Project

General

Profile

Actions

Feature #7621

open

Reporting of post-hoc events detected by FTAS (and other)

Added by Radko Krkoš over 1 year ago. Updated about 1 month ago.

Status:
New
Priority:
High
Assignee:
-
Category:
Design
Target version:
Start date:
01/04/2023
Due date:
% Done:

0%

Estimated time:
To be discussed:
No

Description

The Flow Traffic Analysis System (FTAS) routinely reports incidents that were prevented by automated measures. The prevention mechanism is generally a blocking of specific flows. The affected users should therefore be notified of the blocking and the characteristics of the prevented traffic. IDEA events sent by FTAS do contain the required information and can be transformed into such reports. Automatic way is preferable to the current state - personal warnings by FTAS administrators.
These reports must be distinguished from the existing ones, as they differ in two aspects:
- The recipient is a target of an attack,
- The reports are mostly informative, no action is expected of the recipient.

Actions #1

Updated by Pavel Kácha about 1 month ago

  • Priority changed from Normal to High
Actions

Also available in: Atom PDF