Guide
TrainingSupportCommunity

FTP security reports

Suggest Edits

The reports on this page display a list of Good/Bad access attempts to NetStorage storage group(s) that have occurred over the past 7 days, based on the password values used.

📘

Data may appear at a latency of 5-6 hours after activity.

The FTP Security reports dashboard uses specific parameters as metrics and dimensions. Use these metrics to help manage data in your reports.

Access these reports in Control Center

  1. Select the appropriate Control Center Account. Use the top-right pull-down in the header to select the account.
  2. Open the application. Go to > ORIGIN SERVICES > NetStorage > Reports, and then select NetStorage - Reports > FTP Security from the menu.
  3. Pick a "tab" to review desired reports data.

Customize NetStorage FTP security reports

  1. Calendar. Select the calendar icon to choose the timezone and predefined date, and time ranging from the last 24 hours to a month for which you wish to view data. The calendar opens for a default period of a day. You can customize it as follows:
    • Query a report for pre-defined durations such as, a day, week, or month.
    • Configure report for a period in which data has been available for its metrics and dimensions, the maximum time for which is 60 days.
  2. Filters. Optionally, you can limit the entries displayed by manually inputting geographic locations from which the requests originated. Separate each individual entry with a comma (",") or a semicolon (";").

The Login Details tab

This tab provides information on login details for all users.

The "Login Summary" widget in the Login Details tab

About the available widgets

Login Summary

  • User. The user account used to access your storage groups during the specified time period, using the selected protocol. Click the filter icon that appears on a hover over each user name entry to restrict data on the page to that user name alone.

  • Status This column is comprised of color-coded entries pertaining to the severity of the login attempt(s) performed by the user account, during the specified time range:

    • Green. All login attempts made were permitted, with no issues.
    • Yellow. "Warning" - Status Code(s) issued that resulted in blocking some login attempts. However, others were permitted, with no issues.
    • Red. "Error" - A login attempt performed by the account that raised a high-level error (e.g., a Brute Force Attack (BFA) was attempted by the account).

📘

A mouseover on the question mark icon beside the colored entry provides additional details on user login attempts.

  • Reason. A description detailing why a specific status applies to the user account. A mouse over on the question mark suggests actions that can be taken to avoid additional issues.

Login Details

  • IP. Client IP address.
  • Country. Extracted by mapping the user's IP address to their location.
  • Region. Extracted by mapping the user's IP address to their location.
  • City. Extracted by mapping the user's IP address to their location.
  • Protocol. The protocol used to request access to a NetStorage storage group -- FTP.
  • Successful Attempts. Total number of times the account was granted access using a correct password.
  • Bad Passwords. Total number of times an incorrect password was used, after enforcement of Brute Force Attack Detection (BFAD), and lockdown of account. Access was still denied.
  • Bad Passwords after BFAD Lockdown. Total number of times an incorrect password was used, after enforcement of Brute Force Attack Detection (BFAD), and lockdown of account. Access was still denied.
  • Good Passwords after BFAD Lockdown. Total number of times a correct password was used, after enforcement of Brute Force Attack Detection (BFAD), and lockdown of account. Access was still denied.
  • ACL Denials for Bad Password. Bad passwords blocked due to IP/GEO ACL violations.
  • ACL Denials For Good Password. Good passwords blocked due to IP/Geo ACL violations.

The Good IP tab

List individual IP addresses that successfully accessed a storage group, using a known user account. This section focuses on successful attempts, using the proper password.

The "Login Summary" widget in the Good IP tab

About the available widgets

Login Summary

  • User. The user account used to access your storage groups during the specified time period, using the selected protocol. Click the filter icon that appears on a hover over each user name entry to restrict data on the page to that user name alone.
  • Status This column is comprised of color-coded entries pertaining to the severity of the login attempt(s) performed by the user account, during the specified time range:
    • Green. All login attempts made were permitted, with no issues.
    • Yellow. "Warning" - Status Code(s) issued that resulted in blocking some login attempts. However, others were permitted, with no issues.
    • Red. "Error" - A login attempt performed by the account that raised a high-level error (e.g., a Brute Force Attack (BFA) was attempted by the account).

Good IP

  • IP. Client IP address.
  • Country. Extracted by mapping the user's IP address to their location.
  • Region. Extracted by mapping the user's IP address to their location.
  • City. Extracted by mapping the user's IP address to their location.
  • Failed Attempts. Total number of times the account was not granted access due to an incorrect password.
  • Good Passwords after BFAD Lockdown. Total number of times a correct password was used, after enforcement of Brute Force Attack Detection (BFAD), and lockdown of account. Access was still denied.
  • Successful Attempts. Total number of times the account was granted access using a correct password.

