire application from the application usage page has been maintained, providing comprehensive control over the applications running on your network.

Conclusion

The enhancements to the Security Router Threat Report in version 17.30 of our firmware represent Zyxel Networks' ongoing commitment to providing top-notch security solutions that are both powerful and user-friendly. By making these improvements, we aim to empower administrators with more intuitive, actionable insights into their network's security, ensuring they can effectively protect their infrastructure against evolving threats.