The Bad IP tab

List individual IP addresses that unsuccessfully attempted to access a storage group, using a known user account. This section focuses on blocked attempts due to the use of an incorrect password.

The "Login Summary" widget in the Bad IP tab

About the available widgets

Login Summary

  • User. The user account used to access your storage groups during the specified time period, using the selected protocol. Click the filter icon that appears on a hover over each user name entry to restrict data on the page to that user name alone.

  • Status This column is comprised of color-coded entries pertaining to the severity of the login attempt(s) performed by the user account, during the specified time range:

    • Green. All login attempts made were permitted, with no issues.
    • Yellow. "Warning" - Status Code(s) issued that resulted in blocking some login attempts. However, others were permitted, with no issues.
    • Red. "Error" - A login attempt performed by the account that raised a high-level error (e.g., a Brute Force Attack (BFA) was attempted by the account).

Bad IP

  • IP. Client IP address.
  • Country. Extracted by mapping the user's IP address to their location.
  • Region. Extracted by mapping the user's IP address to their location.
  • City. Extracted by mapping the user's IP address to their location.
  • Failed Attempts. Total number of times the account was not granted access due to an incorrect password.
  • Good Passwords after BFAD Lockdown. Total number of times a correct password was used, after enforcement of Brute Force Attack Detection (BFAD), and lockdown of account. Access was still denied.
  • Successful Attempts. Total number of times the account was granted access using a correct password.

The Good GEO tab

List successful access attempts per country ("GEO"), using a known user account.

The "Login Summary" widget in the Good GEO tab

About the available widgets

Login Summary

  • User. The user account used to access your storage groups during the specified time period, using the selected protocol. Click the filter icon that appears on a hover over each user name entry to restrict data on the page to that user name alone.

  • Status This column is comprised of color-coded entries pertaining to the severity of the login attempt(s) performed by the user account, during the specified time range:

    • Green. All login attempts made were permitted, with no issues.
    • Yellow. "Warning" - Status Code(s) issued that resulted in blocking some login attempts. However, others were permitted, with no issues.
    • Red. "Error" - A login attempt performed by the account that raised a high-level error (e.g., a Brute Force Attack (BFA) was attempted by the account).

Good GEO

  • Country. Extracted by mapping the user's IP address to their location.
  • Region. Extracted by mapping the user's IP address to their location.
  • City. Extracted by mapping the user's IP address to their location.
  • Failed Attempts. Total number of times the account was not granted access due to an incorrect password.
  • Good Passwords after BFAD Lockdown. Total number of times a correct password was used, after enforcement of Brute Force Attack Detection (BFAD), and lockdown of account. Access was still denied.
  • Successful Attempts. Total number of times the account was granted access using a correct password.

📘

The region checkbox is activated for USA and Canada only.

The Bad GEO tab

List access attempts per country ("GEO") that were unsuccessful, using a known user account. This section focuses on blocked attempts from these countries due to the use of an incorrect password.

The "Login Summary" widget in the Bad GEO tab

About the available widgets

Login Summary

  • User. The user account used to access your storage groups during the specified time period, using the selected protocol. Click the filter icon that appears on a hover over each user name entry to restrict data on the page to that user name alone.

  • Status This column is comprised of color-coded entries pertaining to the severity of the login attempt(s) performed by the user account, during the specified time range:

    • Green. All login attempts made were permitted, with no issues.
    • Yellow. "Warning" - Status Code(s) issued that resulted in blocking some login attempts. However, others were permitted, with no issues.
    • Red. "Error" - A login attempt performed by the account that raised a high-level error (e.g., a Brute Force Attack (BFA) was attempted by the account).

Bad GEO

  • Country. Extracted by mapping the user's IP address to their location.
  • Region. Extracted by mapping the user's IP address to their location.
  • City. Extracted by mapping the user's IP address to their location.
  • Failed Attempts. Total number of times the account was not granted access due to an incorrect password.
  • Good Passwords after BFAD Lockdown. Total number of times a correct password was used, after enforcement of Brute Force Attack Detection (BFAD), and lockdown of account. Access was still denied.
  • Successful Attempts. Total number of times the account was granted access using a correct password.

📘

The region checkbox is activated for USA and Canada only.

Updated about 3 years ago